URL: https://github.com/SSSD/sssd/pull/32 Title: #32: Requesting a pull to SSSD:master from fidencio:wip/#3138
jhrozek commented: """ Hi, thank you for working on this. I think there are two "architectural" questions we should answer.
1) Lukas raised the suggestion of using PreExec with `sssd --genconf` on #sssd on IRC. Did you explore this or did you not like this solution because of race-conditions? 2) If we don't use `sssd --genconf`, I wonder if it would be actually better to add the new socket to the monitor process rather than a new service (sorry, I realize it was me who lead you down this path of adding a new service...I only remembered this idea now once @simo5 mentioned it on IRC). IMO this would have one advantage which is that the sssd process is already permitted by SELinux to read sssd.conf and write to confdb. And long-term we wanted to make the sssd process only initialize sssd and then exit since the services would (in the ideal case of a modern Linux system) self-monitor themselves. """
See the full comment at https://github.com/SSSD/sssd/pull/32#issuecomment-250105213