feat: Add SSSD parameters support #76
Conversation
Correct variables for test
tasks/main.yml
Outdated
| group: root | ||
| mode: u=rw,g=,o= | ||
| loop: "{{ ad_integration_sssd_settings }}" | ||
| notify: Handler for ad_integration to restart services |
There was a problem hiding this comment.
I think we're going to need two separate handlers - one for realmd and one for sssd - it looks like there are cases where changes are made to config files that need realmd to be restarted but not sssd, and vice versa. Also, are there cases where a change to sssd.conf will require a restart of both realmd and sssd?
Yes, we could just restart both services every time anything changes, but I would strongly prefer not to restart services unnecessarily.
There was a problem hiding this comment.
Hi,
I can be better to do two handlers. I can look if you want. Should I do this in the same PR as this one ?
There was a problem hiding this comment.
Hi, I can be better to do two handlers. I can look if you want. Should I do this in the same PR as this one ?
Yes, please
There was a problem hiding this comment.
Hi,
I have updated the PR. I have try to squash to have only 1 commit but I didn't make it.
ci: fix ansible-lint 2.16 and ansible-test 2.16 issues Signed-off-by: Rich Megginson <[email protected]>
Signed-off-by: Girard Sebastien <[email protected]>
| mode: u=rw,g=,o= | ||
| loop: "{{ ad_integration_sssd_settings }}" | ||
| notify: Handler for ad_integration to restart services - sssd | ||
|
|
There was a problem hiding this comment.
Do any of these sssd settings need to be set, and sssd restarted, before trying to join to the AD domain? The task name: Run realm join command? Do any of these sssd settings also require realmd to be restarted, or otherwise notified (e.g. like a SIGHUP)? @jakub-vavra-cz @justin-stephenson wdyt?
There was a problem hiding this comment.
Do any of these sssd settings need to be set, and sssd restarted, before trying to join to the AD domain?
No, SSSD only gets involved after the system is joined to the domain. realm join creates a sssd.conf, so SSSD config changes should be made only after the realm join is performed or they will likely be overwritten.
realmd restart is not needed, SSSD restart is enough.
Correct variables for test
Signed-off-by: Girard Sebastien <[email protected]>
richm
force-pushed
the
add_sssd_standard_options
branch
from
d325947 to
4ee989b
Compare
|
[citest] |
| Example: | ||
|
|
||
| ```yaml | ||
| ad_integration_sssd_settings: |
There was a problem hiding this comment.
This should be defined in defaults/main.yml like this:
# A list of custom setting to be included into the [sssd] section
# of the sssd.conf file. The list will be composed of two entry:
# - key: "configuration_name"
# value: "configuration_value"
ad_integration_sssd_settings: []That should solve the test failures related to "undefined variable"
There was a problem hiding this comment.
I have updated the commit
…0/ad_integration into add_sssd_standard_options
Signed-off-by: Girard Sebastien <[email protected]>
Signed-off-by: Sebastien Girard <[email protected]>
|
[citest] |
Enhancement: Add variable for setting configuration variable inside the [sssd] section of the sssd.conf file
Reason: In my use case, I need to set some additional option like
default_domain_suffixto be present inside the [sssd] section. This role doesn't have a variable for doing that. You can only set inside[domain/YOURDOMAIN]Result: You can use the variable
ad_integration_sssd_settingsto set some extra paremters like documented in https://linux.die.net/man/5/sssd.confIssue Tracker Tickets (Jira or BZ if any): N/A
P.S : It's my first PR. Be kind with me 😉