Package: sssd Version: 1.16.3-3.2 Severity: normal Tags: patch The service file for sssd seems to be the upstream one, but on Debian it has some minor issues:
1. PIDFile is set to /var/run/sssd.pid via PIDFile=@pidpath@/sssd.pid during the build, but systemd-analyze complains /lib/systemd/system/sssd.service:13: PIDFile= references a path below legacy directory /var/run/, updating /var/run/sssd.pid → /run/sssd.pid; please update the unit file accordingly. The path is automatically updated, but it does produce unnecessary logspam. The configure script seems to have an option --with-pid-path to change this. 2. The EnvironmentFile is set to -/etc/default/sssd, but said file says that it is only used for /etc/init.d/sssd and its DAEMON_OPTS, that are thankfully unused in the service file, would daemonize sssd in contradiction to the explicit foreground option in ExecStart and also use the deprecated --debug-to-files option (via its shorthand -f). It would be best to just remove the line, although this would need to be done in all sssd service files. 3. The DEBUG_LOGGER environment variable should be unnecessary, when all sssd services are socket activated, and --logger could be set on the ExecStart line, making the configuration clearer. Attached is how the sssd.service file could look. I do understand, though, that all the service files for the socket activated mode of service would need to be changed as well. I would do the busy work if needed. -- System Information: Debian Release: 10.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.4.0-0.bpo.2-amd64 (SMP w/6 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages sssd depends on: ii python3-sss 1.16.3-3.2 ii sssd-ad 1.16.3-3.2 ii sssd-common 1.16.3-3.2 ii sssd-ipa 1.16.3-3.2 ii sssd-krb5 1.16.3-3.2 ii sssd-ldap 1.16.3-3.2 ii sssd-proxy 1.16.3-3.2 sssd recommends no packages. sssd suggests no packages. -- no debconf information
[Unit] Description=System Security Services Daemon # SSSD must be running before we permit user sessions Before=systemd-user-sessions.service nss-user-lookup.target Wants=nss-user-lookup.target [Service] ExecStart=/usr/sbin/sssd -i --logger=files Type=notify NotifyAccess=main PIDFile=/run/sssd.pid [Install] WantedBy=multi-user.target
