"DB version is too old" warnings

Hi,

I have Rocky Linux 8 running on my workstation and laptop. I just deleted a system group using groupdel and got the following message which looks like a warning:

[sss_cache] [sysdb_domain_cache_connect] (0x0010): DB version too old [0.23], 
expected [0.24] for domain implicit_files!

Should I be worried? And what do I need to do to use groupdel without any warnings?

Cheers,

Niki

I don’t have subscription, but the first lines of How to disable implicit_files domain in sssd on RHEL8 - Red Hat Customer Portal reveal where that comes from.

However, man sssd.conf says:

enable_files_domain (boolean)
    When this option is enabled, SSSD prepends an implicit domain with “id_provider=files” before any explicitly configured domains.
    Default: false

So it is not clear whether it is default or not. Anyway:

id_provider (string)
    The identification provider used for the domain. Supported ID providers are:
    ...
    “files”: FILES provider. See sssd-files(5) for more information on how to mirror local users and groups into SSSD.
    ....

man sssd-files writes:

The files provider mirrors the content of the passwd(5) and group(5) files. The purpose of the files provider is to make the users and groups traditionally only accessible with NSS interfaces also available through the SSSD interfaces such as sssd-ifp(5).

Another reason is to provide efficient caching of local users and groups.

Please note that besides explicit domain definition the files provider can be configured also implicitly using ‘enable_files_domain’ option. See sssd.conf(5) for details.


That does not explain the warning though.

The groupdel is in shadow-utils but there is also lgroupdel in libuser. The latter seems to ignore ldap/sssd by default. The former does not. That explains why sss got involved with groupdel.

However, by above, sssd merely caches passwd and group. They are not “DB 0.x”, are they?
Therefore, the cache (created by sssd) is. How could it be of wrong version?


PS. ansible-doc ansible.builtin.group shows option:

- local
    Forces the use of "local" command alternatives on platforms that implement it.
    This is useful in environments that use centralized authentication when you
    want to manipulate the local groups.
    (for example, it uses `lgroupadd' instead of `groupadd').
    This requires that these commands exist on the targeted host, otherwise it will be a fatal error.
    default: false
    type: bool
    added in: version 2.6 of ansible-core
1 Like