Greetings,
we run some podman containers that come with their own local users, such as this one:
ironic-inspector:x:42461:42461::/var/lib/ironic-inspector:/usr/sbin/nologin
when running a top on the server, top tries to resolve the user name for that id and
fails, however there is still a BE_REQ_USER request sent:
(2022-12-30 22:42:33): [be[MY.DOMAIN.NET]] [dp_get_account_info_send] (0x0200): Got
request for [0x1][BE_REQ_USER][idnumber=42461]
I would hope to get rid of these requests against the domain.
unfortunately in
MY.DOMAIN.NET there are uids below and above this number, so I cannot
rely on the "min_id" parameter to filter users.
I would like to know if it is possible to support using user ids in the [nss] filter_users
to prevent those user requests to the domain, or if anyone has any other suggestion.
I increased the entry_negative_timeout to reduce the number of queries, but filtering them
out entirely would be even better.
Thank you!