Learn more about these different git repos.
Other Git URLs
When removing two options: https://github.com/freeipa/freeipa/blob/7862e9bec5133b7416b649a84e2ef5b3d906f2ea/ipaclient/install/ipa_client_automount.py#L356 only one of them gets removed.
We need to call save_domain() twice as shown in this patch: https://bugzilla.redhat.com/show_bug.cgi?id=1790886#c4
Is this expected (e.g. should we change the way we are using the save_domain() method) or is it a bug?
I'm not able to reproduce the problem. I have a simple ipa.conf file to test:
[sssd] services = nss, pam, sudo, ssh, autofs domains = EXAMPLE.COM [domain/EXAMPLE.COM] id_provider = ipa auth_provider = ipa access_provider = ipa chpass_provider = ipa ipa_hostname = fqdn.for.machine sudo_provider = ipa subdomains_provider = ipa session_provider = ipa ipa_automount_location = default hostid_provider = ipa autofs_provider = ipa [autofs]
and the Python code shown below removes both option and provider with just one save:
import SSSDConfig config = SSSDConfig.SSSDConfig() config.import_config('/home/fedora/ipa.conf') domain = None domain = config.get_domain('EXAMPLE.COM') domain.remove_option('ipa_automount_location') domain.remove_provider('autofs') config.save_domain(domain) config.write('/home/fedora/ipa_test.conf')
Can you put "ipa_automount_location = default" after "autofs_provider = ipa" and try again? IIRC the ipa_automount_location was the last entry in [domain/EXAMPLE.COM] in my reproducer.
@fcami I did that and nothing has changed. The code still works.
Can you try with the following as input file:
[domain/laptop.example.org] id_provider = ipa ipa_server = _srv_, ipa0.laptop.example.org ipa_domain = laptop.example.org ipa_hostname = ipa8.laptop.example.org auth_provider = ipa chpass_provider = ipa access_provider = ipa cache_credentials = True ldap_tls_cacert = /etc/ipa/ca.crt krb5_store_password_if_offline = True sudo_provider = ipa subdomains_provider = ipa session_provider = ipa hostid_provider = ipa autofs_provider = ipa ipa_automount_location = default [sssd] services = nss, pam, ssh, sudo, autofs domains = laptop.example.org [nss] homedir_substring = /home [pam] [sudo] [autofs] [ssh] [pac] [ifp] [secrets] [session_recording]
The only diff I get running your snippet is:
--- /etc/sssd/sssd.conf 2020-01-31 13:48:52.399802297 +0100 +++ sssd.conf 2020-01-31 13:50:40.266796482 +0100 @@ -17 +16,0 @@ -autofs_provider = ipa
which means ipa_automount_location does not get removed.
@fcami thanks. I was able to reproduce a problem with that configuration file. Let me take a look at what is going on here...
@fcami I have a fix for you. PR https://github.com/SSSD/sssd/pull/981.
When you will have that fix, you should not use "domain.remove_option('ipa_automount_location')", only "domain.remove_provider('autofs')". If you take a look at sssd/src/config/etc/sssd.api.d/sssd-ipa.conf, you will see that ipa_automount_location option is part of provider/ipa/autofs schema. So all options listed there will be deleted once you call "domain.remove_provider('autofs')".
Everything works just fine on my server with that fix.
master
Metadata Update from @pbrezina: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Thanks @alexal and @pbrezina !
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/5107
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.