SSSD Manual pages

Table of Contents

sssd — System Security Services Daemon


sssd — System Security Services Daemon


sssd [ options ]


SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources as well as D-Bus interface. It is also the basis to provide client auditing and policy services for projects like FreeIPA. It provides a more robust database to store local users as well as extended user data.


-d,--debug-level LEVEL

Debug level to run the daemon with. 0 is the default as well as the lowest allowed value, 10 is the most verbose mode. This setting overrides the settings from config file. This parameter implies -i.

debug_timestamps (bool)

Add a timestamp to the debug messages

Default: false


Send the debug output to files instead of stderr. By default, the log files are stored in /var/log/sssd and there are separate log files for every SSSD service and domain.


Become a daemon after starting up.


Run in the foreground, don't become a daemon.


Specify a non-default config file. The default is /etc/sssd/sssd.conf. For reference on the config file syntax and options, consult the sssd.conf(5) manual page.


Display help message and exit.



Informs the SSSD to gracefully terminate all of its child processes and then shut down the monitor.


Tells the SSSD to stop writing to its current debug file descriptors and to close and reopen them. This is meant to facilitate log rolling with programs like logrotate.


Tells the SSSD to simulate offline operation for one minute. This is mostly useful for testing purposes.


Tells the SSSD to go online immediately. This is mostly useful for testing purposes.


sssd.conf(5), sss_groupadd(8), sss_groupdel(8), sss_groupmod(8), sss_useradd(8), sss_userdel(8), sss_usermod(8).