Description of problem: When run with --enablesssdauth --enablesssd --update, authconfig doesn't add sss to passwd, shadow or group entries in /nsswitch/conf Version-Release number of selected component (if applicable): $ rpm -q authconfig authconfig-6.2.6-4.fc20.x86_64 Steps to Reproduce: $ grep ^passwd: /etc/nsswitch.conf passwd: files $ sudo authconfig --enablesssdauth --enablesssd --update Actual results: $ grep ^passwd: /etc/nsswitch.conf passwd: files Expected results: $ grep ^passwd: /etc/nsswitch.conf passwd: files sss
Does 'authconfig --enablesssdauth --enablesssd --updateall' help? Can you provide a reproduceable testcase? I cannot reproduce the problem. If you can reproduce the problem, can you please attach 'authconfig --test' output from before and after the command is run?
Yes, with --updateall the files are written. Is this required? (The FreeIPA installer only runs with --update, does it need to use --updateall.) To test: - Remove "sss" from passwd, group, shadow entries in /etc/nsswitch.conf - run `authconfig --enablesssdauth --enablesssd --update` as root
This is fairly artificial test case. With --update authconfig touches only files that it 'detects' as being affected by configuration changes. By editing /etc/nsswitch.conf but keeping the original contents of /etc/sysconfig/authconfig, you're getting "on your own" in regards to this. Does this problem happen to you in some real world scenario?
Yes, using templates in my team's lab. I'm not sure how they end up in this state, and author of the kickstarts is on vacation until Wednesday. I'll ask him when he gets back.
Created attachment 924633 [details] /etc/sysconfig/authconfig
Created attachment 924634 [details] /etc/nsswitch.conf
So I do not understand what is the problem here. The nsswitch.conf you attached is actually containing the sss in the various entries. Can you describe in detail what does the testcase really do?
Okay, this is most likely some glitch in the template generation that left /etc/nsswitch.conf and /etc/sysconfig/authconfig out of sync for me (but not the other Petr). Not a bug in authconfig. Thanks for your patience, and sorry for the noise.