Bug 881874 - Please remove /etc/request-key.d/id_resolver.conf from the installer image
Summary: Please remove /etc/request-key.d/id_resolver.conf from the installer image
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: lorax
Version: 18
Hardware: All
OS: Linux
unspecified
low
Target Milestone: ---
Assignee: Brian Lane
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-11-29 17:49 UTC by Orion Poplawski
Modified: 2013-02-04 18:46 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-02-04 18:46:44 UTC
Type: Bug


Attachments (Terms of Use)

Description Orion Poplawski 2012-11-29 17:49:09 UTC
Description of problem:

The presence of /etc/request-key.d/id_resolver.conf in the installer image prevents one from running rpc.idmapd in the %post environment.  This is because requests for idmapping are sent to request-key running in the installer environment first.

Workaround is to remove it in %pre or in %post --nochroot.

Comment 1 Martin Gracik 2012-11-30 09:50:07 UTC
And isn't the file required by something else? I'm not sure if removing it won't break anything else.

Your workaround is simple enough, and I'm reluctant to removing files, if I'm not sure how important they are.

Comment 2 Orion Poplawski 2012-11-30 20:57:08 UTC
As I understand it, the sole purpose of the file is to configure name-id mapping for nfsv4.  For this to be of any practical value the nss configuration of the installer would need to match that of the target installed system.  Your options seem to be to make use of the installed system configuration (ie in the %post chroot) or to also configure the installer environment (e.g. running authconfig + sssd in that environment) and use that.  If the former, you need to remove the request-key configuration so that it doesn't intercept the kernel up calls.

The workaround is fairly simple, but it took me a long time to figure out what the issue was and why my previous configuration (running rpc.idmapd in %post) no longer worked.

Certainly worth some thought to get it right though.

Comment 3 Fedora Admin XMLRPC Client 2013-02-04 15:04:42 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Comment 4 Brian Lane 2013-02-04 18:46:44 UTC
I'd rather not depend on behavior requiring removal of config files. We're trying to keep the environment as close to normal as possible and in general the file removal actions are there to save space.


Note You need to log in before you can comment on or make changes to this bug.