mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
86acb96e38
Removes authselect requirement for Suse Use Suse 'pam-config' to configure PAM Configures nsswitch.conf Removes domainname service since it does not exist on Suse Fixes: https://pagure.io/freeipa/issue/9174 Signed-off-by: Matthew Davis github@virtual.drop.net Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> |
||
---|---|---|
.. | ||
base | ||
debian | ||
fedora | ||
fedora_container | ||
redhat | ||
rhel | ||
rhel_container | ||
suse | ||
__init__.py | ||
_importhook.py | ||
constants.py | ||
Makefile.am | ||
osinfo.py | ||
override.py.in | ||
paths.py | ||
README.md | ||
services.py | ||
setup.cfg | ||
setup.py | ||
tasks.py |
IPA platform abstraction
The ipaplatform
package provides an abstraction layer for
supported Linux distributions and flavors. The package contains
constants, paths to commands and config files, services, and tasks.
- base abstract base platform
- debian Debian- and Ubuntu-like
- redhat abstract base for Red Hat platforms
- fedora Fedora
- fedora_container freeipa-container on Fedora
- rhel RHEL and CentOS
- rhel_container freeipa-container on RHEL and CentOS
- suse OpenSUSE and SLES
[base]
├─ debian
├─[redhat]
│ ├─ fedora
│ │ └─ fedora_container
│ └─ rhel
│ └─ rhel_container
└─ suse
(Note: Debian and SUSE use some definitions from Red Hat namespace.)
freeipa-container platform
The fedora_container and rhel_container platforms are flavors
of the fedora and rhel platforms. These platform definitions
are specifically designed for
freeipa-container.
The FreeIPA server container implements a read-only container. Paths
like /etc
, /usr
, and /var
are mounted read-only and cannot
be modified. The image uses symlinks to store all variable data like
config files and LDAP database in /data
.
- Some commands don't write through dangling symlinks. The IPA
platforms for containers prefix some paths with
/data
. ipa-server-upgrade
verifies that the platform does not change between versions. To allow upgrades of old containers, sysupgrade maps$distro_container
to$distro
platform.- The container images come with authselect pre-configured with
sssd with-sudo
option. The tasksmodify_nsswitch_pam_stack
andmigrate_auth_configuration
are no-ops.ipa-restore
does not restore authselect settings.ipa-backup
still stores authselect settings in backup data. - The
--mkhomedir
option is not supported.