When leaving a domain using : $ realm leave it should be great if the sssd ccache file /var/lib/sss/db/ccache_$DOMAIN could be destroyed. Otherwise this will lead to issues when joining the domain again as long as the old ccache file is still in use.
We run the following command to clear the cache when leaving a domain: /usr/sbin/sss_cache --users --groups --netgroups --services --autofs-maps It seems that this should be sufficient. What information is sss_cache leaving in the cache that is problematic?
The credential cache file is left over, as stated in my original report.
I'm asking the sssd guys why sss_cache doesn't clean up as expected. https://bugzilla.redhat.com/show_bug.cgi?id=1007969#c6
The SSSD guys have filed this as a bug in sss_cache: https://fedorahosted.org/sssd/ticket/2671 I guess lets leave this bug open so we can add that option sss_cache option to the our invocation of sss_cache when it's ready.
-- GitLab Migration Automatic Message -- This bug has been migrated to freedesktop.org's GitLab instance and has been closed from further activity. You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.freedesktop.org/realmd/realmd/issues/15.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.