On (16/01/19 09:14), Maupertuis Philippe wrote:
Hi I am trying to find out how th sssd cache is being populated. I couldn't find much about it so I did some tests. It seems that with enumerate = true, the cache holds all the information needed as soon as sssd is started. With enumerate = false, the cache holds information about someone only after his first connection. Is that right ? I would like to be sure that user's passwords are stored in the cache but couldn't find any way to verify this With sssctl user-show I can find if a user is in the cache but with no details. With sssctl user-checks I get some information about the user but nothing about the password. By examining directly the cache with ldbsearch I don't find any password information either, only maybe shadowLastChange: with a number which I don't understand. Is there any documentation about the cache management ?
Hashed password is cached only after successful authentication. It is not rerieved by "getent passwd $user".
sssd cache is internal cache and should not be used directly by user. May I know what do you want to achieve?
LS