Bug 1124868 - sss is not added to /etc/nsswitch conf with --enablesssdauth --enablesssd
Summary: sss is not added to /etc/nsswitch conf with --enablesssdauth --enablesssd
Alias: None
Product: Fedora
Classification: Fedora
Component: authconfig
Version: rawhide
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2014-07-30 13:51 UTC by Petr Viktorin
Modified: 2014-08-13 16:01 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2014-08-13 16:01:17 UTC

Attachments (Terms of Use)
/etc/sysconfig/authconfig (426 bytes, text/plain)
2014-08-06 22:19 UTC, Petr Spacek
no flags Details
/etc/nsswitch.conf (1.67 KB, text/plain)
2014-08-06 22:19 UTC, Petr Spacek
no flags Details

Description Petr Viktorin 2014-07-30 13:51:29 UTC
Description of problem:

When run with --enablesssdauth --enablesssd --update, authconfig doesn't add sss to passwd, shadow or group entries in /nsswitch/conf 

Version-Release number of selected component (if applicable):
$ rpm -q authconfig

Steps to Reproduce:
$ grep ^passwd: /etc/nsswitch.conf
passwd:     files
$ sudo authconfig --enablesssdauth --enablesssd --update

Actual results:

$ grep ^passwd: /etc/nsswitch.conf
passwd:     files

Expected results:

$ grep ^passwd: /etc/nsswitch.conf
passwd:     files sss

Comment 1 Tomas Mraz 2014-08-04 08:21:36 UTC
Does 'authconfig --enablesssdauth --enablesssd --updateall' help?

Can you provide a reproduceable testcase? I cannot reproduce the problem.
If you can reproduce the problem, can you please attach 'authconfig --test' output from before and after the command is run?

Comment 2 Petr Viktorin 2014-08-04 09:38:40 UTC
Yes, with --updateall the files are written. Is this required? (The FreeIPA installer only runs with --update, does it need to use --updateall.)

To test:
- Remove "sss" from passwd, group, shadow entries in /etc/nsswitch.conf 
- run `authconfig --enablesssdauth --enablesssd --update` as root

Comment 3 Tomas Mraz 2014-08-04 10:24:33 UTC
This is fairly artificial test case. With --update authconfig touches only files that it 'detects' as being affected by configuration changes. By editing /etc/nsswitch.conf but keeping the original contents of /etc/sysconfig/authconfig, you're getting "on your own" in regards to this.

Does this problem happen to you in some real world scenario?

Comment 4 Petr Viktorin 2014-08-04 14:10:44 UTC
Yes, using templates in my team's lab.
I'm not sure how they end up in this state, and author of the kickstarts is on vacation until Wednesday. I'll ask him when he gets back.

Comment 7 Petr Spacek 2014-08-06 22:19:02 UTC
Created attachment 924633 [details]

Comment 8 Petr Spacek 2014-08-06 22:19:28 UTC
Created attachment 924634 [details]

Comment 10 Tomas Mraz 2014-08-07 07:17:19 UTC
So I do not understand what is the problem here. The nsswitch.conf you attached is actually containing the sss in the various entries.

Can you describe in detail what does the testcase really do?

Comment 11 Petr Viktorin 2014-08-13 16:01:17 UTC
Okay, this is most likely some glitch in the template generation that left  /etc/nsswitch.conf and  /etc/sysconfig/authconfig out of sync for me (but not the other Petr). Not a bug in authconfig.

Thanks for your patience, and sorry for the noise.

Note You need to log in before you can comment on or make changes to this bug.