I've been trying to get fc13 authconfig to reproduce my existing working config which it configured when the system was running fc11. I'm doing this as a prelude to adding sssd to try and fix ldap boot delay problems. However, if I use the same authconfig options as I used back when the system ran f11, but with the new sssd disable options, I end up with a system with sssd enabled (and not working)... # rpm -q authconfig authconfig-6.1.4-2.fc13.x86_64 # authconfig --savebackup=pre_sssd # authconfig --update \ --enablekrb5 --enablekrb5realmdns --enablekrb5kdcdns \ --enableldap --ldapbasedn=dc=edesix,dc=com \ --disablesssd --disablesssdauth # authconfig --savebackup=no_sssd # # Authentication is now broken. # authconfig --restorebackup=pre_sssd # diff /var/lib/authconfig/backup-{pre,no}_sssd/password-auth-ac 7c7 < auth sufficient pam_krb5.so use_first_pass --- > auth sufficient pam_sss.so use_first_pass 13c13 < account [default=bad success=ok user_unknown=ignore] pam_krb5.so --- > account [default=bad success=ok user_unknown=ignore] pam_sss.so 18d17 < password sufficient pam_krb5.so use_authtok 25c24 < session optional pam_krb5.so --- > session optional pam_sss.so # # The diff of system-auth-ac is the same. # diff /var/lib/authconfig/backup-{pre,no}_sssd/nsswitch.conf 33,35c33,35 < passwd: files ldap < shadow: files ldap < group: files ldap --- > passwd: files sss > shadow: files sss > group: files sss I'm getting the feeling that I'm missing something obvious here. I wouldn't expect to see pam_sss being used when I specified --disablesssdauth and I wouldn't expect to see sss in nsswitch.conf when I specifed --disablesssd. A secondary issue is why the sssd enabled configuration doesn't work, but I need to be confident that authconfig is doing what I ask it before I worry about that (in particular I want to try enabling sssd for nss, but not pam).
*** This bug has been marked as a duplicate of bug 605857 ***