On 11/27/2014 11:37 PM, Lukas Slebodnik wrote:
On (27/11/14 22:50), Nikolai Kondrashov wrote:
On 11/27/2014 03:59 PM, Lukas Slebodnik wrote:
On (27/11/14 15:09), Nikolai Kondrashov wrote:
While trying to arrange running sssd under cwrap in "make check" I came upon
this roadblock:
There doesn't seem to be a way to make libnsss_sss use server sockets in
non-default location at runtime, only at build time. And it seems that doing
it at runtime would be a security issue.
That means that we can't include tests involving libnss_sss into "make check",
as that is not guaranteed to be invoked on a build with a special location
where the current user can write to.
This leaves us with being able to run these tests under CI only, which can
arrange for special configure options and thus locations.
Could there be another way? Am I missing something?
I didn't try but NSS_WRAPPER_MODULE_SO_PATH should be used for this purpose.
http://cwrap.org/nss_wrapper.html
If it doesn't it will be the best candidate for RFE
It seems to only specify which module (shared library) to load, but doesn't
affect where the library is looking for the sssd server socket.
Or am I missing some trick?
If I read code of nss_wrapper correctly then "/etc/nsswitch" will not be used.
(nwrap_backend_init, nwrap_module_init, nwrap_load_module)
Um, yes, but I don't see how that's helping and I don't really know what these
functions do.
Jakub or Andreas should know it better.
Perhaps I totally misunderstand the way libnss_sss talks to sssd.
Nick
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
