Description of problem:
The presence of /etc/request-key.d/id_resolver.conf in the installer image prevents one from running rpc.idmapd in the %post environment. This is because requests for idmapping are sent to request-key running in the installer environment first.
Workaround is to remove it in %pre or in %post --nochroot.
And isn't the file required by something else? I'm not sure if removing it won't break anything else.
Your workaround is simple enough, and I'm reluctant to removing files, if I'm not sure how important they are.
As I understand it, the sole purpose of the file is to configure name-id mapping for nfsv4. For this to be of any practical value the nss configuration of the installer would need to match that of the target installed system. Your options seem to be to make use of the installed system configuration (ie in the %post chroot) or to also configure the installer environment (e.g. running authconfig + sssd in that environment) and use that. If the former, you need to remove the request-key configuration so that it doesn't intercept the kernel up calls.
The workaround is fairly simple, but it took me a long time to figure out what the issue was and why my previous configuration (running rpc.idmapd in %post) no longer worked.
Certainly worth some thought to get it right though.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
I'd rather not depend on behavior requiring removal of config files. We're trying to keep the environment as close to normal as possible and in general the file removal actions are there to save space.