On Fri, Mar 22, 2024 at 3:46 PM Alexey Tikhonov <atikhono@redhat.com> wrote:

Is this a "single UID" container (i.e. SSSD and client apps run under the same UID within container namespace)?
What do you use as an entry point of the container / how do you manage (start of) multiple processes?

What authentication means do you use?
If this is Kerberos, does your app use TGT acquired during authentication?

Yes single UID container with simple init (no systemd). Both SSSD and client applications run within the same container. In our use case we use only LDAP domains for now, no Kerberos.

Tero