realmd: init at 0.17.0

[eliasp]

Motivation for this change

To make it easier to join NixOS systems to ActiveDirectory, I want to make use of realmd.
It consists of the CLI tool realm and the D-Bus activated systemd service realmd.

This PR is still a WIP and so far only provides the package, but no module to configure the service yet.

Things done

• Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
• Built on platform(s)
  • NixOS
  • macOS
  • other Linux distributions
• Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
• Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
• Tested execution of all binary files (usually in ./result/bin/)
• 21.11 Release Notes (or backporting 21.05 Relase notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

[wucke13]

What is required to have this merged? I'm also interested in using it.

[eliasp]

The pkg itself builds just fine, but it's pretty useless without the whole service, so it all comes down to being made useful through a corresponding module which configures + enables the service.

Haven't gotten around to take care of this yet, feel free to pick up where I left off…

[wucke13]

Ah ok :) I'm just wondering, whether a module really is necessary. Naive me would think that it is sufficient to put the package into services.dbus.packages - since this service is only DBUS activated?

Edit:

Most likely, the following is required to use realmd:

{
  services.dbus.packages = [ realmd ];                                                                                
  systemd.packages = [ realmd ];                                                                                      
  environment.systemPackages = [ realmd ];
}

However, this fails on launching the realmd.service with the following error:

systemd[1]: Starting Realm and Domain Configuration...
realmd[224560]: couldn't load distro configuration file: /nix/store/idzzb0lmi9czm4q3l4jbzmam75m9qlk5-realmd-0.17.0/lib/realmd/realmd-distro.conf: No such file or directory
realmd[224560]: couldn't load distro configuration file: /nix/store/idzzb0lmi9czm4q3l4jbzmam75m9qlk5-realmd-0.17.0/lib/realmd/realmd-distro.conf: No such file or directory
systemd[1]: realmd.service: Main process exited, code=dumped, status=5/TRAP
systemd[1]: realmd.service: Failed with result 'core-dump'.
systemd[1]: Failed to start Realm and Domain Configuration.

Upon closer inspection, I believe it would be better not to remove the realmd-distro.conf, but rather to just touch it. All relevant settings are then set via environment.etc."realmd.conf".text = '' ... ''? From the manual:

Only specify the settings you wish to override in the /etc/realmd.conf file. Settings not specified will be loaded from their packaged defaults which can be found in /usr/lib/realmd/realmd-defaults.conf and /usr/lib/realmd/realmd-distro.conf.

Tricky is that we have neither adcli nor ipa-client packaged.

If we would modify the configure script to set privatedir to add this to configureFlags --with-privatedir=/etc/realmd for example, we could avoid all the override stuff and just have no whatever.conf in the package itself. This is not viable, the install script would try to copy stuff to /etc

[s1341]

Anyone get this working?

[SuperSandro2000]

I am not sure what that comment is supposed to tell me

[eliasp]

This was basically just WIP, as building the docs pulled in a huge amount of dependencies and I thought about disabling docs later using --disable-doc.