From 06a5fbf5275271b89ce1a889096b4a6869b7fb18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Tue, 24 Jan 2017 09:36:34 +0100 Subject: [PATCH] SSSD: Add a list of dependent services to sssd.service MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Let's add a list of dependent services to the sssd unit file so we can have all those services enable by default when enabling sssd unit. As it differs from our first approach were all services were disabled by default, the manuals have also been updated. Related: https://fedorahosted.org/sssd/ticket/2243 Signed-off-by: Fabiano FidĂȘncio --- Makefile.am | 14 +++++++++++++- src/man/sssd-sudo.5.xml | 3 +-- src/man/sssd.conf.5.xml | 7 ++++--- src/sysv/systemd/sssd.service.in | 2 +- 4 files changed, 19 insertions(+), 7 deletions(-) diff --git a/Makefile.am b/Makefile.am index 661e9447d5..fb5482f101 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3963,6 +3963,7 @@ endif init_SCRIPTS = systemdunit_DATA = systemdconf_DATA = +sssd_dependent_services = if HAVE_SYSTEMD_UNIT systemdunit_DATA += \ src/sysv/systemd/sssd.service \ @@ -3974,11 +3975,15 @@ if HAVE_SYSTEMD_UNIT src/sysv/systemd/sssd-secrets.socket \ src/sysv/systemd/sssd-secrets.service \ $(NULL) + +sssd_dependent_services += sssd-nss.socket sssd-pam.socket if BUILD_AUTOFS systemdunit_DATA += \ src/sysv/systemd/sssd-autofs.socket \ src/sysv/systemd/sssd-autofs.service \ $(NULL) + +sssd_dependent_services += sssd-autofs.socket endif if BUILD_IFP systemdunit_DATA += \ @@ -3990,18 +3995,24 @@ if BUILD_PAC_RESPONDER src/sysv/systemd/sssd-pac.socket \ src/sysv/systemd/sssd-pac.service \ $(NULL) + +sssd_dependent_services += sssd-pac.socket endif if BUILD_SSH systemdunit_DATA += \ src/sysv/systemd/sssd-ssh.socket \ src/sysv/systemd/sssd-ssh.service \ $(NULL) + +sssd_dependent_services += sssd-ssh.socket endif if BUILD_SUDO systemdunit_DATA += \ src/sysv/systemd/sssd-sudo.socket \ src/sysv/systemd/sssd-sudo.service \ $(NULL) + +sssd_dependent_services += sssd-sudo.socket endif if WITH_JOURNALD systemdconf_DATA += \ @@ -4044,7 +4055,8 @@ edit_cmd = $(SED) \ -e 's|@libexecdir[@]|$(libexecdir)|g' \ -e 's|@pipepath[@]|$(pipepath)|g' \ -e 's|@prefix[@]|$(prefix)|g' \ - -e 's|@SSSD_USER[@]|$(SSSD_USER)|g' + -e 's|@SSSD_USER[@]|$(SSSD_USER)|g' \ + -e 's|@sssd_dependent_services[@]|${sssd_dependent_services}|g' replace_script = \ @rm -f $@ $@.tmp; \ diff --git a/src/man/sssd-sudo.5.xml b/src/man/sssd-sudo.5.xml index 5bc56c4633..cb085419ab 100644 --- a/src/man/sssd-sudo.5.xml +++ b/src/man/sssd-sudo.5.xml @@ -110,8 +110,7 @@ ldap_sudo_search_base = ou=sudoers,dc=example,dc=com It's important to note that on platforms where systemd is supported there's no need to add the "sudo" provider to the list of services, - as it became optional. However, sssd-sudo.socket must be enabled - instead. + as it became optional. diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index cb608cb0ac..9a9eb542c4 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -218,9 +218,10 @@ - By default, all services are disabled and the administrator - must enable the ones allowed to be used by executing: - "systemctl enable sssd-@service@.socket". + By default, all services are enabled. + In case the Administrator wants to persistently disable + one of them, it can be done by running: + "systemctl mask sssd-@service@.socket" diff --git a/src/sysv/systemd/sssd.service.in b/src/sysv/systemd/sssd.service.in index 05cfd37050..9264d4b06d 100644 --- a/src/sysv/systemd/sssd.service.in +++ b/src/sysv/systemd/sssd.service.in @@ -2,7 +2,7 @@ Description=System Security Services Daemon # SSSD must be running before we permit user sessions Before=systemd-user-sessions.service nss-user-lookup.target -Wants=nss-user-lookup.target +Wants=nss-user-lookup.target @sssd_dependent_services@ [Service] EnvironmentFile=-@environment_file@