On Wed, Mar 15, 2017 at 04:27:26PM +0100, Fabiano FidĂȘncio wrote:
> > * Several issues related to socket-activating the NSS service, especially
> > if SSSD was configured to use a non-privileged user were fixed. The NSS
> > service now starts as root to avoid triggering a name-service lookup
> > while the NSS service is not running yet. Additionally, the NSS service
> > is started before any other service to make sure username resolution
> > works
> > and the other service can resolve the SSSD user correctly.
>
> So, this part is not exactly accurate.
> NSS responder always been only used as root. What we did is not
> changing the owner of the nss log file for the socket-activated NSS
> responder.
>
> My suggestion is: "(...). The NSS service now doesn't change the
> ownership of its log files to avoid triggering (...)"
Suggestion taken, the new relnotes can be viewed at:
https://pagure.io/SSSD/docs/blob/master/f/users/relnotes/notes_1_15_2.rst
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
