Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 594837 - sssd not enabled
Summary: sssd not enabled
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: authconfig
Version: 6.0
Hardware: All
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: BaseOS QE - Apps
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-21 18:01 UTC by Bill Nottingham
Modified: 2014-03-17 03:23 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-05-26 07:57:00 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Bill Nottingham 2010-05-21 18:01:18 UTC
Description of problem:

With authconfig, I set up:

- LDAP accounts
- KRB auth
- Homedir creation

I'd expect sssd, being the new hotness, to be enabled. It is not.
(nslcd is.)

/etc/sysconfig/authconfig:

USEMKHOMEDIR=yes
USEPAMACCESS=no
CACHECREDENTIALS=yes
USESSSDAUTH=no
USESHADOW=yes
USEWINBIND=no
PASSWDALGORITHM=sha512
FORCELEGACY=no
USEFPRINTD=yes
FORCESMARTCARD=no
USEDB=no
USELDAPAUTH=no
USEPASSWDQC=no
USELOCAUTHORIZE=yes
USECRACKLIB=yes
USEWINBINDAUTH=no
USESMARTCARD=no
USELDAP=yes
USENIS=no
USEKERBEROS=yes
USESYSNETAUTH=no
USESMBAUTH=no
USESSSD=no
USEHESIOD=no

Version-Release number of selected component (if applicable):

nss-pam-ldapd-0.7.5-3.el6.x86_64
authconfig-6.1.4-2.el6.x86_64
sssd-1.1.92-11.el6.x86_64

How reproducible:

100%

Comment 1 RHEL Program Management 2010-05-21 18:16:51 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 2 Tomas Mraz 2010-05-24 07:49:01 UTC
And do you have sssd package installed at all?

Please yum install sssd and then retry.

Comment 3 Bill Nottingham 2010-05-24 14:54:51 UTC
I've had sssd installed the entire time.

Comment 4 Tomas Mraz 2010-05-24 15:05:21 UTC
Can you please attach output of authconfig --test ?

Comment 6 Tomas Mraz 2010-05-24 20:43:01 UTC
OK, this is quite simple - 'krb5 realm via dns is enabled' - this is not supported by sssd currently and so sssd support is switched off and nslcd+pam_krb5 is used.
Please try disabling it via GUI or with 'authconfig --disablekrb5realmdns --update'.

Comment 7 Bill Nottingham 2010-05-25 14:33:06 UTC
That did it. Oddly, sssd seemed to work OK when I manually configured it even with krb5 realm dns.

Comment 8 Tomas Mraz 2010-05-25 15:15:22 UTC
Well of course it will work OK, if you both specify the concrete realm and enable krb5 realm by DNS. We just disable it because if you do not specify the concrete realm sssd will not be able to look it up. The GUI will prevent you from entering the realm if you enable realm by DNS checkbox.

Comment 9 Tomas Mraz 2010-05-26 07:57:00 UTC
I close this as NOTABUG.


Note You need to log in before you can comment on or make changes to this bug.