Hi,

You can have a look at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/configuring_authentication_and_authorization_in_rhel/index#con_data-flow-when-retrieving-idm-user-information-with-sssd_assembly_troubleshooting-authentication-with-sssd-in-idm. The diagram shows the "memcache" and "LDB cache".

I hope I'm not mixing both but I believe the "memcache" corresponds to /var/lib/sss/mc/* while "LDB cache" to /var/lib/sss/db/. The commands sss_cache and sssctl cache-expire invalidate the records in the cache, which I understand as "mark them as if they were expired", not as "delete them". From sss_cache man page: "Invalidated records are forced to be reloaded from server as soon as related SSSD backend is online."

flo

On Thu, Dec 9, 2021 at 3:43 PM Ronald Wimmer via FreeIPA-users <freeipa-users@lists.fedorahosted.org> wrote:

In the past I always cleared sssd's cache by doing a

rm -rf /var/lib/sss/db/*

Today I found out that we should clear /var/lib/sss/mc/* as well? Is
that correct?

What am I gaining from using the rm command compared to

sss_cache -E
or
sssctl cache-expire

Thanks a lot for clarification!

Cheers,
Ronald
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure