linux - 删除后清除 SSSD 缓存

问题描述

我有一个关于 SSSD 缓存的问题。修改用户/添加到组时，缓存会自行清除，这是正确的。问题是从组中删除用户时。缓存没有清理，并且在 getent passwd 中仍然可见。我必须做“su用户”。

我的配置 sssd.conf

[domain/EXAMPLE.PL]
autofs_provider = ldap
ldap_schema = rfc2307
id_provider = ldap
cache_credentials = False

ldap_search_base = dc=ldap,dc=example,dc=com
ldap_user_search_base = dc=ldap,dc=example,dc=com?subtree?(memberOf=cn=accounts_s133,ou=groups,dc=ldap,dc=example,dc=com)
ldap_group_search_base = dc=ldap,dc=example,dc=com?subtree?(memberOf=cn=accounts_s133,ou=groups,dc=ldap,dc=example,dc=com)

ldap_user_object_class = posixAccount
ldap_group_object_class = posixGroup,groupOfNames

ldap_default_bind_dn = cn=admin,dc=ldap,dc=example,dc=com
ldap_default_authtok = XXXXXX
auth_provider = ldap
chpass_provider = ldap
ldap_uri = ldap://X.X.X.X
ldap_id_use_start_tls = False
access_provider = ldap
enumerate = true
access_provider = simple
simple_allow_groups = accounts_s133
debug_level = 6
ldap_purge_cache_timeout = 10
ldap_enumeration_refresh_timeout=10
[sssd]
debug_level = 6
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 10
services = nss, sudo, pam, ssh
domains = EXAMPLE.PL

[nss]
debug_level = 8

filter_groups = root
filter_users = root
reconnection_retries = 3
entry_cache_nowait_percentage = 75
enum_cache_timeout = 10
entry_negative_timeout = 10
ldap_enumeration_refresh_timeout = 10
account_cache_expiration = 10
memcache_timeout = 10
[pam]
debug_level = 6
offline_credentials_expiration = 2
offline_failed_login_attempts = 3
reconnection_retries = 3
offline_failed_login_delay = 5

我看到了选项：account_cache_expiration，但只有几天。删除用户后是否有任何选项可以清除缓存？不是 X 天后，而是几秒后？

标签： linuxldapsssd