[Pkg-sssd-devel] Bug#960672: sssd: Update service file

Jörg Behrmann behrmann at physik.fu-berlin.de
Fri May 15 10:43:28 BST 2020 

Package: sssd
Version: 1.16.3-3.2
Severity: normal
Tags: patch

The service file for sssd seems to be the upstream one, but on Debian it has
some minor issues:

1. PIDFile is set to /var/run/sssd.pid via PIDFile=@pidpath@/sssd.pid during the
   build, but systemd-analyze complains

   /lib/systemd/system/sssd.service:13: PIDFile= references a path below legacy directory /var/run/, updating /var/run/sssd.pid → /run/sssd.pid; please update the unit file accordingly.

   The path is automatically updated, but it does produce unnecessary logspam.

   The configure script seems to have an option --with-pid-path to change this.

2. The EnvironmentFile is set to -/etc/default/sssd, but said file says that it
   is only used for /etc/init.d/sssd and its DAEMON_OPTS, that are thankfully
   unused in the service file, would daemonize sssd in contradiction to the
   explicit foreground option in ExecStart and also use the deprecated
   --debug-to-files option (via its shorthand -f).

   It would be best to just remove the line, although this would need to be done
   in all sssd service files.

3. The DEBUG_LOGGER environment variable should be unnecessary, when all sssd
   services are socket activated, and --logger could be set on the ExecStart
   line, making the configuration clearer.

Attached is how the sssd.service file could look. I do understand, though, that
all the service files for the socket activated mode of service would need to be
changed as well. I would do the busy work if needed.

-- System Information:
Debian Release: 10.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.4.0-0.bpo.2-amd64 (SMP w/6 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sssd depends on:
ii  python3-sss  1.16.3-3.2
ii  sssd-ad      1.16.3-3.2
ii  sssd-common  1.16.3-3.2
ii  sssd-ipa     1.16.3-3.2
ii  sssd-krb5    1.16.3-3.2
ii  sssd-ldap    1.16.3-3.2
ii  sssd-proxy   1.16.3-3.2

sssd recommends no packages.

sssd suggests no packages.

-- no debconf information
-------------- next part --------------
[Unit]
Description=System Security Services Daemon
# SSSD must be running before we permit user sessions
Before=systemd-user-sessions.service nss-user-lookup.target
Wants=nss-user-lookup.target

[Service]
ExecStart=/usr/sbin/sssd -i --logger=files
Type=notify
NotifyAccess=main
PIDFile=/run/sssd.pid

[Install]
WantedBy=multi-user.target

More information about the Pkg-sssd-devel mailing list