Bug 975203 - Authconfig does not restart SSSD or Winbind when updating config
Authconfig does not restart SSSD or Winbind when updating config
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: authconfig (Show other bugs)
6.4
All All
medium Severity medium
: rc
: ---
Assigned To: Tomas Mraz
David Spurek
:
Depends On:
Blocks: 994246
  Show dependency treegraph
 
Reported: 2013-06-17 15:50 EDT by Brian Cook
Modified: 2017-11-20 07:24 EST (History)
7 users (show)

See Also:
Fixed In Version: authconfig-6.1.12-14.el6
Doc Type: Bug Fix
Doc Text:
Cause: In some cases Authconfig was not able to properly detect whether SSSD or Winbind should be enable. Consequence: These daemons were stopped when authconfig was run although they should not be touched. Fix: Authconfig will not change the state nor restart the services if the services configuration is not changed. Result: The SSSD or Winbind is still running after authconfig --update command which does not touch any settings related to SSSD or Winbind.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-10-14 03:44:39 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
bcook: needinfo-


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 768833 None None None Never

  None (edit)
Description Brian Cook 2013-06-17 15:50:27 EDT
Description of problem:

Authconfig does not restart SSSD or Winbind when those services are running or are supposed to run at current runlevel.


Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. configure a server with winbind and / or sssd (ipa-client will configure sssd for you.  AD trusts for IdM configures winbind)
2. run authconfig e.g. $ authconfig --enablemkhomedir --update

Actual results:
authconfig will stop sssd / winbind (if they are running), update configs, but will not restart them

Expected results:
authconfig should start services it has stopped or that are necessary for auth and marked to run in the current runlevel by chkconfig
Comment 1 Tomas Mraz 2013-07-11 07:18:27 EDT
Can you please attach 'authconfig --test' output here?
I am afraid this is a regression from bug 874527 fix.
Comment 2 Taejeong Bae 2013-08-06 05:07:45 EDT
I think also this is a regression from bug 874527 fix.

When I ran authconfig after manually writing sssd.conf, authconfig do nothing. So, I should do start sssd manually. If I ran authconfig when the sssd was running, it made sssd stop. 

[root@ipa2 sssd]# service sssd status
sssd is stopped
[root@ipa2 sssd]# authconfig --enablesssd --enablesssdauth --update
[root@ipa2 sssd]# service sssd status
sssd is stopped
[root@ipa2 sssd]# service sssd start
Starting sssd:                                             [  OK  ]
[root@ipa2 sssd]# authconfig --enablesssd --enablesssdauth --update
Stopping sssd:                                             [  OK  ]
[root@ipa2 sssd]# service sssd status
sssd is stopped
[root@ipa2 sssd]# yum info authconfig 
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.tt.co.kr
 * extras: centos.tt.co.kr
 * updates: centos.tt.co.kr
Installed Packages
Name        : authconfig
Arch        : i686
Version     : 6.1.12
Release     : 13.el6
Size        : 1.8 M
Repo        : installed
From repo   : anaconda-CentOS-201303020136.i386
Summary     : Command line tool for setting up authentication from network services
URL         : https://fedorahosted.org/authconfig
License     : GPLv2+
Description : Authconfig is a command line utility which can configure a workstation
            : to use shadow (more secure) passwords.  Authconfig can also configure a
            : system to be a client for certain networked user information and
            : authentication schemes.
Comment 3 Taejeong Bae 2013-08-06 05:10:01 EDT
authconfig-6.1.12-10.el6 does't have this problem.

[root@rocks sssd]# service sssd status
sssd is stopped
[root@rocks sssd]# authconfig --enablesssd --enablesssdauth --update
Starting sssd:                                             [  OK  ]
[root@rocks sssd]# yum info authconfig
Installed Packages
Name        : authconfig
Arch        : x86_64
Version     : 6.1.12
Release     : 10.el6
Size        : 1.9 M
Repo        : installed
From repo   : Rocks-6.1
Summary     : Command line tool for setting up authentication from network services
URL         : https://fedorahosted.org/authconfig
License     : GPLv2+
Description : Authconfig is a command line utility which can configure a workstation
            : to use shadow (more secure) passwords.  Authconfig can also configure a
            : system to be a client for certain networked user information and
            : authentication schemes.
Comment 6 Ron van der Wees 2014-03-27 12:21:13 EDT
FYI, this not only stops SSSD but it also disables it for runlevel 3, 4 and 5:

# rpm -qa | grep authconfig
authconfig-6.1.12-13.el6.x86_64
# chkconfig sssd --list
sssd           	0:off	1:off	2:on	3:on	4:on	5:on	6:off
# authconfig --enablemkhomedir --update
Stopping sssd:                                             [  OK  ]
Starting oddjobd:                                          [  OK  ]
# chkconfig sssd --list
sssd           	0:off	1:off	2:on	3:off	4:off	5:off	6:off
Comment 12 Tech UQAC 2014-07-09 15:22:07 EDT
I Had this problem recently (with authconfig-6.1.12-13.el6)
cause i had set FORCELEGACY to yes (/etc/sysconfig/authconfig)

Set to "no", i can't reproduce the problem with SSSD
Comment 13 errata-xmlrpc 2014-10-14 03:44:39 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1558.html

Note You need to log in before you can comment on or make changes to this bug.