Hello,
*Present **Behavior*: # vim /usr/local/etc/sssd/sssd.conf [sssd] services = nss, pam config_file_version = 2 domains = LDAP
[domain/LDAP] ldap_search_base = dc=example,dc=com id_provider = ldap *auth_provider = ldap9001 **<== '**sssctl config_check' does not reports this 1* ldap_uri = ldap://server.example.com ldap_id_use_start_tls = True ldap_tls_cacert = /etc/openldap/certs/cacert.asc *debug_level = tt **<== 'sssctl config_check' does not reports this 2 **klala = 1 <== '**sssctl config_check' r**eports thi*s 3
*My **Interpretation*: sss_ini_call_validators_errobj() //sssd/src/util/sss_ini.c ini_rules_read_from_file(rules_path, &rules_cfgobj); //rules_path=/usr/share/sssd/cfg_rules.ini {All _keywords on left side of __assignment__are rules_ which are _read from cfg_rules.ini_ fills in struct ini_cfgobj}
*Why sssd does**reports 3*? Because rule is not present in cfg_rules.ini *Why sssd doe**s not report 1,2*? May be - Because there is no such check in ding-lib about values of options. - OR Check is broken. I also find # cat /root/ding-libs-0.6.0/ini/ini.d/mysssd.conf [service] # Options available to all services debug_level = int, None, false <=Now what's this syntax. If it takes int, then is this broken.
Please throw some light...
On (29/03/17 19:13), amit kumar wrote:
Hello,
*Present **Behavior*: # vim /usr/local/etc/sssd/sssd.conf [sssd] services = nss, pam config_file_version = 2 domains = LDAP
[domain/LDAP] ldap_search_base = dc=example,dc=com id_provider = ldap *auth_provider = ldap9001 **<== '**sssctl config_check' does not
^^^^^^^^^^^^^^ ATM it reports just an invalid option name and "auth_provider" is valid.
Validating values need to be implemented. I think we have ticket somewhere.
LS
Hello Lukas,
Thanks for response, yes we have ticket https://pagure.io/SSSD/sssd/issue/416
But my query was regarding the design *how we parse smb.conf using ding-lib.*
I am planing to provide a fix so that 'sssctl config-check' reports something as this incorrect. debug_level = uu I found anything on RHS of = inside smb.conf is not validated? Do we use # cat /root/ding-libs-0.6.0/ini/ini.d/mysssd.conf for validation of contents, if yes {How}.
Hope I am clear with my question.
Many Thanks in Advance Amit
On 03/29/2017 10:12 PM, Lukas Slebodnik wrote:
On (29/03/17 19:13), amit kumar wrote:
Hello,
*Present **Behavior*: # vim /usr/local/etc/sssd/sssd.conf [sssd] services = nss, pam config_file_version = 2 domains = LDAP
[domain/LDAP] ldap_search_base = dc=example,dc=com id_provider = ldap *auth_provider = ldap9001 **<== '**sssctl config_check' does not
^^^^^^^^^^^^^^ ATM it reports just an invalid option name and "auth_provider" is valid.
Validating values need to be implemented. I think we have ticket somewhere.
LS _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-leave@lists.fedorahosted.org
On (30/03/17 22:00), amit kumar wrote:
Hello Lukas,
Thanks for response, yes we have ticket https://pagure.io/SSSD/sssd/issue/416
But my query was regarding the design *how we parse smb.conf using ding-lib.*
Here is a desing page which describe ding-libs part. https://fedorahosted.org/sssd/wiki/DesignDocs/libini-config-file-checks
I hope it is up to date. It also describe two ding-libs native validators and their schemas in ini format.
There is also possible register another (external) validators. But I think checking values would be usefull for everyone.
IIRC Michal Zidek (mzidek at redhat dot com) had some ideas about schema for checking values.
LS
BTW the usage in sssd was quite trivial https://pagure.io/SSSD/sssd/c/8b2a31634764168183506925a4b9f461afdba6f3 + providing rules /usr/share/sssd/cfg_rules.ini
sssd-devel@lists.fedorahosted.org
-
amit kumar -
Lukas Slebodnik