[Freeipa-users] Is systemd really a requirement for freeipa 4.x?

Coy Hile coy.hile at coyhile.com
Thu Mar 26 12:18:38 UTC 2015 

Quoting Andrew Holway <andrew.holway at gmail.com>:

>>
>> When I look at the SPEC file for freeipa-4.1.3, I see requirements
>>>> around Systemd.  Is that really a hard requirement, or is it possible to
>>>> run newer FreeIPA (that is to say 4.x) on a host that hasn't been
>>>> infested by systemd
>>>
>>>
>> From an SELinux standpoint systemd is far superior to initd as it allows
> far more graceful domain transitions.
>
> Apart from the binary logging and it being a bit monolithic; I really don't
> understand the anit-systemd crowd problems. Its advantages over the now
> ancient initd seem to be obvious.

<hijack>
The binary logging is a big problem. Log to the filesystem usefully, or log to
syslog. Then one can get that data into Splunk or similar.  Aside from that,
systemd feels like the answer to the question no one asked.  It's a bit like
what Oracle has done to bastardize smf(5) in Oracle Solaris 11 over what was
there in Solaris 10 (and the former OpenSolaris, now illumos).  The S10
incarnation was awesome, even though the definition of service  
manifests in xml
makes me want to claw my eyes out. Oracle's Microsoftened embrace and extend?
Yeah, not so much....

For full disclosure here, the reason I was enquiring about support on  
CentOS 6 is
because my virtualization platform of choice is SmartOS.  For CentOS 6  
and Ubuntu
14.04, I am able to use a 'Branded zone' natively without having to  
add the KVM
hardware emulation layer in there, implying better network and IO performance.
That said, for this particular case, the KVM overhead really doesn't  
matter since
a box that's only doing LDAP and kerb really needn't be all that  
beefy.  Hell, I
could probably run an authoritative KDC for ATHENA.MIT.EDU on an rpi  
if I were so
inclined.
</hijack>

Understanding the reason behind the requirements is quite helpful, so  
thanks to all
who provided that.  I'll work with Joyent to add systemd support to  
the lx brand,
and in the meantime, I'll just deploy on KVM infrastructure and take  
the hit.  I
assume there's no good reason to deploy a net new setup using the 3.x release?

-c
-- 
Coy Hile
coy.hile at coyhile.com

More information about the Freeipa-users mailing list