ID lookups taking a very long time after authselect-libs from authselect-libs-1.2.6-2.el9.x86_64 to authselect-libs-1.2.6-3.el9.x86_64

################

1. time id rakkumar
   uid=4364(rakkumar) gid =4364(rakkumar) groups=4364(rakkumar)

real 5m0.012s
user 0m0.001s
sys 0m0.004s
=========

Eventually we discovered that the authselect-libs package made a slight change to /etc/nsswitch.conf and that was causing timeouts for various commands (ls -l, id)

This was the original line that changed ( /etc/nsswtich.conf)
====
group: files [SUCCESS=merge] sss [SUCCESS=merge] systemd

===

system call is showing the same

1154214 16:45:20.777869 openat(AT_FDCWD</usr>, "/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3</etc/authselect/nsswitch.conf> <0.000024>
1154214 16:45:20.777941 fstat(3</etc/authselect/nsswitch.conf>,

{st_dev=makedev(0xfd, 0), st_ino=186, st_mode=S_IFREG|0644, st_nlink=1, st_uid=0, st_gid= 0, st_blksize=4096, st_blocks=8, st_size=3043, st_atime=1748307943 /* 2025-05-26T18:05:43.086881226-0700 /, st_atime_nsec=86881226, st_mtime=1747845453 / 2025-05-21T09:37:33.281972000-0700 /, st_mtime_nsec=281972000, st_ctime=1747875931 / 2025-05-21T18:05:31.164685479-0700 /, st_ctime_nsec=164685479}

) = 0 <0.000010>
1154214 16:45:20.777999 read(3</etc/authselect/nsswitch.conf>, "# Generated by authselect on Thu May 15 18:16:18 2025\n# Do not modify this file manually
.\n\n# If you want to make changes to nsswitch.conf please modify\n# /etc/authselect/user-nsswitch.conf and run 'authselect apply-changes'.\n#\n# Note th
at your changes may not be applied as they may be\n# overwritten by selected profile. Maps set in the authselect\n# profile takes always precedence and o
verwrites the same maps\n# set in the user file. Only maps that are not set by the profile\n# are applied from the user file.\n#\n# For example, if the p
rofile sets:\n# passwd: sss files\n# and /etc/authselect/user-nsswitch.conf contains:\n# passwd: files\n# hosts: files dns\n# the resulting g
enerated nsswitch.conf will be:\n# passwd: sss files # from profile\n# hosts: files dns # from user file\n\npasswd: files sss systemd\n#*grou
p: files [SUCCESS=merge] sss [SUCCESS=merge] systemd\ngroup:* files sss systemd\nnetgroup: sss files\nautomount: sss files\nservices: sss f
iles\n\n# Included from /etc/authselect/user-nsswitch.conf\n\n#\n# /etc/nsswitch.conf\n#\n# Name Service Switch config file. This file should be\n# sorte
d with the most-used services at the beginning.\n#\n# Valid databases are: aliases, ethers, group, gshadow, hosts,\n# initgroups, netgroup, networks, pas
swd, protocols, publickey,\n# rpc, services, and shadow.\n#\n# Valid service provider entries include (in alphabetical order):\n#\n#\tcompat\t\t\tUse /et
c files plus _compat pseudo-db\n#\tdb\t\t\tUse the pre-processed /var/db files\n#\tdns\t\t\tUse DNS (Domain Name Service)\n#\tfiles\t\t\tUse the local f
iles in /etc\n#\thesiod\t\t\tUse Hesiod (DNS) for user lookups\n#\n# See info libc 'NSS Basics' for more information.\n#\n# Commonly used alternative s
ervice providers (may need installation):\n#\n#\tldap\t\t\tUse LDAP directory server\n#\tmyhostname\t\tUse systemd host names\n#\tmymachines\t\tUse syste
md machine names\n#\tmdns, mdns_minimal\tUse Avahi mDNS/DNS-SD\n#\tresolve\t\t\tUse systemd resolved resolver\n#\tsss\t\t\tUse System Security Services
Daemon (sssd)\n#\tsystemd\t\t\tUse systemd for dynamic user option\n#\twinbind\t\t\tUse Samba winbind support\n#\twins\t\t\tUse Samba wins support\n#\tw
rapper\t\t\tUse wrapper module for testing\n#\n# Notes:\n#\n# 'sssd' performs its own 'files'-based caching, so it should generally\n# come before 'files
'.\n#\n# WARNING: Running nscd with a secondary caching service like sssd may\n# \t lead to unexpected behaviour, especially with how long\n# \t entr
ies are cached.\n#\n# Installation instructions:\n#\n# To use 'db', install the appropriate package(s) (provide 'makedb' and\n# libnss_db.so.), and plac
e the 'db' in front of 'files' for entries\n# you want to be looked up first in the databases, like this:\n#\n# passwd: db files\n# shadow: db file
s\n# group: db files\n\n# In order of likelihood of use to accelerate lookup.\nshadow: files\nhosts: files dns myhostname\n\naliases: fil
es\nethers: files\ngshadow: files\n# Allow initgroups to default to the setting for group.\n# initgroups: files\nnetworks: files dns\nprotocols:
files\npublickey: files\nrpc: files\n", 4096) = 3043 <0.000011>
1154214 16:45:20.778083 read(3</etc/authselect/nsswitch.conf>, "", 4096) = 0 <0.000010>
1154214 16:45:20.778127 fstat(3</etc/authselect/nsswitch.conf>,

{st_dev=makedev(0xfd, 0), st_ino=186, st_mode=S_IFREG|0644, st_nlink=1, st_uid=0, st_gid= 0, st_blksize=4096, st_blocks=8, st_size=3043, st_atime=1748307943 / 2025-05-26T18:05:43.086881226-0700 /, st_atime_nsec=86881226, st_mtime=1747845453 / 2025-05-21T09:37:33.281972000-0700 /, st_mtime_nsec=281972000, st_ctime=1747875931 / 2025-05-21T18:05:31.164685479-0700 */, st_ctime_nsec=164685479}

) = 0 <0.000012>

==-----

as a workaround :

We changed that line back to this (in /etc/nsswtich.conf)
===
group: files sss systemd