Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request adds support for openSUSE's UsrEtc layout, allowing SSSD to fall back to a vendor-provided configuration file. The changes are generally well-implemented across the build system and source code. However, I've identified a memory leak in src/monitor/monitor.c due to incorrect handling of talloc allocations when determining the configuration file path. Additionally, there's a minor bug in configure.ac that causes a user-facing notice to display an empty value. I have provided suggestions to address both of these issues.
| [], [enable_vendordir=no]) | ||
| if test "$enable_vendordir" != no; then | ||
| AC_DEFINE(USE_VENDORDIR, 1, [Define if distribution provided configuration files should be used.]) | ||
| AC_MSG_NOTICE([Used vendor dir: $VENDORDIR]) |
There was a problem hiding this comment.
The shell variable for the vendor directory is vendordir, not VENDORDIR. VENDORDIR is the C preprocessor macro. This will result in an empty value being printed in the notice.
AC_MSG_NOTICE([Used vendor dir: $vendordir])
ikerexxe
left a comment
ikerexxe
left a comment
There was a problem hiding this comment.
I only added comments to the first instance of each problem.
I'd highly recommend you to create a centralized place to manage this logic. A new file located in src/util/util_config.c would probably be the best location to place this logic. This way we reduce the maintenance burden and the possibility of applying fixes in one place but forgetting about the other
Signed-off-by: Samuel Cabrero <scabrero@suse.com>
scabrero
force-pushed
the
scabrero-UsrEtc
branch
from
7e24e21 to
36cc0f7
Compare
pbrezina
left a comment
pbrezina
left a comment
There was a problem hiding this comment.
Thank you, Samuel, it looks good. Can you also add a :packaging: release note to the last commit? See https://github.com/SSSD/sssd/blob/master/.git-commit-template
| ret = ENOMEM; | ||
| goto done; | ||
| } | ||
| config_snippet_path = CONFDB_DEFAULT_CONFIG_DIR; |
There was a problem hiding this comment.
I'm not sure about this. The tools can be given a different config file path (-c /path/to/my/sssd.conf) and the idea here was to have snippet folder /path/to/my/sssd.conf.d. This change, while elegant, breaks this.
While I like it, I'm not sure if we can break it out of a sudden. And if do this, the snippet path should be empty if a non-default config file is provided (otherwise the snippets from default directory would be loaded, which may be unexpected).
There was a problem hiding this comment.
Ok, I see the use case now. Someone might want to check a config file + snippets out of the standard directories. I will wait for the feedback before reverting this change.
There was a problem hiding this comment.
@thalman introduced support for '-c' in 61f4aaa
Upcoming sssd-2.13 will be used in C10S/RHEL10, I don't think we can remove a feature there (even if hardly used)...
@thalman, @sumit-bose, thoughts?
There was a problem hiding this comment.
Done. The snippets directory is built from the given config file path only if it is not specified with -s.
ikerexxe
left a comment
ikerexxe
left a comment
There was a problem hiding this comment.
Just a minor comment inline. Make sure to add some debugging every time config_file == NULL
scabrero
force-pushed
the
scabrero-UsrEtc
branch
from
36cc0f7 to
17b0927
Compare
ikerexxe
left a comment
ikerexxe
left a comment
There was a problem hiding this comment.
LGTM! Thank you for the patches
scabrero
force-pushed
the
scabrero-UsrEtc
branch
from
17b0927 to
6be9652
Compare
scabrero
force-pushed
the
scabrero-UsrEtc
branch
from
6be9652 to
95e10c8
Compare
|
@ikerexxe, are you fine with the latest version? |
ikerexxe
left a comment
ikerexxe
left a comment
There was a problem hiding this comment.
I know I already gave this the green light, but after a second look, I noticed we’re missing some critical documentation updates for the new configuration logic.
In addition to the inline comments, the introduction of the new --with-vendordir configure option and the updated configuration file resolution behavior currently lack documentation in the man pages, as well as the general build docs. It is essential that we clearly describe the new fallback hierarchy in these files so that administrators and packagers have a reliable reference for how the system prioritizes vendor-provided settings versus local configurations.
Vendor provided configuration is installed in /usr/etc/sssd/sssd.conf. Users can override it creating /etc/sssd/sssd.conf, or override defaults dropping config snippets to /etc/sssd/conf.d/ Doc: https://en.opensuse.org/openSUSE:Packaging_UsrEtc Doc: https://github.com/uapi-group/specifications/blob/main/specs/configuration_files_specification.md :packaging: New configure option '--with-vendordir' to enable reading the vendor provided configuration file. Signed-off-by: Samuel Cabrero <scabrero@suse.com>
Adds a section in sssd.conf manpage to explain how the vendor provided configuration can be masked or overriden. Signed-off-by: Samuel Cabrero <scabrero@suse.com>
scabrero
force-pushed
the
scabrero-UsrEtc
branch
from
95e10c8 to
8af8421
Compare
Good point about the man page, I have added a section to explain the hierarchy if vendor dir is enabled. Regarding build docs, I will prepare an update for the sssd.io repository. |
ikerexxe
left a comment
ikerexxe
left a comment
There was a problem hiding this comment.
In addition to the inline comment, there's a merge conflict in conf_macros.m4. Please fix it
| the system specific configurtion file <filename>&sssd_conf_dir;/sssd.conf</filename> | ||
| or partly overriden by creating config snippets in <filename>&sssd_conf_dir;/conf.d</filename> | ||
| directory. | ||
| </para> |
There was a problem hiding this comment.
I'm missing an explanation on the configuration file hierarchy. One question that comes to my mind that I'd like to get clarified in this documentation. What happens if there isn't any SSSD configuration file in the vendor directory, but it exists in the regular one (/etc/sssd/sssd.conf), does SSSD use this configuration?
|
|
|
@scabrero, ping :) |
4 participants
To support transactional-updates in openSUSE, this PR adds support for UsrEtc.
Doc: https://en.opensuse.org/openSUSE:Packaging_UsrEtc