Bug 975203 - Authconfig does not restart SSSD or Winbind when updating config
Summary: Authconfig does not restart SSSD or Winbind when updating config
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: authconfig
Version: 6.4
Hardware: All
OS: All
medium
medium
Target Milestone: rc
: ---
Assignee: Tomas Mraz
QA Contact: David Spurek
URL:
Whiteboard:
Depends On:
Blocks: 994246
TreeView+ depends on / blocked
 
Reported: 2013-06-17 19:50 UTC by Brian Cook
Modified: 2019-02-15 13:33 UTC (History)
7 users (show)

Fixed In Version: authconfig-6.1.12-14.el6
Doc Type: Bug Fix
Doc Text:
Cause: In some cases Authconfig was not able to properly detect whether SSSD or Winbind should be enable. Consequence: These daemons were stopped when authconfig was run although they should not be touched. Fix: Authconfig will not change the state nor restart the services if the services configuration is not changed. Result: The SSSD or Winbind is still running after authconfig --update command which does not touch any settings related to SSSD or Winbind.
Clone Of:
Environment:
Last Closed: 2014-10-14 07:44:39 UTC
Target Upstream Version:
bcook: needinfo-


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 768833 None None None Never
Red Hat Product Errata RHBA-2014:1558 normal SHIPPED_LIVE authconfig bug fix and enhancement update 2014-10-14 01:27:53 UTC

Description Brian Cook 2013-06-17 19:50:27 UTC
Description of problem:

Authconfig does not restart SSSD or Winbind when those services are running or are supposed to run at current runlevel.


Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. configure a server with winbind and / or sssd (ipa-client will configure sssd for you.  AD trusts for IdM configures winbind)
2. run authconfig e.g. $ authconfig --enablemkhomedir --update

Actual results:
authconfig will stop sssd / winbind (if they are running), update configs, but will not restart them

Expected results:
authconfig should start services it has stopped or that are necessary for auth and marked to run in the current runlevel by chkconfig

Comment 1 Tomas Mraz 2013-07-11 11:18:27 UTC
Can you please attach 'authconfig --test' output here?
I am afraid this is a regression from bug 874527 fix.

Comment 2 Taejeong Bae 2013-08-06 09:07:45 UTC
I think also this is a regression from bug 874527 fix.

When I ran authconfig after manually writing sssd.conf, authconfig do nothing. So, I should do start sssd manually. If I ran authconfig when the sssd was running, it made sssd stop. 

[root@ipa2 sssd]# service sssd status
sssd is stopped
[root@ipa2 sssd]# authconfig --enablesssd --enablesssdauth --update
[root@ipa2 sssd]# service sssd status
sssd is stopped
[root@ipa2 sssd]# service sssd start
Starting sssd:                                             [  OK  ]
[root@ipa2 sssd]# authconfig --enablesssd --enablesssdauth --update
Stopping sssd:                                             [  OK  ]
[root@ipa2 sssd]# service sssd status
sssd is stopped
[root@ipa2 sssd]# yum info authconfig 
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.tt.co.kr
 * extras: centos.tt.co.kr
 * updates: centos.tt.co.kr
Installed Packages
Name        : authconfig
Arch        : i686
Version     : 6.1.12
Release     : 13.el6
Size        : 1.8 M
Repo        : installed
From repo   : anaconda-CentOS-201303020136.i386
Summary     : Command line tool for setting up authentication from network services
URL         : https://fedorahosted.org/authconfig
License     : GPLv2+
Description : Authconfig is a command line utility which can configure a workstation
            : to use shadow (more secure) passwords.  Authconfig can also configure a
            : system to be a client for certain networked user information and
            : authentication schemes.

Comment 3 Taejeong Bae 2013-08-06 09:10:01 UTC
authconfig-6.1.12-10.el6 does't have this problem.

[root@rocks sssd]# service sssd status
sssd is stopped
[root@rocks sssd]# authconfig --enablesssd --enablesssdauth --update
Starting sssd:                                             [  OK  ]
[root@rocks sssd]# yum info authconfig
Installed Packages
Name        : authconfig
Arch        : x86_64
Version     : 6.1.12
Release     : 10.el6
Size        : 1.9 M
Repo        : installed
From repo   : Rocks-6.1
Summary     : Command line tool for setting up authentication from network services
URL         : https://fedorahosted.org/authconfig
License     : GPLv2+
Description : Authconfig is a command line utility which can configure a workstation
            : to use shadow (more secure) passwords.  Authconfig can also configure a
            : system to be a client for certain networked user information and
            : authentication schemes.

Comment 6 Ron van der Wees 2014-03-27 16:21:13 UTC
FYI, this not only stops SSSD but it also disables it for runlevel 3, 4 and 5:

# rpm -qa | grep authconfig
authconfig-6.1.12-13.el6.x86_64
# chkconfig sssd --list
sssd           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
# authconfig --enablemkhomedir --update
Stopping sssd:                                             [  OK  ]
Starting oddjobd:                                          [  OK  ]
# chkconfig sssd --list
sssd           	0:off	1:off	2:on	3:off	4:off	5:off	6:off

Comment 12 Tech UQAC 2014-07-09 19:22:07 UTC
I Had this problem recently (with authconfig-6.1.12-13.el6)
cause i had set FORCELEGACY to yes (/etc/sysconfig/authconfig)

Set to "no", i can't reproduce the problem with SSSD

Comment 13 errata-xmlrpc 2014-10-14 07:44:39 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1558.html


Note You need to log in before you can comment on or make changes to this bug.