diff options
| author | Fabiano Fidêncio <fidencio@redhat.com> | 2017-01-11 19:13:18 +0100 |
|---|---|---|
| committer | Lukas Slebodnik <lslebodn@redhat.com> | 2017-01-23 18:46:37 +0100 |
| commit | 2797aca4ddf51391b79fbcbab7e7ddcede413584 (patch) | |
| tree | 75e6ce71bc314997e5c0080efb041fa6e389be3a /src/man | |
| parent | 9cd29d64f1c556fd222491a34229393b4462f126 (diff) | |
| download | sssd-2797aca4ddf51391b79fbcbab7e7ddcede413584.tar.gz sssd-2797aca4ddf51391b79fbcbab7e7ddcede413584.tar.xz sssd-2797aca4ddf51391b79fbcbab7e7ddcede413584.zip | |
MAN: "user" doesn't work with socket-activated services
Make it clear in the manual that the "user" option is not going to work
with socket-activated services and also mention what's the best way to
change it in case it's needed, being clear about what can go wrong in
case the admin decides to do it.
Related:
https://fedorahosted.org/sssd/ticket/2243
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/sssd.conf.5.xml | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 3273d8984..25a5a0b98 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -371,6 +371,19 @@ The user to drop the privileges to where appropriate to avoid running as the root user. + <phrase condition="have_systemd"> + This option does not work when running socket-activated + services, as the user set up to run the processes is + set up during compilation time. + + The way to override the systemd unit files is by creating + the appropriate files in /etc/systemd/system/. + + Keep in mind that any change in the socket user, group or + permissions may result in a non-usable SSSD. The same may + occur in case of changes of the user running the NSS + responder. + </phrase> </para> <para> Default: not set, process will run as root |