On (02/02/16 15:35), Jakub Hrozek wrote:
On Mon, Jan 18, 2016 at 02:18:32PM +0100, Lukas Slebodnik wrote:
> ehlo,
>
> This ticket is little bit related to #2855
>
> I searched a little bit and here is a small sumary of
> using autofs + atomic (containers)
>
> >We have a pull request in RUNC to eliminate our patch.
> >
> >https://github.com/opencontainers/runc/pull/208
> >
> >A second feature of this pull request would be to allow us to pass in
> >the MOUNT_SHARED flag
> >This would allow us to modify the hosts mount table from inside of a
> >container. With this feature
> >we would be able to run a service like autofs inside of a container but
> >have it modify the HOST
> >file system and those of other containers.
> >
> >I think if we want to get autofs to work on "atomic host" we need to
run
> >it in a container.
>
> The attached patch will reduce dependency tree in such container.
>
> I created patch with separate pacakge because "sss" is not by default
> in nsswithc.conf for "automount". But this file could be part of
sssd-client
> but on the other hand automount directly dlopen libsss_autofs.so
> I'm not sure which solution would be better.
>
> LS
> From 64db47c3fb09648f84cd359ec8c1cc28a49fd430 Mon Sep 17 00:00:00 2001
> From: Lukas Slebodnik <lslebodn(a)redhat.com>
> Date: Mon, 18 Jan 2016 13:47:11 +0100
> Subject: [PATCH] SPEC: Move libsss_autofs.so outside sssd-common
>
> It will reduce dependency chain in container world.
> libsss_autofs.so depends only on libc and requires
> sssd unix sockets. And sssd-common has many requirements.
> ---
[..]
> +%files -n libsss_autofs
> +%defattr(-,root,root,-)
> +%doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
Why do we need COPYING.LESSER? IIRC all our code is only GPLv3+
Also, while looking at this patch I realized that with libsss_sudo we
call ldconfig even though the library is not supposed to be linked with
but dlopened (yes, it's a bug that the sudo library is placed in libdir..)
looks
like no
sh$ grep -A5 libsss_autofs_la_SOURCES Makefile.am
libsss_autofs_la_SOURCES = \
src/sss_client/common.c \
src/sss_client/sss_cli.h \
src/sss_client/autofs/sss_autofs.c \
src/sss_client/autofs/sss_autofs_private.h
sh$ head -n 25 src/sss_client/common.c
/*
* System Security Services Daemon. NSS client interface
*
* Copyright (C) Simo Sorce 2007
*
* Winbind derived code:
* Copyright (C) Tim Potter 2000
* Copyright (C) Andrew Tridgell 2000
* Copyright (C) Andrew Bartlett 2002
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program. If not, see <
http://www.gnu.org/licenses/>.
*/
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
LS