[Novalug] dynamic symbolic links

Peter Larsen peter@peterlarsen.org
Thu Apr 30 15:31:06 EDT 2015


Yeah - running ipa-client-install or ipa-server-install is for sissies :)

Btw. it's not ACLs blocking you - it's namespaces.
http://man7.org/linux/man-pages/man7/namespaces.7.html

And no - other than systemd can use it, it's not related to this debate :)

-- 
Regards
  Peter Larsen





On 04/30/2015 03:22 PM, Derek LaHousse wrote:
> So, I was setting up sssd, and I read the man page.  And then it
> directed me to sssd-ldap!  And I am using ldap, so I had to learn how
> to configure ldap.  And then it directed me to sssd-krb5!  And I was
> using kerberos, so I had to learn that.  There were something like 20
> or 22 lines in the sssd.conf file I ended up writing!  Can you believe
> the fan out?  Some of the options didn't seem relevant, so I willfully
> ignored them.
>
> Well, now my system boots and puts the kerberos cache in the kernel
> keyring.  I expected it to go into a crappy file in /tmp, but instead
> the kernel is protecting it under my user id.  What's up with that!  I
> want root running everywhere to be able to read the files that should
> only belong to my user.  ACLs be damned!
>
> On Thu, Apr 30, 2015 at 3:13 PM, Bryan J Smith via Novalug
> <novalug@firemountain.net> wrote:
>> On Thu, Apr 30, 2015 at 2:54 PM, Peter Larsen via Novalug
>> <novalug@firemountain.net> wrote:
>>> There's 21 now? Wow - I need to go back - I think I've caught just about
>>> a handful of those over time. Time flies. Thanks for the reminder!
>> But why read LP himself, when you can read 3rd-hand commentary of what
>> he really meant?!  ;)
>>
>> In all seriousness, keep in mind that for 98% of "issues," most
>> systemd articles and info won't help people, because they aren't even
>> systemd related.
>>
>> As I said, the anti-systemd crowd has "won," at least for the time being.
>>
>> -- bjs
>> **********************************************************************
>> The Novalug mailing list is hosted by firemountain.net.
>>
>> To unsubscribe or change delivery options:
>> http://www.firemountain.net/mailman/listinfo/novalug





More information about the Novalug mailing list