#2166 [RFE] SSSD cache database reporting
Closed: Fixed None Opened 10 years ago by dpal.

Ticket was cloned from Red Hat Bugzilla (product RHEL RFE): Bug 1036068

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

1. Proposed title of this feature request
SSSD cache database reporting

2. What is the nature and description of the request?
Request for new high level SSSD report tooling to verify if entries like
users, groups, netgroups, automount maps etc. are present in cache and are
still valid.

3. Why is this needed?
SSSD is lacking admin/support tooling (cli) to manage and control SSSD.
Admins need to check the status of the SSSD cache for quick trouble shooting purposes and to resolve end-users support requests.


A. Have a tool to check if a entry is present in SSSD cache like:

   # <sssd_lookup> <map> <entry>
     - report whether the entry is present in SSSD cache

   Which would return whether the mentioned entry is served from cache or not.

B. Have a tool to check if the cached entry is valid (i.e. the entry in the
   back-end domain is not newer than the cached entry:

   # <sssd_status> <map> <entry>
     - is entry present in cache?
       - no
         - report that entry is not in cache
         - fetch from back-end domain
         - populate cache
         - return entry information
       - yes
         - check if entry in back-end domain is more recent
           - yes
             - report that entry is expired
             - fetch from back-end domain
             - populate cache
             - return entry information
           - no
             - report that entry is not expired
             - return entry information



The current sss_cache and ldbsearch tools provide some of the requested functionality but only provide lowlevel information and are thus not easy to interpret by first line administrators.

Also see tickets #1220, #1221, #1222, #1223


I talked to the person who requested this RFE. We can reuse pieces of the sss_query tool that was started as a thesis and then abandoned.

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.13 beta

Fields changed

keywords: => Status

Fields changed

mark: => 1

Makes sense to do together with the dbus sssdctl interface.

Downstream no longer requires this RFE. Moving to backlog.

milestone: SSSD 1.13 beta => SSSD 1.13 backlog

Moving to the next upstream release.

Either of Pavels will work on this feature. Please split the tickets between you as appropriate.

cc: => pbrezina, preichl
milestone: SSSD 1.13 backlog => SSSD 1.14 alpha
priority: major => critical
sensitive: => 0

We agreed to only add the interface changes in Alpha and the rest of the work in Beta so that the Alpha release is small.

milestone: SSSD 1.14 alpha => SSSD 1.14 beta

Patches already saw a first round of review on the list.

owner: somebody => pbrezina
patch: 0 => 1

Fields changed

resolution: => fixed
status: new => closed

Metadata Update from @dpal:
- Issue assigned to pbrezina
- Issue set to the milestone: SSSD 1.14 beta

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3208

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata