Do not attempt to create $localstatedir and $sysconfdir (i.e., /var and /etc)
upon "make install".

diff --git a/Makefile.am b/Makefile.am
index e780e8a14..afd2b0a49 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -84,7 +84,7 @@ pkgconfigdir = $(libdir)/pkgconfig
 krb5rcachedir = @krb5rcachedir@
 sudolibdir = @sudolibpath@
 polkitdir = @polkitdir@
-pamconfdir = $(sysconfdir)/pam.d
+pamconfdir = $(prefix)/etc/pam.d
 systemtap_tapdir = @tapset_dir@
 sssdkcmdatadir = $(datadir)/sssd-kcm
 deskprofilepath = $(sss_statedir)/deskprofile
@@ -5378,7 +5378,6 @@ installsssddirs::
     $(DESTDIR)$(bindir) \
     $(DESTDIR)$(sbindir) \
     $(DESTDIR)$(mandir) \
-    $(DESTDIR)$(pidpath) \
     $(DESTDIR)$(pluginpath) \
     $(DESTDIR)$(libdir)/ldb \
     $(DESTDIR)$(dbuspolicydir) \
@@ -5388,24 +5387,12 @@ installsssddirs::
     $(DESTDIR)$(sssddatadir) \
     $(DESTDIR)$(sudolibdir) \
     $(DESTDIR)$(autofslibdir) \
-    $(DESTDIR)$(pipepath)/private \
     $(DESTDIR)$(krb5snippetsdir) \
-    $(SSSD_USER_DIRS) \
     $(NULL);
 if SSSD_USER
 	-chown $(SSSD_USER):$(SSSD_USER) $(SSSD_USER_DIRS)
 	-chown $(SSSD_USER) $(DESTDIR)$(pipepath)/private
 endif
-	$(INSTALL) -d -m 0700 $(DESTDIR)$(dbpath) $(DESTDIR)$(logpath) \
-	    $(DESTDIR)$(keytabdir) \
-	    $(NULL)
-	$(INSTALL) -d -m 0750 $(DESTDIR)$(pipepath)/private
-	$(INSTALL) -d -m 0755 $(DESTDIR)$(mcpath) $(DESTDIR)$(pipepath) \
-            $(DESTDIR)$(pubconfpath) \
-            $(DESTDIR)$(pubconfpath)/krb5.include.d $(DESTDIR)$(gpocachepath)
-	$(INSTALL) -d -m 0711 $(DESTDIR)$(sssdconfdir) \
-                          $(DESTDIR)$(sssdconfdir)/conf.d \
-                          $(DESTDIR)$(sssdconfdir)/pki
 
 if HAVE_DOXYGEN
 docs:
@@ -5523,7 +5510,6 @@ if BUILD_SAMBA
 endif
 if BUILD_KCM
 	$(MKDIR_P) $(DESTDIR)/$(sssdkcmdatadir)
-	$(MKDIR_P) $(DESTDIR)$(secdbpath)
 endif
 
 uninstall-hook:
='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=bc9b77f0b042bc42bc97df44c00bc45bfe5e004f'>root</a>/<a href='/guix/log/tests?id=bc9b77f0b042bc42bc97df44c00bc45bfe5e004f'>tests</a>/<a href='/guix/log/tests/cve.scm?id=bc9b77f0b042bc42bc97df44c00bc45bfe5e004f'>cve.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/tests/cve.scm?id=bc9b77f0b042bc42bc97df44c00bc45bfe5e004f&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2019-10-23 16:40:17 +0200'>2019-10-23</span></td><td><a href='/guix/commit/tests/cve.scm?id=74afaa37d5dec1a9d1b83951529ba69d8947fb07'>cve: Rewrite to read the JSON feed instead of the XML feed.</a><span class='msg-avail'>...<span class='msg-tooltip'>The XML feed was discontinued on Oct. 16th, 2019:

  &lt;https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3&gt;

