1SSSD-FILES(5)            File Formats and Conventions            SSSD-FILES(5)
2
3
4

NAME

6       sssd-files - SSSD files provider
7

DESCRIPTION

9       This manual page describes the files provider for sssd(8). For a
10       detailed syntax reference, refer to the “FILE FORMAT” section of the
11       sssd.conf(5) manual page.
12
13       The files provider mirrors the content of the passwd(5) and group(5)
14       files. The purpose of the files provider is to make the users and
15       groups traditionally only accessible with NSS interfaces also available
16       through the SSSD interfaces such as sssd-ifp(5).
17
18       Another reason is to provide efficient caching of local users and
19       groups.
20
21       Please note that some distributions enable the files domain
22       automatically, prepending the domain before any explicitly configured
23       domains. See enable_files_domain in sssd.conf(5).
24
25       SSSD never handles resolution of user/group "root". Also resolution of
26       UID/GID 0 is not handled by SSSD. Such requests are passed to next NSS
27       module (usually files).
28
29       When SSSD is not running or responding, nss_sss returns the UNAVAIL
30       code which causes the request to be passed to the next module.
31

CONFIGURATION OPTIONS

33       In addition to the options listed below, generic SSSD domain options
34       can be set where applicable. Refer to the section “DOMAIN SECTIONS” of
35       the sssd.conf(5) manual page for details on the configuration of an
36       SSSD domain. But the purpose of the files provider is to expose the
37       same data as the UNIX files, just through the SSSD interfaces.
38       Therefore not all generic domain options are supported. Likewise, some
39       global options, such as overriding the shell in the “nss” section for
40       all domains has no effect on the files domain unless explicitly
41       specified per-domain.
42
43       passwd_files (string)
44           Comma-separated list of one or multiple password filenames to be
45           read and enumerated by the files provider, inotify monitor watches
46           will be set on each file to detect changes dynamically.
47
48           Default: /etc/passwd
49
50       group_files (string)
51           Comma-separated list of one or multiple group filenames to be read
52           and enumerated by the files provider, inotify monitor watches will
53           be set on each file to detect changes dynamically.
54
55           Default: /etc/group
56

EXAMPLE

58       The following example assumes that SSSD is correctly configured and
59       files is one of the domains in the [sssd] section.
60
61           [domain/files]
62           id_provider = files
63
64       To leverage caching of local users and groups by SSSD nss_sss module
65       must be listed before nss_files module in /etc/nsswitch.conf.
66
67           passwd:     sss files
68           group:      sss files
69
70

SEE ALSO

72       sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5),
73       sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd-sudo(5), sssd-session-
74       recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8),
75       sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8),
76       sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8).  sss_rpcidmapd(5)
77       sssd-systemtap(5)
78

AUTHORS

80       The SSSD upstream - https://github.com/SSSD/sssd/
81
82
83
84SSSD                              02/19/2021                     SSSD-FILES(5)
Impressum