URL:
https://github.com/SSSD/sssd/pull/5766
Title: #5766: [WiP] Sources cleanup - part 3.
pbrezina commented:
"""
Sorry I didn't indicate this is work-in-progress yet.
Remaining steps here are:
* incorporate "lib secrets" into KCM since there are no other users
If you want to touch this, it might be good to investigate if it is still needed.
libsecrets was created to share code between secrets responder and kcm (since first
implementation of kcm talked to secrets via its rest api). It is however affected by the
rest api usage, for example it converts key to urls to dn which is not needed anymore.
Perhaps it would be enough to use sysdb instead and remove libsecrets completely.
* to check if `kcm_ops_queue*` layer is still needed (most
probably answer is "no" because only sync backends are now available) and remove
it not
This is questionable. Once you remove secrets backend, we can (and should) convert all
tevent-based api of the backend to sync calls. But perhaps we will need some async calls
in the future as well so it might be beneficial to keep the queue mechanism (or make it
easily revertable).
* get rid of encrypted/JSON payload support in KCM
+1
Then "lib secrets" can drop support of encrypted payload,
and probably utils crypto can drop some helpers, etc, but I didn't check it yet.
+1 (if not replaced by sysdb)
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5766#issuecomment-908254353