On Thu, Dec 1, 2016 at 3:46 PM, Simo Sorce <s...@redhat.com> wrote:
> On Thu, 2016-12-01 at 15:22 +0100, Pavel Březina wrote:
>> On 12/01/2016 02:56 PM, Simo Sorce wrote:
>> > On Thu, 2016-12-01 at 14:44 +0100, Pavel Březina wrote:
>> >> On 11/24/2016 02:33 PM, Fabiano Fidêncio wrote:
>> >>> The design page is done  and it's based on this discussion  we
>> >>> had on this very same mailing list. A pull-request with the
>> >>> implementation is already opened .
>> >>> :
>> >>> https://fedorahosted.org/sssd/wiki/DesignDocs/SocketActivatableResponders
>> >>> :
>> >>> https://firstname.lastname@example.org/message/H6JOF5SGGSIJUIWYNANDA73ODHWBS7J2/
>> >>> : https://github.com/SSSD/sssd/pull/84
>> >> I think we should also provide 'disabled_services' option, to give
>> >> admins a way to explicitly disable some responders if the don't want to
>> >> used them.
>> > How would this work ?
>> If responder is listed in disabled_services, it won't be allowed to
>> start via socket activation. If disabling the socket as Fabiano
>> mentioned in the other mail is enough, I'm fine with it, plese test.
> I am not sure this is a good behavior as clients will see a connection
> being accept and then dropped, and may misbehave or report strange
So, thinking a little bit about it Pavel's idea is not bad.
If you have a list of "not allowed"/"disabled" services we can, at
least, report the proper error when enabling the service.
Does this sound reasonable to you?
> Simo Sorce * Red Hat, Inc * New York
> sssd-devel mailing list -- email@example.com
> To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
sssd-devel mailing list -- firstname.lastname@example.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org