On Thu, Dec 01, 2016 at 03:59:37PM +0100, Fabiano Fidêncio wrote: > On Thu, Dec 1, 2016 at 3:46 PM, Simo Sorce <s...@redhat.com> wrote: > > On Thu, 2016-12-01 at 15:22 +0100, Pavel Březina wrote: > >> On 12/01/2016 02:56 PM, Simo Sorce wrote: > >> > On Thu, 2016-12-01 at 14:44 +0100, Pavel Březina wrote: > >> >> On 11/24/2016 02:33 PM, Fabiano Fidêncio wrote: > >> >>> The design page is done [0] and it's based on this discussion [1] we > >> >>> had on this very same mailing list. A pull-request with the > >> >>> implementation is already opened [2]. > >> >>> > >> >>> [0]: > >> >>> https://fedorahosted.org/sssd/wiki/DesignDocs/SocketActivatableResponders > >> >>> [1]: > >> >>> https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org/message/H6JOF5SGGSIJUIWYNANDA73ODHWBS7J2/ > >> >>> [2]: https://github.com/SSSD/sssd/pull/84 > >> >> > >> >> I think we should also provide 'disabled_services' option, to give > >> >> admins a way to explicitly disable some responders if the don't want to > >> >> used them. > >> > > >> > How would this work ? > >> > >> If responder is listed in disabled_services, it won't be allowed to > >> start via socket activation. If disabling the socket as Fabiano > >> mentioned in the other mail is enough, I'm fine with it, plese test. > > > > I am not sure this is a good behavior as clients will see a connection > > being accept and then dropped, and may misbehave or report strange > > errors. > > So, thinking a little bit about it Pavel's idea is not bad. > If you have a list of "not allowed"/"disabled" services we can, at > least, report the proper error when enabling the service.
I don't know, to me it seems like if we are about to rely on systemd to start the services we should just use the systemd facilities to manage them. I'm not fond of the idea of yet another knob, or maybe I don't see the benefit over disabling the socket. _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
