Hi Tero,
On Mon, Apr 8, 2024 at 8:13 PM Tero Saarni <tero.saarni(a)gmail.com> wrote:
Having said that, and taking into account 'user-ns' support isn't
> available yet, you might want to try builds from
>
https://copr.fedorainfracloud.org/coprs/g/sssd/nightly/ : currently
> Fedora rawhide, Centos-stream 9 and Rhel 9 packages there are built
> '--with-sssd-user=sssd' and main SSSD process can be run directly under
> 'sssd' user.
>
> Since you don't need Kerberos / handle keytabs and user TGTs, it should
> work out of the box.
>
> Your feedback and observations are welcome.
>
>
Hi Alexey,
I tried and it did work.
Out of curiosity: I realized that 'sssd/nightly' packages are built with
'systemd' support and thus 'Requires:" it. How did you work around this?
I have another PR -
https://github.com/SSSD/sssd/pull/7262 - that I use as
a playground to build "minimal dependencies" SSSD, more suitable to run
within a container (copr builds are available at
https://copr.fedorainfracloud.org/coprs/g/sssd/pr7262/ )
Those builds don't require 'systemd' explicitly, but they require libdbus-1
that, unfortunately, requires libsystemd.
Do you have a plan for a release schedule for the feature?
Do you mean "improved ability to run under 'sssd' user"?
There are quite a few issues that remain to be addressed.
We cautiously plan to have an upstream release in time to use it in Fedora
41 and RHEL10, but **no promises**.