# IPA platform abstraction The ``ipaplatform`` package provides an abstraction layer for supported Linux distributions and flavors. The package contains constants, paths to commands and config files, services, and tasks. * **base** abstract base platform * **debian** Debian- and Ubuntu-like * **redhat** abstract base for Red Hat platforms * **fedora** Fedora * **fedora_container** freeipa-container on Fedora * **rhel** RHEL and CentOS * **rhel_container** freeipa-container on RHEL and CentOS * **suse** OpenSUSE and SLES ``` [base] ├─ debian ├─[redhat] │ ├─ fedora │ │ └─ fedora_container │ └─ rhel │ └─ rhel_container └─ suse ``` (Note: Debian and SUSE use some definitions from Red Hat namespace.) ## freeipa-container platform The **fedora_container** and **rhel_container** platforms are flavors of the **fedora** and **rhel** platforms. These platform definitions are specifically designed for [freeipa-container](https://github.com/freeipa/freeipa-container). The FreeIPA server container implements a read-only container. Paths like ``/etc``, ``/usr``, and ``/var`` are mounted read-only and cannot be modified. The image uses symlinks to store all variable data like config files and LDAP database in ``/data``. * Some commands don't write through dangling symlinks. The IPA platforms for containers prefix some paths with ``/data``. * ``ipa-server-upgrade`` verifies that the platform does not change between versions. To allow upgrades of old containers, sysupgrade maps ``$distro_container`` to ``$distro`` platform. * The container images come with authselect pre-configured with ``sssd with-sudo`` option. The tasks ``modify_nsswitch_pam_stack`` and ``migrate_auth_configuration`` are no-ops. ``ipa-restore`` does not restore authselect settings. ``ipa-backup`` still stores authselect settings in backup data. * The ``--mkhomedir`` option is not supported.