On (11/05/16 14:29), Ondrej Valousek wrote:
I did not think of bind mounts and sssd-client. Interesting idea. Is
it proven to work?
You cannot bind mount sssd-client. The package should be already
installed in
client container. The fedora base images already contains sssd-client.
You just need to bind mount unix sockets which are used for communication
between sssd-client and sssd daemon.
You can optionaly bind mount memory cache. (It can be done read-only)
docker run -ti --rm \
--volume=/var/lib/sss/pipes/:/var/lib/sss/pipes/:rw \
--volume=/var/lib/sss/mc/:/var/lib/sss/mc/:ro \
fedora:23 getent passwd ldap_user
I basically need to have NSS and maybe even automounter, but not sure
if autofs works inside the container.
NSS will work with previous example.(tested)
You will need to install "libsss_autofs" into client container
and "automount -m" should return maps provided by sssd (not tested)
LS