On Fri, Jan 16, 2015 at 10:55:37PM +0200, Nikolai Kondrashov wrote:
> On 01/16/2015 08:29 PM, Nikolai Kondrashov wrote:
> >On 01/16/2015 06:54 PM, Jakub Hrozek wrote:
> >>On Fri, Jan 16, 2015 at 06:40:51PM +0200, Nikolai Kondrashov wrote:
> >>>On 01/16/2015 02:48 PM, Lukas Slebodnik wrote:
> >>>>On (16/01/15 14:22), Nikolai Kondrashov wrote:
> >>>>>On 01/14/2015 08:09 PM, Lukas Slebodnik wrote:
> >>>>>>Using fakeroot is much better solution then adding hack with env
> >>>>>>variables.
> >>>>>>
> >>>>>>BTW fakeroot provides a fake root environment by means of LD_PRELOAD.
> >>>>>>The only disadvantage of fakeroot is that is not available on all
> >>>>>>platforms.
> >>>>>>(but there is not problem to prepare COPR repo)
> >>>>>>
> >>>>>>So basically there is not a big difference between fakeroot and other
> >>>>>>cwrap
> >>>>>>packages.
> >>>>>
> >>>>>Just an update: it's not all rainbows in the fakeroot land either. It's
> >>>>>not
> >>>>>wrapping open()/create(). That means that all files sssd creates belong
> >>>>>to
> >>>>>root under fakeroot (even though it can chown them to anything), which
> >>>>>is not
> >>>>>compatible with --with-sssd-user.
> >>>>>
> >>>>>I'm also having some problem starting sssd as root under fakeroot.
> >>>>>Something
> >>>>>to do with D-BUS sockets probably.
> >>>>We do not use dbus communication directly (execpt sssd_ifp.
> >>>>We use unix sockets and libdbus is used just for marshaling.
> >>>
> >>>Ah, yes, I think I can see that now.
> >>>
> >>>>>Will keep digging.
> >>>>
> >>>>Feel free to send mails to sssd-devel with any problem.
> >>>
> >>>Thank you, Lukas.
> >>>
> >>>I think this has something to do with my problems:
> >>>
> >>> stat("/root/.dbus-keyrings", 0x7fff248f2490) = -1 EACCES (Permission
> >>> denied)
> >>
> >>Which process does this? Can you post more context?
> >>
> >>The sbus communication is peer-to-peer..
> >
> >sssd and sssd_be. I've got all the logs and straces and whatever. Basically,
> >it seems D-Bus is trying to store its keyring in ~/.dbus-keyrings directory.
> >With user being root it naturally tries to store it in /root/.dbus-keyrings.
> >
> >Actually, as we have control of passswd database, we can put root's home
> >anywhere. I'll try that.
>
> Yep, that helped.
>
> However, I wonder does it really put its keyring into root's
> home during normal operation and if that's what we want.
To be honest, this is a detail of D-Bus I don't know. Colin Walters
might know better..
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
