Title: #32: Requesting a pull to SSSD:master from fidencio:wip/#3138
Hi, thank you for working on this. I think there are two "architectural"
questions we should answer.
1) Lukas raised the suggestion of using PreExec with `sssd --genconf` on #sssd on IRC. Did
you explore this or did you not like this solution because of race-conditions?
2) If we don't use `sssd --genconf`, I wonder if it would be actually better to add
the new socket to the monitor process rather than a new service (sorry, I realize it was
me who lead you down this path of adding a new service...I only remembered this idea now
once @simo5 mentioned it on IRC). IMO this would have one advantage which is that the sssd
process is already permitted by SELinux to read sssd.conf and write to confdb. And
long-term we wanted to make the sssd process only initialize sssd and then exit since the
services would (in the ideal case of a modern Linux system) self-monitor themselves.
See the full comment at https://github.com/SSSD/sssd/pull/32#issuecomment-250105213