Bug 2019052
Summary: | Enforce Authselect Configuration Consistency | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Ben Cotton <bcotton> |
Component: | Changes Tracking | Assignee: | Pavel Březina <pbrezina> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 36 | CC: | bcotton, bgilbert, markus.falb, travier, walters |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | FailedQA | ||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2022-05-10 14:41:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2000936, 2023738, 2023741, 2023743, 2023745, 2034336, 2034360, 2039869 | ||
Bug Blocks: | 1982279 |
Description
Ben Cotton
2021-11-01 14:22:13 UTC
See https://github.com/coreos/fedora-coreos-tracker/issues/1051 We need nss-altfiles in /etc/nsswitch.conf for ostree based systems right now. This is all the same as https://github.com/authselect/authselect/issues/48 etc. Perhaps short term we can disable the script aspects of authselect. But let's avoid shipping this feature in Fedora 36 until this is working with ostree. Can you take a look at this and comment? My strawman proposal here is that rpm-ostree gains a simple way to inject this requirement. A simple implementation of this would be detecting the presence of /usr/lib64/libnss_altfiles.so.2 or perhaps a "stamp file" like /usr/lib/nss-altfiles/required ? (We can't rely on querying the rpm database due to locking issues on traditional RPM and rpm-ostree explicitly denies reading it at all to scripts) The discussion for ostree issue continues in https://bugzilla.redhat.com/show_bug.cgi?id=2034360 This bug appears to have been reported against 'rawhide' during the Fedora Linux 36 development cycle. Changing version to 36. F36 was released today. If this Change did not land in the release, please notify bcotton as soon as possible. |