On Thu, Dec 04, 2014 at 11:12:00AM +0000, Lukas Koschmieder wrote:
I'd like to share a single SSS cache database between several node. Therefore,
I'd like to know whether or not it's safe to simply symlink /var/lib/sss/db to a
single/shared network directory?
I don't think it is. Even though we use transaction locks around write
transactions, also various timestamps (time of last enumeration, time of
last cleanup, ...) are stored in the sysdb. These are specific to a
particular sssd_be process running on that machine.
What is your use-case? Why do you need this?
This use-case might be better covered in the next upstream release
(1.13) where we aim at making SSSD work better in containerized
environments, but we still haven't designed the feature well.