Description of problem: In order to support https://fedoraproject.org/wiki/Changes/SSSDCacheForLocalUsers we should change the order of the NSS modules configured in NSS switch so that sss comes before files Version-Release number of selected component (if applicable): glibc-2.25-1.fc26.x86_64 How reproducible: always Steps to Reproduce: 1. dnf install sssd 2. systemctl start sssd 3. strace getent passwd $user_from_etc_passwd Actual results: /etc/passwd is opened and read on every request Expected results: The first request reads from /var/lib/sss/pipes/nss, subsequent requests read from /var/lib/sss/mc/passwd Additional info: The first version in Fedora that ships the files provider is sssd-1.15.0-4.fc26 in case you want to add conflicts with a previous version of sssd-client.
Created attachment 1258662 [details] a proposed patch Reverses the order of the sss and files modules in nsswitch.conf. The shadow modules are not reversed -- and it would be pointless since sssd doesn't implement the shadow map and probably never will. We might as well remove sss from the shadow map altogether.
(In reply to Jakub Hrozek from comment #1) > Created attachment 1258662 [details] > a proposed patch > > Reverses the order of the sss and files modules in nsswitch.conf. The shadow > modules are not reversed -- and it would be pointless since sssd doesn't > implement the shadow map and probably never will. We might as well remove > sss from the shadow map altogether. Thanks, applied.