Description of problem: Attempting to configure hesiod to use RHEL8 in the VDO groups lab environment is not resulting in a functional configuration. I have a configuration that has been established and has worked for many years at this point. I was able to test a few configurations RHEL8 (1), Fedora Rawhide (2), and then RHEL8 with the Fedora 29 Everything repository configured (3). Configurations 2 and 3 work (though you don't end up with the 'hesinfo' utility, the 'id' command is able to return a user that is provided via hesiod). Version-Release number of selected component (if applicable): hesiod-3.2.1-11.el8 How reproducible: 100% Steps to Reproduce: 1. Build a RHEL8 machine 2. Install Hesiod 3. Configure Hesiod via /etc/hesiod.conf and /etc/nsswitch.conf 4. Try to run 'id <user>' where <user> is present only in the hesiod database. Actual results: id: ‘<user>’: no such user Expected results: uid=#(<user>) gid=##(<group>) groups=##(<group>) Additional info: It appears that the version of hesiod provided here is the same as RHEL7, so it isn't immediately clear why it works on RHEL7 but not RHEL8.
I'm not sure how the structure of this works entirely, so let's move this around a bit. Assigning to coreutils because that's who owns `id` with the expectation that it will be reassigned from there. I will of course stay on CC.
Please paste the output of the following command: $ getent passwd awalsh
Output of the 'getent passwd <user>' is empty with an exit status of 2. I did an strace on my getent passwd call, and it seems to be looking for libnss_hesiod.so.2 (provided in Fedora 29+ by the nss_hesiod package), and not libhesiod.so.0 (provided in RHEL8, FC28, by the hesiod package). That output will be attached in a txt file.
Created attachment 1507478 [details] strace output for strace command
The file list from the hesiod-3.2.1-11.el8 package: # rpm -ql hesiod /usr/bin/hesinfo /usr/lib/.build-id /usr/lib/.build-id/2c /usr/lib/.build-id/2c/f165d829212d355d9e70264fd4c6c637b642c3 /usr/lib/.build-id/7d /usr/lib/.build-id/7d/550a1ae17936addb04f0d21ef28af6a94fef4f /usr/lib64/libhesiod.so.0 /usr/lib64/libhesiod.so.0.0.0 /usr/share/doc/hesiod /usr/share/doc/hesiod/NEWS /usr/share/doc/hesiod/README /usr/share/licenses/hesiod /usr/share/licenses/hesiod/COPYING /usr/share/man/man1/hesinfo.1.gz /usr/share/man/man5/hesiod.conf.5.gz The file list from the libnss_hesiod-2.28-17.fc29 package: # rpm -ql nss_hesiod /lib64/libnss_hesiod-2.28.so /lib64/libnss_hesiod.so.2 /usr/lib/.build-id /usr/lib/.build-id/4e/8d6a1eaab85ea0dbd6af32631ac10f3386e25d /usr/share/doc/nss_hesiod /usr/share/doc/nss_hesiod/README.hesiod
(In reply to Andy Walsh from comment #11) > Created attachment 1507478 [details] > strace output for strace command The strace output is for some reason line-wrapped, which makes it difficult to read by humans. If I looked correctly, all attempts to open libnss_hesiod.so.2 failed with ENOENT. So do you have the nss_hesiod package installed on the RHEL-8 machine?
Also the output of the following command on both the systems would be useful: $ grep -v '^#' /etc/nsswitch.conf | grep passwd
I will re-upload the strace output. I had a narrow terminal that I copied out of.. apologies. No, the nss_hesiod package is not available in RHEL8 repositories. In configuration 3, I disabled all repositories and pointed the RHEL8 system at the Fedora29 repository directly instead to get nss_hesiod installed (which resulted in a functional hesiod installation). Configuration 1 /etc/nsswitch.conf: # grep '^passwd' /etc/nsswitch.conf passwd: sss hesiod files systemd Configuration 2 /etc/nsswitch.conf: # grep '^passwd' /etc/nsswitch.conf passwd: sss hesiod files systemd Configuration 3 /etc/nsswitch.conf: # grep '^passwd' /etc/nsswitch.conf passwd: sss hesiod files systemd
Created attachment 1507689 [details] strace output for strace command
We purposefully did not include nss_hesiod in BaseOS nor AppStream because it is an obsolete, insecure protocol. The hesiod component is only included because of Application Compatibility Guide requirements, and its implementation is completely separate from glibc.
RHEL-8.0 Beta Release Notes showing removed 'hesiod': https://doc-stage.usersys.redhat.com/documentation/en-us/red_hat_enterprise_linux/8-beta/html-single/8.0_beta_release_notes/#removed_packages RHEL-7.5 Release Notes showing 'hesiod' as deprecated with "no replacement": https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.5_release_notes/chap-red_hat_enterprise_linux-7.5_release_notes-deprecated_functionality I think this bug can be closed as NOTABUG. Maybe User Error due to not reading the manual. Sorry for the noise.