URL: https://github.com/SSSD/sssd/pull/94 Title: #94: Enable {socket,dbus}-activation for responders
jhrozek commented: """ On Mon, Dec 12, 2016 at 05:19:18AM -0800, fidencio wrote:
Would it make any sense to own the sockets by the sssd user as well? Currently it seems the sockets are owned by the sssd user for services started by monitor if they are running un-privileged but as root for systemd-activated services. Because the
Hmm. Probably it does, but I'd like to hear other developers' opinion here
as well. And seems that we missed some part of your explanation.
I don't remembe what exactly did I want to say here :-) I think just that because the sockets are normally world-writable, except the private pam one, the permissions don't matter that much, but at least with the private pam socket care should be taken its permissions are the same as if sssd created the socket itself.
"""
See the full comment at https://github.com/SSSD/sssd/pull/94#issuecomment-266442892