Skip to content
Permalink
Browse files

SSSD: Add a list of dependent services to sssd.service

Let's add a list of dependent services to the sssd unit file so we can
have all those services enable by default when enabling sssd unit.

As it differs from our first approach were all services were disabled by
default, the manuals have also been updated.

Related:
https://fedorahosted.org/sssd/ticket/2243

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
  • Loading branch information...
fidencio committed Jan 24, 2017
1 parent 560daa1 commit 06a5fbf5275271b89ce1a889096b4a6869b7fb18
Showing with 19 additions and 7 deletions.
  1. +13 −1 Makefile.am
  2. +1 −2 src/man/sssd-sudo.5.xml
  3. +4 −3 src/man/sssd.conf.5.xml
  4. +1 −1 src/sysv/systemd/sssd.service.in
@@ -3963,6 +3963,7 @@ endif
init_SCRIPTS =
systemdunit_DATA =
systemdconf_DATA =
sssd_dependent_services =
if HAVE_SYSTEMD_UNIT
systemdunit_DATA += \
src/sysv/systemd/sssd.service \
@@ -3974,11 +3975,15 @@ if HAVE_SYSTEMD_UNIT
src/sysv/systemd/sssd-secrets.socket \
src/sysv/systemd/sssd-secrets.service \
$(NULL)

sssd_dependent_services += sssd-nss.socket sssd-pam.socket
if BUILD_AUTOFS
systemdunit_DATA += \
src/sysv/systemd/sssd-autofs.socket \
src/sysv/systemd/sssd-autofs.service \
$(NULL)

sssd_dependent_services += sssd-autofs.socket
endif
if BUILD_IFP
systemdunit_DATA += \
@@ -3990,18 +3995,24 @@ if BUILD_PAC_RESPONDER
src/sysv/systemd/sssd-pac.socket \
src/sysv/systemd/sssd-pac.service \
$(NULL)

sssd_dependent_services += sssd-pac.socket
endif
if BUILD_SSH
systemdunit_DATA += \
src/sysv/systemd/sssd-ssh.socket \
src/sysv/systemd/sssd-ssh.service \
$(NULL)

sssd_dependent_services += sssd-ssh.socket
endif
if BUILD_SUDO
systemdunit_DATA += \
src/sysv/systemd/sssd-sudo.socket \
src/sysv/systemd/sssd-sudo.service \
$(NULL)

sssd_dependent_services += sssd-sudo.socket
endif
if WITH_JOURNALD
systemdconf_DATA += \
@@ -4044,7 +4055,8 @@ edit_cmd = $(SED) \
-e 's|@libexecdir[@]|$(libexecdir)|g' \
-e 's|@pipepath[@]|$(pipepath)|g' \
-e 's|@prefix[@]|$(prefix)|g' \
-e 's|@SSSD_USER[@]|$(SSSD_USER)|g'
-e 's|@SSSD_USER[@]|$(SSSD_USER)|g' \
-e 's|@sssd_dependent_services[@]|${sssd_dependent_services}|g'

replace_script = \
@rm -f $@ $@.tmp; \
@@ -110,8 +110,7 @@ ldap_sudo_search_base = ou=sudoers,dc=example,dc=com
<phrase condition="have_systemd">
It's important to note that on platforms where systemd is supported
there's no need to add the "sudo" provider to the list of services,
as it became optional. However, sssd-sudo.socket must be enabled
instead.
as it became optional.
</phrase>
</para>
<para>
@@ -218,9 +218,10 @@
</para>
<para>
<phrase condition="have_systemd">
By default, all services are disabled and the administrator
must enable the ones allowed to be used by executing:
"systemctl enable sssd-@service@.socket".
By default, all services are enabled.
In case the Administrator wants to persistently disable
one of them, it can be done by running:
"systemctl mask sssd-@service@.socket"
</phrase>
</para>
</listitem>
@@ -2,7 +2,7 @@
Description=System Security Services Daemon
# SSSD must be running before we permit user sessions
Before=systemd-user-sessions.service nss-user-lookup.target
Wants=nss-user-lookup.target
Wants=nss-user-lookup.target @sssd_dependent_services@

[Service]
EnvironmentFile=-@environment_file@

0 comments on commit 06a5fbf

Please sign in to comment.
You can’t perform that action at this time.