Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2022:4575
Verified. Version :: rhel-system-roles-1.16.2-1.el9_0.2.noarch Results :: # cat /tmp/test.yml --- - name: Run tlog-SSSD configuration tests hosts: all tasks: - name: Run role with tlog_scope_sssd all import_role: name: rhel-system-roles.tlog vars: tlog_scope_sssd: all # find /etc/sssd /etc/sssd /etc/sssd/conf.d /etc/sssd/pki # grep "^passwd" /etc/nsswitch.conf passwd: files sss systemd [root@rhel9 ~]# ansible-playbook -i 127.0.0.1, /tmp/test.yml PLAY [Run tlog-SSSD configuration tests] ************************************************************** TASK [Gathering Facts] ******************************************************************************** The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. ED25519 key fingerprint is SHA256:wZEjHkmbrPV5GVH6DfQWIRtXDz/mYnEpNcJknwCfnpg. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes ok: [127.0.0.1] TASK [rhel-system-roles.tlog : Set platform/version specific variables] ******************************* ok: [127.0.0.1] => (item=RedHat.yml) ok: [127.0.0.1] => (item=RedHat.yml) skipping: [127.0.0.1] => (item=RedHat_9.yml) skipping: [127.0.0.1] => (item=RedHat_9.0.yml) TASK [rhel-system-roles.tlog : install session recording packages] ************************************ changed: [127.0.0.1] TASK [rhel-system-roles.tlog : get the rpm package facts] ********************************************* ok: [127.0.0.1] TASK [rhel-system-roles.tlog : install cockpit session recording] ************************************* skipping: [127.0.0.1] TASK [rhel-system-roles.tlog : configure basic sssd] ************************************************** changed: [127.0.0.1] => (item={'key': 'enable_files_domain', 'value': 'true'}) changed: [127.0.0.1] => (item={'key': 'services', 'value': 'nss'}) TASK [rhel-system-roles.tlog : configure sssd session recording config] ******************************* changed: [127.0.0.1] TASK [rhel-system-roles.tlog : Check with-files-domain feature exists] ******************************** ok: [127.0.0.1] TASK [rhel-system-roles.tlog : Check if files domain is currently enabled] **************************** ok: [127.0.0.1] TASK [rhel-system-roles.tlog : update nsswitch] ******************************************************* changed: [127.0.0.1] TASK [rhel-system-roles.tlog : configure tlog rec session] ******************************************** changed: [127.0.0.1] RUNNING HANDLER [rhel-system-roles.tlog : tlog_handler restart sssd] ********************************** changed: [127.0.0.1] PLAY RECAP ******************************************************************************************** 127.0.0.1 : ok=11 changed=6 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 [root@rhel9 ~]# cat /etc/sssd/conf.d/sssd-session-recording.conf # # Ansible managed # [session_recording] scope=all users= groups= exclude_users= exclude_groups= [root@rhel9 ~]# cat /etc/sssd/sssd.conf [sssd] enable_files_domain = true services = nss [root@rhel9 ~]# grep "^passwd" /etc/nsswitch.conf passwd: sss files systemd