On Tue, Feb 25, 2020 at 11:38:29AM +0100, Ronald Wimmer via FreeIPA-users wrote: > I was not aware of that. If I change sudo rules for a certain user do I have > any control on how long the changes take to be effective? Is invalidating > the cache on a client the only option I have?
Hi, you can of course make SSSD to refresh the rules more often by lowering ldap_sudo_smart_refresh_interval (see man sssd-ldap for details). But this will also increase the number of request on your LDAP server. Btw, please note that 'smart refresh' does not cover the case where rules are deleted only new and updated rules are covered. bye, Sumit > > Cheers, > Ronald > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
