Learn more about these different git repos.
Other Git URLs
Currently SSSD man pages do not elaborate cached credentials storing much. Below are some suggestions for improvements.
cache_credentials (bool) Determines if user credentials are also cached in the local LDB cache
It would helpful to state what is actually stored in the local caches (e.g., plain passwords vs hashes), where are the cache files located and perhaps something about their file system level access permissions.
krb5_store_password_if_offline (boolean) Store the password of the user if the provider is offline and use it to request a TGT when the provider gets online again. Please note that this feature currently only available on a Linux platform.
Here it would be helpful to explain where the password is stored (and again plain password vs hash), how long shall it stay stored, and what are the security considerations (e.g., who has access to it).
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.7.0 owner: somebody => sgallagh priority: major => minor status: new => assigned
patch: 0 => 1
Fixed by: - c6fbe64 (master) - 82faa52 (sssd-1-6) - 52220ad (sssd-1-5)
component: SSSD => Documentation milestone: SSSD 1.7.0 => SSSD 1.5.14 resolution: => fixed status: assigned => closed
rhbz: => 0
Metadata Update from @myllynen: - Issue assigned to sgallagh - Issue set to the milestone: SSSD 1.5.14
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2030
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.