On Mon, Jan 18, 2016 at 02:18:32PM +0100, Lukas Slebodnik wrote:
ehlo,
This ticket is little bit related to #2855
I searched a little bit and here is a small sumary of
using autofs + atomic (containers)
>We have a pull request in RUNC to eliminate our patch.
>
>https://github.com/opencontainers/runc/pull/208
>
>A second feature of this pull request would be to allow us to pass in
>the MOUNT_SHARED flag
>This would allow us to modify the hosts mount table from inside of a
>container. With this feature
>we would be able to run a service like autofs inside of a container but
>have it modify the HOST
>file system and those of other containers.
>
>I think if we want to get autofs to work on "atomic host" we need to run
>it in a container.
The attached patch will reduce dependency tree in such container.
I created patch with separate pacakge because "sss" is not by default
in nsswithc.conf for "automount". But this file could be part of sssd-client
but on the other hand automount directly dlopen libsss_autofs.so
I'm not sure which solution would be better.
LS
From 64db47c3fb09648f84cd359ec8c1cc28a49fd430 Mon Sep 17 00:00:00
2001
From: Lukas Slebodnik <lslebodn(a)redhat.com>
Date: Mon, 18 Jan 2016 13:47:11 +0100
Subject: [PATCH] SPEC: Move libsss_autofs.so outside sssd-common
It will reduce dependency chain in container world.
libsss_autofs.so depends only on libc and requires
sssd unix sockets. And sssd-common has many requirements.
---
[..]
+%files -n libsss_autofs
+%defattr(-,root,root,-)
+%doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
Why do we need COPYING.LESSER? IIRC all our code is only GPLv3+
Also, while looking at this patch I realized that with libsss_sudo we
call ldconfig even though the library is not supposed to be linked with
but dlopened (yes, it's a bug that the sudo library is placed in libdir..)