Add socket_responders() method to common configuration

aborah-sudo · pbrezina · commit 32d64d995d6a · 2025-09-24T15:50:03.000+02:00
Add a method to SSSDCommonConfiguration that configures SSSD for
socket-activated responders by properly managing the services line
in sssd.conf and starting the corresponding systemd socket units
using the SystemdServices utility.
diff --git a/sssd_test_framework/utils/sssd.py b/sssd_test_framework/utils/sssd.py
@@ -1043,3 +1043,41 @@ def pam(self, features: list[str] | None = None) -> None:
 
         self.sssd.authselect.select("sssd", features)
         self.sssd.enable_responder("pam")
+
+    def socket_responders(self, responders: list[str] | None = None) -> None:
+        """
+        Configure SSSD for socket-activated responders.
+
+        Removes specified responders from the services line in sssd.conf
+        to enable socket activation, while keeping other services running
+        as traditional services.
+
+        :param responders: List of responders to enable via socket activation.
+                          If None, enables all known socket responders.
+        :type responders: list[str] | None
+        :raises RuntimeError: If starting a socket unit fails.
+        """
+        # All known SSSD responders that support socket activation
+        all_responders = ["nss", "pam", "sudo", "ssh", "pac", "autofs"]
+
+        if responders is None:
+            responders = all_responders
+
+        # Get current services list from the configuration
+        current_services = self.sssd.sssd.get("services", "")
+
+        # Parse the current services line
+        services_list = [s.strip() for s in current_services.split(",")] if current_services else []
+
+        # Remove responders that should use socket activation
+        updated_services = [s for s in services_list if s not in responders]
+
+        # Update the services line
+        # - Empty string: all responders use socket activation
+        # - Non-empty: listed services run as traditional, others use socket activation
+        self.sssd.sssd["services"] = ", ".join(updated_services) if updated_services else ""
+
+        # Ensure socket units are started using SystemdServices for proper management
+        for responder in responders:
+            socket_unit = f"sssd-{responder}.socket"
+            self.sssd.svc.start(socket_unit)
