For recent versions of sssd, the monitor (the sssd.service) won’t even
start unless at least one domain is configured.
As sssd.conf(5) notes, all sssd services can be socket-activated when
needed. There is no need to list any services in the "services"
parameter in [sssd].
So, this leads to a que
Hi,
What OS are running on your system?
What is the output of `cat /etc/nsswitch.conf | grep passwd` on your system?
Do you use SSSD on purpose?
On Tue, Mar 15, 2022 at 7:45 PM Brian J. Murrell
wrote:
> I am getting some SELinux AVC alerts for a given process in a given domain
> that seems t
I am getting some SELinux AVC alerts for a given process in a given domain that
seems to want to be able to read files in /var/lib/sss/.
strace(1)ing the (unprivileged) process it seem to want to do the following:
4024612 openat(AT_FDCWD, "/var/lib/sss/mc/passwd", O_RDONLY|O_CLOEXEC) = -1
EACCE