#3673 [RFE/RFC] Read only files with default options

Created 2 months ago by mzidek
Modified 2 months ago

We could add a read-only "config" file (for example /usr/share/sssd/defaults/common.conf) that will contain the following:
- all sections with explicitly set options to default values ([sssd], [nss], etc.)
- the defaults domain section (see: https://pagure.io/SSSD/sssd/issue/3670) with all options explicitly set

There would be another read-only files (/usr/share/sssd/defaults/ipa|ad|ldap|files.conf), with the:
- default domain options for different providers

Reading a configuration would work like this:
- read the common default configuration
- merge the default configuration with the sssd.conf + conf.d snippets (last value wins)
- merge the resulting configuration with the provider specific configuration (no replacing of values preserve existing values)

We already plan to create a command sssctl config-show that will address these issues. This command could make use of this change (create the configuration object in the above way and then just show it's contents).

2 months ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.0

Login to comment on this ticket.