From f37e795cd16310759dc9741c1ab1323b287a9101 Mon Sep 17 00:00:00 2001
From: Fabiano Fidêncio <fidencio@redhat.com>
Date: Thu, 17 Nov 2016 01:03:13 +0100
Subject: SUDO: Make Sudo responder socket-activatable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

As part of the effort of making all responder socket-activatable, let's
make Sudo responder ready for this by providing its systemd's units.

In case the administrators want to use Sudo responder taking advantage
of socket-activation they will need to enable sssd-sudo.socket and
after a restart of the sssd service, the Sudo socket will be ready
waiting for any activity in order to start the Sudo responder. Also,
the Sudo responder must be removed from the services line on sssd.conf.

The Sudo responder service is binded to the SSSD service, which means
that the responder will be restarted in case SSSD is restarted and
shutdown in case SSSD is shutdown/crashes.

Related:
https://fedorahosted.org/sssd/ticket/2243

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
---
 contrib/sssd.spec.in | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'contrib')

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 786141aa4..0430f425a 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -810,6 +810,8 @@ done
 %{_unitdir}/sssd-pam.service
 %{_unitdir}/sssd-ssh.socket
 %{_unitdir}/sssd-ssh.service
+%{_unitdir}/sssd-sudo.socket
+%{_unitdir}/sssd-sudo.service
 %{_unitdir}/sssd-secrets.socket
 %{_unitdir}/sssd-secrets.service
 %else
@@ -1151,6 +1153,7 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us
 %systemd_post sssd-pam-priv.socket
 %systemd_post sssd-secrets.socket
 %systemd_post sssd-ssh.socket
+%systemd_post sssd-sudo.socket
 
 %preun common
 %systemd_preun sssd.service
@@ -1161,6 +1164,7 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us
 %systemd_preun sssd-pam-priv.socket
 %systemd_preun sssd-secrets.socket
 %systemd_preun sssd-ssh.socket
+%systemd_preun sssd-sudo.socket
 
 %postun common
 %systemd_postun_with_restart sssd.service
@@ -1177,6 +1181,8 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us
 %systemd_postun_with_restart sssd-secrets.service
 %systemd_postun_with_restart sssd-ssh.socket
 %systemd_postun_with_restart sssd-ssh.service
+%systemd_postun_with_restart sssd-sudo.socket
+%systemd_postun_with_restart sssd-sudo.service
 
 %else
 # sysv
-- 
cgit