mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
fe3c6657ec
Those config files are valuable for debugging issues relate to DNS resolvers. Related to https://pagure.io/freeipa/issue/8703 Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
IPA platform abstraction
The ipaplatform package provides an abstraction layer for
supported Linux distributions and flavors. The package contains
constants, paths to commands and config files, services, and tasks.
- base abstract base platform
- debian Debian- and Ubuntu-like
- redhat abstract base for Red Hat platforms
- fedora Fedora
- fedora_container freeipa-container on Fedora
- rhel RHEL and CentOS
- rhel_container freeipa-container on RHEL and CentOS
- suse OpenSUSE and SLES
[base]
├─ debian
├─[redhat]
│ ├─ fedora
│ │ └─ fedora_container
│ └─ rhel
│ └─ rhel_container
└─ suse
(Note: Debian and SUSE use some definitions from Red Hat namespace.)
freeipa-container platform
The fedora_container and rhel_container platforms are flavors
of the fedora and rhel platforms. These platform definitions
are specifically designed for
freeipa-container.
The FreeIPA server container implements a read-only container. Paths
like /etc, /usr, and /var are mounted read-only and cannot
be modified. The image uses symlinks to store all variable data like
config files and LDAP database in /data.
- Some commands don't write through dangling symlinks. The IPA
platforms for containers prefix some paths with
/data. ipa-server-upgradeverifies that the platform does not change between versions. To allow upgrades of old containers, sysupgrade maps$distro_containerto$distroplatform.- The container images come with authselect pre-configured with
sssd with-sudooption. The tasksmodify_nsswitch_pam_stackandmigrate_auth_configurationare no-ops.ipa-restoredoes not restore authselect settings.ipa-backupstill stores authselect settings in backup data. - The
--mkhomediroption is not supported.