Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

realmd: init #181145

Closed
wants to merge 2 commits into from
Closed

realmd: init #181145

wants to merge 2 commits into from

Conversation

SohamG
Copy link
Contributor

@SohamG SohamG commented Jul 11, 2022
edited
Loading

Description of changes

Fix #180043

Status Update 24 Nov 2023: See this comment

Things done

  • Add realmd package.
  • Add necessary nixos module.

Pending changes:

  • Enable polkit and sssd as a part of our enable option.
  • Fix config file paths (perhaps use /run/current-system)
  • More testing
  • Built on platform(s)
    • x86_64-linux

@github-actions github-actions bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Jul 11, 2022
@ofborg ofborg bot added 8.has: package (new) This PR adds a new package 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 10.rebuild-linux: 1 and removed 10.rebuild-linux: 1 labels Jul 11, 2022
@SohamG SohamG force-pushed the pkg/realmd branch 3 times, most recently from 8b4a6dc to c18625a Compare July 11, 2022 21:11
@ofborg ofborg bot added the 2.status: merge conflict This PR has merge conflicts with the target branch label Jul 11, 2022
@brakenium
Copy link

I'm thinking about installing NixOS on my new laptop that is on order and would like to join it to my MS Active Directory domain. Is there anything I can do to help test this? Do you have a Nix config I could use to test this in a VM (QEMU/KVM)? Do I need to download your complete fork? It takes really long to do that. I'm new to Nix so I might not be the best person to help test, but I'm willing to learn

@SohamG
Copy link
Contributor Author

SohamG commented Nov 24, 2023 via email
edited
Loading

@SohamG
Copy link
Contributor Author

SohamG commented Nov 25, 2023

Testing notes (Thanksgiving edition):

  • I could swear the realmd package would build properly, but I guess not? (its the same hashes!) Added one line fix to preConfigure to get it to build.

  • Discovery: Realmd throws a fit if you dont have polkit installed which means anything that doesnt have a GUI. No ones fixed this yet.. Need to make the nixos module enable polkit as well.

  • The realmd config has broken paths (apparently?) due to double substitution of some kind (from normal linux paths to nix store paths). Will need to fix this.

Hopefully I can work more on this tomorrow. (I will gladly accept help!)

@brakenium
Copy link

Currently I'm doing some testing on my desktop in a VM. My laptop won't be here until January. I am trying to get a suitable NixOS config setup before it arrives and would like it to be domain joined. Later I remembered I can just curl the repo's zip file. I should be able to test it out if you can get me an example config (assuming you're testing with AD as well)

@SohamG
Copy link
Contributor Author

SohamG commented Nov 25, 2023 via email

@brakenium
Copy link

Sounds good. Please let me know when this is ready to test

@anthonyroussel
Copy link
Member

anthonyroussel commented Nov 25, 2023
edited
Loading

Unfortunately the realm join command fails with /usr/bin/authselect tool not found (which is a Redhat-only tool).

machine # [   13.565952] realmd[769]:  * /nix/store/lf0wpjrj8yx4gsmw2s3xfl58ixmqk8qa-bash-5.2-p15/bin/bash -c /usr/bin/authselect select sssd with-mkhomedir --force && /nix/store/vapnrxrw3b21c7ji61bmnbzl2cj1vl96-systemd-254.3/bin/systemctl enable oddjobd.service && /nix/store/vapnrxrw3b21c7ji61bmnbzl2cj1vl96-systemd-254.3/bin/systemctl start oddjobd.service
machine # [   13.573824] realmd[769]: process started: 934
machine # [   13.580805] realmd[769]: /nix/store/lf0wpjrj8yx4gsmw2s3xfl58ixmqk8qa-bash-5.2-p15/bin/bash: line 1: /usr/bin/authselect: No such file or directory

I think we need to adapt the realmd-distro.conf configuration file for NixOS.

@SohamG
Copy link
Contributor Author

SohamG commented Nov 26, 2023

Unfortunately the realm join command fails with /usr/bin/authselect tool not found (which is a Redhat-only tool).

machine # [   13.565952] realmd[769]:  * /nix/store/lf0wpjrj8yx4gsmw2s3xfl58ixmqk8qa-bash-5.2-p15/bin/bash -c /usr/bin/authselect select sssd with-mkhomedir --force && /nix/store/vapnrxrw3b21c7ji61bmnbzl2cj1vl96-systemd-254.3/bin/systemctl enable oddjobd.service && /nix/store/vapnrxrw3b21c7ji61bmnbzl2cj1vl96-systemd-254.3/bin/systemctl start oddjobd.service
machine # [   13.573824] realmd[769]: process started: 934
machine # [   13.580805] realmd[769]: /nix/store/lf0wpjrj8yx4gsmw2s3xfl58ixmqk8qa-bash-5.2-p15/bin/bash: line 1: /usr/bin/authselect: No such file or directory

I think we need to adapt the realmd-distro.conf configuration file for NixOS.

Yes, working on this exactly right now. Will onboard the other suggestions too (including the INI config one)

@SohamG SohamG mentioned this pull request Nov 30, 2023
Merged
13 tasks
@kd2flz
Copy link

kd2flz commented Jan 20, 2024

Unfortunately the realm join command fails with /usr/bin/authselect tool not found (which is a Redhat-only tool).

machine # [   13.565952] realmd[769]:  * /nix/store/lf0wpjrj8yx4gsmw2s3xfl58ixmqk8qa-bash-5.2-p15/bin/bash -c /usr/bin/authselect select sssd with-mkhomedir --force && /nix/store/vapnrxrw3b21c7ji61bmnbzl2cj1vl96-systemd-254.3/bin/systemctl enable oddjobd.service && /nix/store/vapnrxrw3b21c7ji61bmnbzl2cj1vl96-systemd-254.3/bin/systemctl start oddjobd.service
machine # [   13.573824] realmd[769]: process started: 934
machine # [   13.580805] realmd[769]: /nix/store/lf0wpjrj8yx4gsmw2s3xfl58ixmqk8qa-bash-5.2-p15/bin/bash: line 1: /usr/bin/authselect: No such file or directory

I think we need to adapt the realmd-distro.conf configuration file for NixOS.

Yes, working on this exactly right now. Will onboard the other suggestions too (including the INI config one)

Just curious what your thoughts were for going forward with this. I think I prefer the INI config method, as it would be more reproducible.

@h7x4 h7x4 added the 8.has: module (new) This PR adds a module in `nixos/` label Jan 20, 2024
This was referenced Apr 4, 2024
Merged
Closed
Merged
@wegank wegank added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jul 4, 2024
@SohamG SohamG mentioned this pull request Oct 10, 2024
Open
5 tasks
@wegank wegank added the 2.status: merge conflict This PR has merge conflicts with the target branch label Nov 9, 2024
@stale stale bot removed the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Nov 9, 2024
@ghost ghost closed this Dec 19, 2024
@ghost ghost marked this as a duplicate of #372318 Jan 22, 2025
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anthonyroussel anthonyroussel anthonyroussel left review comments

@s1341 s1341 s1341 left review comments

@fsnkty fsnkty fsnkty left review comments

@AndersonTorres AndersonTorres AndersonTorres requested changes

Assignees

@SohamG SohamG

Labels
2.status: merge conflict This PR has merge conflicts with the target branch 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (new) This PR adds a module in `nixos/` 8.has: module (update) This PR changes an existing module in `nixos/` 8.has: package (new) This PR adds a new package 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Realmd missing from SSSD