On Wed, Mar 15, 2017 at 04:27:26PM +0100, Fabiano FidĂȘncio wrote: > > * Several issues related to socket-activating the NSS service, especially > > if SSSD was configured to use a non-privileged user were fixed. The NSS > > service now starts as root to avoid triggering a name-service lookup > > while the NSS service is not running yet. Additionally, the NSS service > > is started before any other service to make sure username resolution > > works > > and the other service can resolve the SSSD user correctly. > > So, this part is not exactly accurate. > NSS responder always been only used as root. What we did is not > changing the owner of the nss log file for the socket-activated NSS > responder. > > My suggestion is: "(...). The NSS service now doesn't change the > ownership of its log files to avoid triggering (...)"
Suggestion taken, the new relnotes can be viewed at: https://pagure.io/SSSD/docs/blob/master/f/users/relnotes/notes_1_15_2.rst _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org