Bug 2000936
Summary: | Enforce Authselect Configuration Consistency | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Benjamin Berg <bberg> |
Component: | authselect | Assignee: | Pavel Březina <pbrezina> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | rawhide | CC: | aboscatt, ashankar, bnocera, fweimer, jhrozek, mcatanza, pbrezina |
Target Milestone: | --- | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | authselect-1.3.0-3.fc36 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-12-13 12:25:51 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 2019052 |
Description
Benjamin Berg
2021-09-03 10:31:48 UTC
This could also replace patching of glibc confinguration files by packages. For an example, see “rpm -q --scripts systemd-libs”. The ad-hoc patching often does not take into account that the system administrator does not want to enable certain functionality: it tends to come back as the result of package upgrades. (In reply to Florian Weimer from comment #1) > This could also replace patching of glibc confinguration files by packages. > For an example, see “rpm -q --scripts systemd-libs”. Or "rpm -q --scripts nss-mdns" Is there a reason why we'd need to wait another 8 months to get a stable Fedora with that problem fixed though? Thank you for creating this tracking bug. I believe making authselect mandatory requires some bigger code and packaging changes that needs to be carefully design. From the top of my head, it should take ownership of the whole pam.d directory and not just few selected files and also own nsswitch.conf and drop support for manual nsswitch.conf edits. I do plan to submit a system wide change page for Fedora 36. Change page was accepted: https://fedoraproject.org/wiki/Changes/Make_Authselect_Mandatory FEDORA-2021-c2b61f2725 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2021-c2b61f2725 FEDORA-2021-c2b61f2725 has been pushed to the Fedora 36 stable repository. If problem still persists, please make note of it in this bug report. |