* guix/cve.scm (string-&gt;date*): New procedure.
(&lt;cve-item&gt;, &lt;cve&gt;, &lt;cve-reference&gt;): New record types.
(cpe-match-&gt;cve-configuration, configuration-data-&gt;cve-configurations)
(json-&gt;cve-items, version-matches?): New procedures.
(yearly-feed-uri): Change URL to refer to JSON feed.
(cpe-&gt;product-alist, %parse-vulnerability-feed)
(xml-&gt;vulnerabilities): Remove.
(cve-configuration-&gt;package-list, merge-package-lists)
(cve-item-&gt;vulnerability, json-&gt;vulnerabilities): New procedures.
(write-cache): Use 'json-&gt;vulnerabilities' instead of
'xml-&gt;vulnerabilities', and remove 'parameterize'.
(vulnerabilities-&gt;lookup-proc): Use 'version-matches?' when VERSION is
true.
* tests/cve.scm (%sample): Use 'tests/cve-sample.json'.
(%expected-vulnerabilities): Rewrite accordingly.
("json-&gt;cve-items", "cve-item-published-date")
("json-&gt;vulnerabilities"): New tests.
("xml-&gt;vulnerabilities"): Remove.
("vulnerabilities-&gt;lookup-proc"): Adjust to new vulnerabilities.
* tests/cve-sample.json: New file.
* tests/cve-sample.xml: Remove.
* Makefile.am (EXTRA_DIST): Adjust accordingly.
* doc/guix.texi (Invoking guix lint): Update nist.gov URLs.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2019-10-20 23:26:50 +0200'>2019-10-20</span></td><td><a href='/guix/commit/tests/cve.scm?id=79c03e55e26d88c8d327daced02367abe7f17f91'>tests: Avoid now-deprecated 'make-struct'.</a><span class='msg-avail'>...<span class='msg-tooltip'>* tests/cve.scm (vulnerability): Use 'make-struct/no-tail' instead of
'make-struct', which is deprecated.
* tests/lint.scm ("cve: one vulnerability")
("cve: one patched vulnerability")
("cve: known safe from vulnerability")
("cve: vulnerability fixed in replacement version")
("cve: patched vulnerability in replacement"): Likewise.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2016-05-28 01:07:12 +0200'>2016-05-28</span></td><td><a href='/guix/commit/tests/cve.scm?id=870bf71eb0983f0f7f7221434db3ff5f785b3b2c'>cve: Use a more compact format for the list of package/versions.</a><span class='msg-avail'>...<span class='msg-tooltip'>On a warm cache, "guix lint -c cve vorbis-tools" goes down
from 6.5s to 2.4s.

* guix/cve.scm (cpe-&gt;package-name): Change to return two values instead
of a pair.
(cpe-&gt;product-alist): New procedure.
(%parse-vulnerability-feed): Use it instead of 'filter-map'.
(fetch-vulnerabilities): Bump sexp format version to 1.
(vulnerabilities-&gt;lookup-proc): Adjust accordingly.  When #:version is
omitted, return a list of vulnerabilities instead of a list of
version/vulnerability pairs.
* tests/cve.scm (%expected-vulnerabilities)
("vulnerabilities-&gt;lookup-proc): Adjust accordingly.
</span></span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Expand)	Author
2019-10-23	cve: Rewrite to read the JSON feed instead of the XML feed....The XML feed was discontinued on Oct. 16th, 2019: <https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement-Phase-3> * guix/cve.scm (string->date): New procedure. (<cve-item>, <cve>, <cve-reference>): New record types. (cpe-match->cve-configuration, configuration-data->cve-configurations) (json->cve-items, version-matches?): New procedures. (yearly-feed-uri): Change URL to refer to JSON feed. (cpe->product-alist, %parse-vulnerability-feed) (xml->vulnerabilities): Remove. (cve-configuration->package-list, merge-package-lists) (cve-item->vulnerability, json->vulnerabilities): New procedures. (write-cache): Use 'json->vulnerabilities' instead of 'xml->vulnerabilities', and remove 'parameterize'. (vulnerabilities->lookup-proc): Use 'version-matches?' when VERSION is true. tests/cve.scm (%sample): Use 'tests/cve-sample.json'. (%expected-vulnerabilities): Rewrite accordingly. ("json->cve-items", "cve-item-published-date") ("json->vulnerabilities"): New tests. ("xml->vulnerabilities"): Remove. ("vulnerabilities->lookup-proc"): Adjust to new vulnerabilities. * tests/cve-sample.json: New file. * tests/cve-sample.xml: Remove. * Makefile.am (EXTRA_DIST): Adjust accordingly. * doc/guix.texi (Invoking guix lint): Update nist.gov URLs.	Ludovic Courtès
2019-10-20	tests: Avoid now-deprecated 'make-struct'....* tests/cve.scm (vulnerability): Use 'make-struct/no-tail' instead of 'make-struct', which is deprecated. * tests/lint.scm ("cve: one vulnerability") ("cve: one patched vulnerability") ("cve: known safe from vulnerability") ("cve: vulnerability fixed in replacement version") ("cve: patched vulnerability in replacement"): Likewise.	Ludovic Courtès
2016-05-28	cve: Use a more compact format for the list of package/versions....On a warm cache, "guix lint -c cve vorbis-tools" goes down from 6.5s to 2.4s. * guix/cve.scm (cpe->package-name): Change to return two values instead of a pair. (cpe->product-alist): New procedure. (%parse-vulnerability-feed): Use it instead of 'filter-map'. (fetch-vulnerabilities): Bump sexp format version to 1. (vulnerabilities->lookup-proc): Adjust accordingly. When #:version is omitted, return a list of vulnerabilities instead of a list of version/vulnerability pairs. * tests/cve.scm (%expected-vulnerabilities) ("vulnerabilities->lookup-proc): Adjust accordingly.	Ludovic Courtès