#2042 [RFE] Create a library to control SSSD configuration
Closed: wontfix 4 years ago by pbrezina. Opened 10 years ago by dpal.

This is an RFE to create a C library that would provide interface to the following:

- Enumerate sssd domains
- Read and modify domain properties 
- Add domains
- Turn on and off sudo, ssh, automount and selinux integration

etc.

This library will then will be exposed over D-BUS interface.


Fields changed

description: This is an RFE to create a C library that would provide interface to the following:

Enumerate sssd domains
Read and modify domain properties
Add domains
Turn on and off sudo, ssh, automount and selinux integration
etc.

This library will then will be exposed over D-BUS interface.
=> This is an RFE to create a C library that would provide interface to the following:

  • Enumerate sssd domains
  • Read and modify domain properties
  • Add domains
  • Turn on and off sudo, ssh, automount and selinux integration

etc.

This library will then will be exposed over D-BUS interface.

As usual, Augeas could be great choice for backend (i.e. that part which manipulates configuration files) :-)

Augeas is great at the mechanical level, I mean it is good to read, parse and present data as a tree. The main work, however I see in creating a level of abstraction that would deal with configuration as an object that consists of global configuration and then a set of domains. There should be methods like: list domains, add domain, remove domain etc. Same with the domain properties. So IMO the majority of the work is in creating and implementing this layer. Augeas or ding libs can be used on the low level. Ding libs would need some more work but on the other hand it would not create a new dependency.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.14 beta
rhbz: => todo
type: defect => enhancement

Based on a recent conversation with Stephen I am moving this out into Deferred bucket because it seems that this functionality already exists in the python API. Since this ticket is to create a C library and not Python deferring this ticket makes sense while it also makes sense to see what other capabilities need to be added to the python API to manage SSSD configuration and other related identity management aspects of the system.

Stephen, can you please open a corresponding ticket for the Python API?
Do you think it is OK to expose Python API over D-BUS or we still would need a C library?

cc: => sgallagh
milestone: SSSD 1.14 beta => SSSD Deferred

Well, to expose something over D-BUS, you will need to create a daemon process of some sort (most likely D-BUS socket-activated). This can be done in Python or C[1].

The disadvantage to relying on Python here is that the OpenLMI project is trying to push for eliminating a requirement on Python in the base install of the OS. Adding another Python-based provider to the mix would make this more difficult, but currently the storage provider is standing in the way of this, so eliminating Python in the near-term isn't going to be likely.

I'd recommend a two-stage approach: define and produce a D-BUS API to work with the existing python SSSDConfig API and then work in the longer term to have this API served by a C library instead. That's the nice thing about D-BUS APIs: the client doesn't need to know how it's implemented.

[1] http://docs.python.org/release/2.4.2/ext/callingPython.html

Metadata Update from @dpal:
- Issue set to the milestone: SSSD Patches welcome

7 years ago

Thank you for taking time to submit this request for SSSD. Unfortunately this issue was not given priority and the team lacks the capacity to work on it at this time.

Given that we are unable to fulfill this request I am closing the issue as wontfix.

If the issue still persist on recent SSSD you can request re-consideration of this decision by reopening this issue. Please provide additional technical details about its importance to you.

Thank you for understanding.

Metadata Update from @pbrezina:
- Issue close_status updated to: wontfix
- Issue status updated to: Closed (was: Open)

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/3084

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata