On Fri, Sep 5, 2025 at 12:13 PM James Ralston <[email protected]> wrote: > > On Fri, Sep 5, 2025 at 12:24 PM Travis Bean via sssd-users > <[email protected]> wrote: > > > It would be a good idea for this information about file ownership > > and permission requirements to be included in documentation located > > at /usr/share/doc/sssd-common/README. > > It is already included in the documentation.
There are different sssd.conf(5) man pages that describe ownership and permissions in different ways. In the Arch Linux sssd.conf(5) man page (https://man.archlinux.org/man/sssd.conf.5.en) as well as Mankier's sssd.conf(5) man page (https://www.mankier.com/5/sssd.conf) it mentions, "sssd.conf must be a regular file that is accessible only by the user used to run SSSD service or root." It is easy to misinterpret this to mean that sssd.conf is accessible only by root, which says something about ownership, but is not clear on permissions. In the Ubuntu sssd.conf(5) man page (https://manpages.ubuntu.com/manpages/noble/man5/sssd.conf.5.html) and die.net sssd.conf(5) man page (https://linux.die.net/man/5/sssd.conf), it mentions, "sssd.conf must be a regular file, owned by root and only root may read from or write to the file." This gives a more concise, clearer description of ownership and permissions. Since the ownership and permissions for sssd.conf change to root:sssd and 0640, respectively, for version 2.10, it would be a good idea to include this in a README file unless an example sssd.conf is installed by default to /etc/sssd, which would be the most logical choice. -- _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
