[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] [PATCH] Adding SSSD client bits to Fedora Atomic Host

From: Colin Walters <walters verbum org>
To: Jan Pazdziora <jpazdziora redhat com>
Cc: atomic-devel projectatomic io
Subject: Re: [atomic-devel] [PATCH] Adding SSSD client bits to Fedora Atomic Host
Date: Tue, 17 Nov 2015 11:59:46 -0500

On Fri, Nov 13, 2015, at 05:07 AM, Jan Pazdziora wrote:
> On Thu, Nov 12, 2015 at 09:00:31PM -0500, Colin Walters wrote:
> > 
> > Can you improve the commit message?  It currently is mostly "what"
> > but not much "why" (and the subject line should be imperative tense matching
> > the rest of the style).
> > Something like:
> > 
> > ```
> > manifest: Add requirements for host fedora/sssd container
> > 
> > Having these dependencies on the host are necessary in order for the
> > new `fedora/sssd` container to work.  For more information, see:
> > 
> > https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2015-October/msg00055.html
> 
> Please find fixed patch in attachment.

Yes, this looks better, thanks!

For reference, looks like the package-level diff is:

# rpm-ostree db --repo=repo diff fedora-atomic/rawhide/x86_64/docker-host{^,}
ostree diff commit old: fedora-atomic/rawhide/x86_64/docker-host^ (cba7d2e910746c6e883933a38e88acdb888a4976ed68845502aa03ab2710c511)
ostree diff commit new: fedora-atomic/rawhide/x86_64/docker-host (9195bf3a53201e07b832bba4bd475d7999b4e026c35d55ee3b7440001574d66c)
Added:
 libsss_idmap-1.13.1-5.fc24.x86_64
 libsss_nss_idmap-1.13.1-5.fc24.x86_64
 oddjob-0.34.3-1.fc23.x86_64
 oddjob-mkhomedir-0.34.3-1.fc23.x86_64
 psmisc-22.21-7.fc23.x86_64
 sssd-client-1.13.1-5.fc24.x86_64
#

Merged: https://git.fedorahosted.org/cgit/fedora-atomic.git/commit/?id=5aef550246201bf0b9df976cd9c079ba5536b88c

> Yes. We pull host's uids to the container in runtime
> 
> 	https://github.com/fedora-cloud/Fedora-Dockerfiles/blob/master/sssd/run.sh#L11
> 
> so that hopefully covers at least some of the use cases -- for example,
> you can use host's usernames in /etc/sssd/sssd.conf (think apache) and
> the sssd in the container will not complain because it will know about
> them.

I'd expect `apache` to always be a user in a different container, not on the host.
But for things like the systemd users, yes.

> How are other "system" containers addressing it? What is the process
> of rebuilding these containers to keep them en par with the Atomic
> versions, and the naming?

At present I'm not sure of a naming convention.  We don't even have
official Docker image building in Fedora yet.  It's actively being worked
on at least.

Follow-Ups:
- Re: [atomic-devel] [PATCH] Adding SSSD client bits to Fedora Atomic Host
  - From: Jan Pazdziora

References:
- Re: [atomic-devel] [PATCH] Adding SSSD client bits to Fedora Atomic Host
  - From: Jan Pazdziora
- Re: [atomic-devel] [PATCH] Adding SSSD client bits to Fedora Atomic Host
  - From: Colin Walters
- Re: [atomic-devel] [PATCH] Adding SSSD client bits to Fedora Atomic Host
  - From: Jan Pazdziora

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]