On (02/01/23 21:21), François Rigault wrote:
> This is not exactly what you want, but did you consider changing
the uid
> used in the container?
so, we run images that are supported and built by the vendor, who recommend against this
(ticket:
https://bugzilla.redhat.com/show_bug.cgi?id=1565929#c12).
maybe tools like top should not try to resolve user names for processes running within a
user namespace to start with.
I poke around and it should nevertheless be quite straightforward (for a prototype at
least) to filter users by uid with something like
https://github.com/freedge/sssd/commit/576340edf8e041bd1a17da52880fe84695...
IMHO the new option `filter_uids` would be a bit more clear approach.
But one might still try to use current features for
negative cache of local users.
man sssd.conf -> local_negative_timeout
```
local_negative_timeout (integer)
Specifies for how many seconds nss_sss should keep local users and
groups in negative cache before trying to look it up in the back
end again. Setting the option to 0 disables this feature.
Default: 14400 (4 hours)
```
One just would need to add dummy user with that UID.
LS
Thank you!
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahoste...
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue