Warning
This is a design page. It was used to design and discuss the initial implementation of the change. However, the state of this document does not necessarily correspond to the current state of the implementation since we do not keep this document up to date with further changes and bug fixes.
Improve config validation
Related ticket(s):
…and more
Problem statement
Admins should be notified if their configuration is not valid Admins should have an option to still log in to the system if they do an error in configuration
Use cases
Fallback config
With responders, we can use defaults, they are usually paranoid enough
With domains, we probably can only fall back to last known good (except local domain)
Could we start only responders so that if cached data is available, the responders can be used?
Last known good (First known good)
For domains
Use-case: admin changes something and wants to still log in
Config merging
Deprecate “services” line
Be able to drop domain into /etc/sssd/sssd.conf.d/
Config validation
prerequisite: have a common definition of options and autogenerate the rest
Autogenerate dp_opts, man pages and configAPI sources from a common location
Look at Samba
…for that we need to use dp_opts everywhere
To do
Does ding-libs support config validation?
Overview of the solution
Describe, without going too low into technical details, what changes
need to happen in SSSD during implementation of this feature. This
section should be understood by a person with understanding of how SSSD
works internally but doesn’t have an in-depth understanding of the code.
For example, it’s fine to say that we implement a new option foo
with a default value bar
, but don’t talk about how is foo
processed internally and which structure stores the value of `foo. In
some cases (internal APIs, refactoring, …) this section might blend
with the next one.
Implementation details
A more technical extension of the previous section. Might include low-level details, such as C structures, function synopsis etc. In case of very trivial features (e.g. a new option), this section can be merged with the previous one.
Configuration changes
Does your feature involve changes to configuration, like new options or options changing values? Summarize them here. There’s no need to go into too many details, that’s what man pages are for.
How To Test
This section should explain to a person with admin-level of SSSD understanding how this change affects run time behaviour of SSSD and how can an SSSD user test this change. If the feature is internal-only, please list what areas of SSSD are affected so that testers know where to focus.