Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2022:2138
Verified Version :: rhel-system-roles-1.16.2-1.el8_6.2.noarch Testing against RHEL8: # cat /etc/redhat-release Red Hat Enterprise Linux release 8.6 (Ootpa) # authselect current Profile ID: sssd Enabled features: None # find /etc/sssd /etc/sssd /etc/sssd/conf.d /etc/sssd/pki # ansible-playbook -i 127.0.0.1, /tmp/test.yml PLAY [Install Session Recording] ********************************************************************** TASK [Gathering Facts] ******************************************************************************** The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. ECDSA key fingerprint is SHA256:QMxS8RRI5WxGwhw0/VKQC2iP2O470haBL7U2QiKZGIg. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes ok: [127.0.0.1] TASK [rhel-system-roles.tlog : Set platform/version specific variables] ******************************* ok: [127.0.0.1] => (item=RedHat.yml) ok: [127.0.0.1] => (item=RedHat.yml) ok: [127.0.0.1] => (item=RedHat_8.yml) skipping: [127.0.0.1] => (item=RedHat_8.6.yml) TASK [rhel-system-roles.tlog : install session recording packages] ************************************ changed: [127.0.0.1] TASK [rhel-system-roles.tlog : get the rpm package facts] ********************************************* ok: [127.0.0.1] TASK [rhel-system-roles.tlog : install cockpit session recording] ************************************* skipping: [127.0.0.1] TASK [rhel-system-roles.tlog : configure basic sssd] ************************************************** skipping: [127.0.0.1] => (item={'key': 'enable_files_domain', 'value': 'true'}) skipping: [127.0.0.1] => (item={'key': 'services', 'value': 'nss'}) TASK [rhel-system-roles.tlog : configure sssd session recording config] ******************************* changed: [127.0.0.1] TASK [rhel-system-roles.tlog : Check with-files-domain feature exists] ******************************** ok: [127.0.0.1] TASK [rhel-system-roles.tlog : Check if files domain is currently enabled] **************************** ok: [127.0.0.1] TASK [rhel-system-roles.tlog : update nsswitch] ******************************************************* skipping: [127.0.0.1] TASK [rhel-system-roles.tlog : configure tlog rec session] ******************************************** changed: [127.0.0.1] RUNNING HANDLER [rhel-system-roles.tlog : tlog_handler restart sssd] ********************************** changed: [127.0.0.1] PLAY RECAP ******************************************************************************************** 127.0.0.1 : ok=9 changed=4 unreachable=0 failed=0 skipped=3 rescued=0 ignored=0 # authselect current Profile ID: sssd Enabled features: None # grep -i "^passwd:" /etc/nsswitch.conf passwd: sss files systemd # find /etc/sssd /etc/sssd /etc/sssd/conf.d /etc/sssd/conf.d/sssd-session-recording.conf /etc/sssd/pki # cat /etc/sssd/conf.d/sssd-session-recording.conf # # Ansible managed # [session_recording] scope=all users= groups= exclude_users= exclude_groups= # su - localuser8 Locale charset is ANSI_X3.4-1968 (ASCII) Assuming locale environment is lost and charset is UTF-8 ATTENTION! Your session is being recorded! # ^^ This is expected in RHEL8 ###################################### Testing with RHEL9 target # cat /etc/redhat-release Red Hat Enterprise Linux release 9.0 (Plow) # find /etc/sssd /etc/sssd /etc/sssd/conf.d /etc/sssd/pki # authselect current Profile ID: sssd Enabled features: None #### Running ansible-playbook from RHEL8 controller # ansible-playbook -i ${RHEL9_TARGET}, /tmp/test.yml PLAY [Install Session Recording] ********************************************************************** TASK [Gathering Facts] ******************************************************************************** The authenticity of host '$RHEL9_TARGET (IP_ADDR)' can't be established. ECDSA key fingerprint is SHA256:QoXClALjAywn2lhwZDHKWlBsGpD8ZGnutDu7orVobOM. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes ok: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : Set platform/version specific variables] ******************************* ok: [$RHEL9_TARGET] => (item=RedHat.yml) ok: [$RHEL9_TARGET] => (item=RedHat.yml) skipping: [$RHEL9_TARGET] => (item=RedHat_9.yml) skipping: [$RHEL9_TARGET] => (item=RedHat_9.0.yml) TASK [rhel-system-roles.tlog : install session recording packages] ************************************ changed: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : get the rpm package facts] ********************************************* ok: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : install cockpit session recording] ************************************* skipping: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : configure basic sssd] ************************************************** changed: [$RHEL9_TARGET] => (item={'key': 'enable_files_domain', 'value': 'true'}) changed: [$RHEL9_TARGET] => (item={'key': 'services', 'value': 'nss'}) TASK [rhel-system-roles.tlog : configure sssd session recording config] ******************************* changed: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : Check with-files-domain feature exists] ******************************** ok: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : Check if files domain is currently enabled] **************************** ok: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : update nsswitch] ******************************************************* changed: [$RHEL9_TARGET] TASK [rhel-system-roles.tlog : configure tlog rec session] ******************************************** changed: [$RHEL9_TARGET] RUNNING HANDLER [rhel-system-roles.tlog : tlog_handler restart sssd] ********************************** changed: [$RHEL9_TARGET] PLAY RECAP ******************************************************************************************** $RHEL9_TARGET : ok=11 changed=6 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Checking on RHEL9 system: # authselect current Profile ID: sssd Enabled features: - with-files-domain # find /etc/sssd /etc/sssd /etc/sssd/conf.d /etc/sssd/conf.d/sssd-session-recording.conf /etc/sssd/pki /etc/sssd/sssd.conf # cat /etc/sssd/sssd.conf [sssd] enable_files_domain = true services = nss # cat /etc/sssd/conf.d/sssd-session-recording.conf # # Ansible managed # [session_recording] scope=all users= groups= exclude_users= exclude_groups= # su - localuser9 Locale charset is ANSI_X3.4-1968 (ASCII) Assuming locale environment is lost and charset is UTF-8 ATTENTION! Your session is being recorded!