SSSD - Online Linux Manual PageSection : 8
Updated : 01/26/2023
Source : SSSD
Note : SSSD Manual pages

NAMEsssd − System Security Services Daemon

SYNOPSISsssd [options]

DESCRIPTIONSSSD provides a set of daemons to manage access to remote directories and authentication mechanisms​. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources as well as D−Bus interface​. It is also the basis to provide client auditing and policy services for projects like FreeIPA​. It provides a more robust database to store local users as well as extended user data​.

OPTIONS−d,−−debug−level LEVEL SSSD supports two representations for specifying the debug level​. The simplest is to specify a decimal value from 0−9, which represents enabling that level and all lower−level debug messages​. The more comprehensive option is to specify a hexadecimal bitmask to enable or disable specific levels (such as if you wish to suppress a level)​. Please note that each SSSD service logs into its own log file​. Also please note that enabling debug_level in the [sssd] section only enables debugging just for the sssd process itself, not for the responder or provider processes​. The debug_level parameter should be added to all sections that you wish to produce debug logs from​. In addition to changing the log level in the config file using the debug_level parameter, which is persistent, but requires SSSD restart, it is also possible to change the debug level on the fly using the sss_debuglevel(8) tool​. Currently supported debug levels: 0, 0x0010: Fatal failures​. Anything that would prevent SSSD from starting up or causes it to cease running​. 1, 0x0020: Critical failures​. An error that doesn't kill SSSD, but one that indicates that at least one major feature is not going to work properly​. 2, 0x0040: Serious failures​. An error announcing that a particular request or operation has failed​. 3, 0x0080: Minor failures​. These are the errors that would percolate down to cause the operation failure of 2​. 4, 0x0100: Configuration settings​. 5, 0x0200: Function data​. 6, 0x0400: Trace messages for operation functions​. 7, 0x1000: Trace messages for internal control functions​. 8, 0x2000: Contents of function−internal variables that may be interesting​. 9, 0x4000: Extremely low−level tracing information​. 9, 0x20000: Performance and statistical data, please note that due to the way requests are processed internally the logged execution time of a request might be longer than it actually was​. 10, 0x10000: Even more low−level libldb tracing information​. Almost never really required​. To log required bitmask debug levels, simply add their numbers together as shown in following examples: Example: To log fatal failures, critical failures, serious failures and function data use 0x0270​. Example: To log fatal failures, configuration settings, function data, trace messages for internal control functions use 0x1310​. Note: The bitmask format of debug levels was introduced in 1​.7​.0​. Default: 0x0070 (i​.e​. fatal, critical and serious failures; corresponds to setting 2 in decimal notation) −−debug−timestamps=mode 1: Add a timestamp to the debug messages 0: Disable timestamp in the debug messages Default: 1 −−debug−microseconds=mode 1: Add microseconds to the timestamp in debug messages 0: Disable microseconds in timestamp Default: 0 −−logger=value Location where SSSD will send log messages​. stderr: Redirect debug messages to standard error output​. files: Redirect debug messages to the log files​. By default, the log files are stored in /var/log/sssd and there are separate log files for every SSSD service and domain​. journald: Redirect debug messages to systemd−journald Default: not set (fall back to journald if available, otherwise to stderr) −D,−−daemon Become a daemon after starting up​. −i,−−interactive Run in the foreground, don't become a daemon​. −c,−−config Specify a non−default config file​. The default is /etc/sssd/sssd​.conf​. For reference on the config file syntax and options, consult the sssd.conf(5) manual page​. −g,−−genconf Do not start the SSSD, but refresh the configuration database from the contents of /etc/sssd/sssd​.conf and exit​. −s,−−genconf−section Similar to −−genconf, but only refresh a single section from the configuration file​. This option is useful mainly to be called from systemd unit files to allow socket−activated responders to refresh their configuration without requiring the administrator to restart the whole SSSD​. −?,−−help Display help message and exit​. −−version Print version number and exit​.

SIGNALSSIGTERM/SIGINT Informs the SSSD to gracefully terminate all of its child processes and then shut down the monitor​. SIGHUP Tells the SSSD to stop writing to its current debug file descriptors and to close and reopen them​. This is meant to facilitate log rolling with programs like logrotate​. SIGUSR1 Tells the SSSD to simulate offline operation for the duration of the offline_timeout parameter​. This is useful for testing​. The signal can be sent to either the sssd process or any sssd_be process directly​. SIGUSR2 Tells the SSSD to go online immediately​. This is useful for testing​. The signal can be sent to either the sssd process or any sssd_be process directly​.

NOTESIf the environment variable SSS_NSS_USE_MEMCACHE is set to "NO", client applications will not use the fast in−memory cache​. If the environment variable SSS_LOCKFREE is set to "NO", requests from multiple threads of a single application will be serialized​.

SEE ALSOsssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd-sudo(5), sssd-session-recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8)​. sss_rpcidmapd(5) sssd-systemtap(5)

AUTHORSThe SSSD upstream − https://github​.com/SSSD/sssd/
0
Johanes Gumabo
Data Size   :   23,940 byte
man-sssd.8Build   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   2 / 229,303
Visitor ID   :     :  
Visitor IP   :   3.147.42.34   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.