sssd(8) - c6

1SSSD(8)                        SSSD Manual pages                       SSSD(8)
2
3
4

NAME

6       sssd - System Security Services Daemon
7

SYNOPSIS

9       sssd [options]
10

DESCRIPTION

12       SSSD provides a set of daemons to manage access to remote directories
13       and authentication mechanisms. It provides an NSS and PAM interface
14       toward the system and a pluggable backend system to connect to multiple
15       different account sources as well as D-Bus interface. It is also the
16       basis to provide client auditing and policy services for projects like
17       FreeIPA. It provides a more robust database to store local users as
18       well as extended user data.
19

OPTIONS

21       -d,--debug-level LEVEL
22           SSSD supports two representations for specifying the debug level.
23           The simplest is to specify a decimal value from 0-9, which
24           represents enabling that level and all lower-level debug messages.
25           The more comprehensive option is to specify a hexadecimal bitmask
26           to enable or disable specific levels (such as if you wish to
27           suppress a level).
28
29           Please note that each SSSD service logs into its own log file. Also
30           please note that enabling “debug_level” in the “[sssd]” section
31           only enables debugging just for the sssd process itself, not for
32           the responder or provider processes. The “debug_level” parameter
33           should be added to all sections that you wish to produce debug logs
34           from.
35
36           In addition to changing the log level in the config file using the
37           “debug_level” parameter, which is persistent, but requires SSSD
38           restart, it is also possible to change the debug level on the fly
39           using the sss_debuglevel(8) tool.
40
41           Currently supported debug levels:
42
43
44           0, 0x0010: Fatal failures. Anything that would prevent SSSD from
45           starting up or causes it to cease running.
46
47
48           1, 0x0020: Critical failures. An error that doesn´t kill the SSSD,
49           but one that indicates that at least one major feature is not going
50           to work properly.
51
52
53           2, 0x0040: Serious failures. An error announcing that a particular
54           request or operation has failed.
55
56
57           3, 0x0080: Minor failures. These are the errors that would
58           percolate down to cause the operation failure of 2.
59
60
61           4, 0x0100: Configuration settings.
62
63
64           5, 0x0200: Function data.
65
66
67           6, 0x0400: Trace messages for operation functions.
68
69
70           7, 0x1000: Trace messages for internal control functions.
71
72
73           8, 0x2000: Contents of function-internal variables that may be
74           interesting.
75
76
77           9, 0x4000: Extremely low-level tracing information.
78
79           To log required bitmask debug levels, simply add their numbers
80           together as shown in following examples:
81
82
83           Example: To log fatal failures, critical failures, serious failures
84           and function data use 0x0270.
85
86
87           Example: To log fatal failures, configuration settings, function
88           data, trace messages for internal control functions use 0x1310.
89
90
91           Note: The bitmask format of debug levels was introduced in 1.7.0.
92
93
94           Default: 0
95
96       --debug-timestamps=mode
97
98           1: Add a timestamp to the debug messages
99
100
101           0: Disable timestamp in the debug messages
102
103           Default: 1
104
105       --debug-microseconds=mode
106
107           1: Add microseconds to the timestamp in debug messages
108
109
110           0: Disable microseconds in timestamp
111
112           Default: 0
113
114       -f,--debug-to-files
115           Send the debug output to files instead of stderr. By default, the
116           log files are stored in /var/log/sssd and there are separate log
117           files for every SSSD service and domain.
118
119       -D,--daemon
120           Become a daemon after starting up.
121
122       -i,--interactive
123           Run in the foreground, don´t become a daemon.
124
125       -c,--config
126           Specify a non-default config file. The default is
127           /etc/sssd/sssd.conf. For reference on the config file syntax and
128           options, consult the sssd.conf(5) manual page.
129
130       -?,--help
131           Display help message and exit.
132
133       --version
134           Print version number and exit.
135

SIGNALS

137       SIGTERM/SIGINT
138           Informs the SSSD to gracefully terminate all of its child processes
139           and then shut down the monitor.
140
141       SIGHUP
142           Tells the SSSD to stop writing to its current debug file
143           descriptors and to close and reopen them. This is meant to
144           facilitate log rolling with programs like logrotate.
145
146       SIGUSR1
147           Tells the SSSD to simulate offline operation for the duration of
148           the “offline_timeout” parameter. This is useful for testing. The
149           signal can be sent to either the sssd process or any sssd_be
150           process directly.
151
152       SIGUSR2
153           Tells the SSSD to go online immediately. This is useful for
154           testing. The signal can be sent to either the sssd process or any
155           sssd_be process directly.
156

NOTES

158       If the environment variable SSS_NSS_USE_MEMCACHE is set to "NO", client
159       applications will not use the fast in memory cache.
160

AUTHORS

170       The SSSD upstream - http://fedorahosted.org/sssd
171
172
173
174SSSD                              01/15/2019                           SSSD(8)