URL: https://github.com/SSSD/sssd/pull/630 Title: #630: KCM/SECRETS: Use a library to access the secrets storage instead of the secrets responder, deprecate secrets responder
fidencio commented: """ @jhrozek, I found out a few more issues related to the last patch of the latest series, please, take a look at the following patch that could be squashed into yours: ``` diff --git a/Makefile.am b/Makefile.am index 23e094a37..0f36148e8 100644 --- a/Makefile.am +++ b/Makefile.am @@ -4663,8 +4663,6 @@ if HAVE_SYSTEMD_UNIT src/sysv/systemd/sssd-pam.socket \ src/sysv/systemd/sssd-pam-priv.socket \ src/sysv/systemd/sssd-pam.service \ - src/sysv/systemd/sssd-secrets.socket \ - src/sysv/systemd/sssd-secrets.service \ $(NULL) if BUILD_AUTOFS systemdunit_DATA += \ @@ -4683,6 +4681,12 @@ if BUILD_PAC_RESPONDER src/sysv/systemd/sssd-pac.service \ $(NULL) endif +if BUILD_SECRETS + systemdunit_DATA += \ + src/sysv/systemd/sssd-secrets.socket \ + src/sysv/systemd/sssd-secrets.service \ + $(NULL) +endif if BUILD_SSH systemdunit_DATA += \ src/sysv/systemd/sssd-ssh.socket \ @@ -4820,6 +4824,7 @@ src/sysv/systemd/sssd-pam.service: src/sysv/systemd/sssd-pam.service.in Makefile @$(MKDIR_P) src/sysv/systemd/ $(replace_script) +if BUILD_SECRETS src/sysv/systemd/sssd-secrets.socket: src/sysv/systemd/sssd-secrets.socket.in Makefile @$(MKDIR_P) src/sysv/systemd/ $(replace_script) @@ -4827,6 +4832,7 @@ src/sysv/systemd/sssd-secrets.socket: src/sysv/systemd/sssd-secrets.socket.in Ma src/sysv/systemd/sssd-secrets.service: src/sysv/systemd/sssd-secrets.service.in Makefile @$(MKDIR_P) src/sysv/systemd/ $(replace_script) +endif if BUILD_AUTOFS src/sysv/systemd/sssd-autofs.socket: src/sysv/systemd/sssd-autofs.socket.in Makefile @@ -4875,9 +4881,25 @@ src/sysv/systemd/sssd-sudo.service: src/sysv/systemd/sssd-sudo.service.in Makefi endif if BUILD_KCM +if BUILD_SECRETS +kcm_socket_requires = Requires=sssd-secrets.socket +else +kcm_socket_requires = +endif + +kcm_edit_cmd = $(edit_cmd) \ + -e 's|@kcm_socket_requires[@]|$(kcm_socket_requires)|g' + +kcm_replace_script = \ + @rm -f $@ $@.tmp; \ + srcdir=''; \ + test -f ./$@.in || srcdir=$(srcdir)/; \ + $(kcm_edit_cmd) $${srcdir}$@.in >$@.tmp; \ + mv $@.tmp $@ + src/sysv/systemd/sssd-kcm.socket: src/sysv/systemd/sssd-kcm.socket.in Makefile @$(MKDIR_P) src/sysv/systemd/ - $(replace_script) + $(kcm_replace_script) src/sysv/systemd/sssd-kcm.service: src/sysv/systemd/sssd-kcm.service.in Makefile @$(MKDIR_P) src/sysv/systemd/ diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index a9874a10e..706254deb 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -1351,10 +1351,10 @@ done %{_datadir}/sssd-kcm/kcm_default_ccache %{_unitdir}/sssd-kcm.socket %{_unitdir}/sssd-kcm.service -%{_unitdir}/sssd-secrets.socket -%{_unitdir}/sssd-secrets.service %{_mandir}/man8/sssd-kcm.8* %if (0%{?with_secrets} == 1) +%{_unitdir}/sssd-secrets.socket +%{_unitdir}/sssd-secrets.service %{_mandir}/man5/sssd-secrets.5* %endif %endif @@ -1372,7 +1372,6 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %systemd_post sssd-pac.socket %systemd_post sssd-pam.socket %systemd_post sssd-pam-priv.socket -%systemd_post sssd-secrets.socket %systemd_post sssd-ssh.socket %systemd_post sssd-sudo.socket @@ -1383,7 +1382,6 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %systemd_preun sssd-pac.socket %systemd_preun sssd-pam.socket %systemd_preun sssd-pam-priv.socket -%systemd_preun sssd-secrets.socket %systemd_preun sssd-ssh.socket %systemd_preun sssd-sudo.socket @@ -1398,8 +1396,6 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %systemd_postun_with_restart sssd-pam.socket %systemd_postun_with_restart sssd-pam-priv.socket %systemd_postun_with_restart sssd-pam.service -%systemd_postun_with_restart sssd-secrets.socket -%systemd_postun_with_restart sssd-secrets.service %systemd_postun_with_restart sssd-ssh.socket %systemd_postun_with_restart sssd-ssh.service %systemd_postun_with_restart sssd-sudo.socket @@ -1426,6 +1422,18 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %systemd_postun_with_restart sssd-kcm.service %endif +%if (0%{?with_secrets} == 1) +%post secrets +%systemd_postun_with_restart sssd-secrets.socket + +%preun secrets +%systemd_preun_with_restart sssd-secrets.socket + +%postun secrets +%systemd_postun_with_restart sssd-secrets.socket +%systemd_postun_with_restart sssd-secrets.service +%endif + %else # sysv %post common diff --git a/src/sysv/systemd/sssd-kcm.socket.in b/src/sysv/systemd/sssd-kcm.socket.in index 8b742847d..e8a5f0aca 100644 --- a/src/sysv/systemd/sssd-kcm.socket.in +++ b/src/sysv/systemd/sssd-kcm.socket.in @@ -1,7 +1,7 @@ [Unit] Description=SSSD Kerberos Cache Manager responder socket Documentation=man:sssd-kcm(8) -Requires=sssd-secrets.socket +@kcm_socket_requires@ [Socket] ListenStream=@runstatedir@/.heim_org.h5l.kcm-socket ``` """ See the full comment at https://github.com/SSSD/sssd/pull/630#issuecomment-412116116
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/sssd-devel@lists.fedorahosted.org/message/LHTSJAJWD6Y3SODYSUSHXNSBH4Y7PMXP/