User: Password:
|
|
Subscribe / Log in / New account

SSSD: System Security Services Daemon

SSSD: System Security Services Daemon

Posted Sep 29, 2011 12:51 UTC (Thu) by nix (subscriber, #2304)
Parent article: SSSD: System Security Services Daemon

Ah. I was wondering if this new daemon was actually doing anything useful on any system I owned. It turns out, no, it isn't, nor will it ever, but it still has to run because things now depend on it. Just like NetworkManager, it's complexity that's only useful for mobile users, because all the world now is mobile and desktop users are an ignorable and dwindling minority or something...

(Sure, unlike NetworkManager, SSSD has never gone wrong and failed to do its job for me, but I certainly recall at least one security hole in it, and a security hole in an authentication system is a big deal.)


(Log in to post comments)

SSSD: System Security Services Daemon

Posted Sep 29, 2011 14:01 UTC (Thu) by sgallagh (subscriber, #80524) [Link]

SSSD does not currently run automatically on any system, nor is it presently required for your system to operate. We are an optional component, usable when you want network identity and authentication. Otherwise (and by default) we do not run on the system.

At this time, SSSD doesn't interact with local users at all. However, in the future we're planning on adding additional features for the desktop. At that time, we may start handling local user accounts as well.

(Such features include central or local storage of additional user data such as language preference, face browser image, etc.)

SSSD: System Security Services Daemon

Posted Sep 29, 2011 20:28 UTC (Thu) by nix (subscriber, #2304) [Link]

Hm. Interesting. If it's not required to operate, why is it running on all my Fedora boxes? I guess it was installed by default, or pulled in by something else: I certainly didn't ask for it.

SSSD: System Security Services Daemon

Posted Sep 30, 2011 11:08 UTC (Fri) by sgallagh (subscriber, #80524) [Link]

The Fedora installation disks install the SSSD package by default so that it's possible to configure network identities during installation and firstboot.

Just because the package is present on the system doesn't mean it's running. Check 'service sssd status'. The design of the SSSD package in Fedora is such that in its default configuration it will fail to start (since it requires configuration specific to your network environment to do anything useful)

SSSD: System Security Services Daemon

Posted Sep 30, 2011 11:55 UTC (Fri) by nix (subscriber, #2304) [Link]

OK, I've proved I can't read ps output as well. I think I've done enough of making myself look like a fool in front of thousands of people for now :)


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds