jens / authconfig

Forked from authconfig 5 years ago
Clone

6711f86 sssd: do not write SSSD PAM if there is no sssd.conf present

Authored and Committed by pbrezina 6 years ago
1 file changed. 18 lines added. 9 lines removed.
    sssd: do not write SSSD PAM if there is no sssd.conf present
    
    The expectation of authconfig is to write sssd.conf only if there
    is no domain present and the authconfig options imply  an implicit
    SSSD configuration. In this case, the authconfig writes a default
    domain into the sssd.conf to create a vlid configuration.
    
    However, we broke this behaviour by introducing writeSSSDPam to write
    smartcard options into sssd.conf and we end up creating an invalid
    sssd.conf when the file did not exist and this is not an implicit
    configuration.
    
    Now, if the file does not exist and authconfig does not create a
    domain (implicit configuration) we do not write the options into
    sssd.conf to comply with expected behaviour of previous version.
    
    If the file does exist we write the PAM option in every case so the
    administrator can use authconfig to enable and disable smartcard
    support for sssd.
    
        
file modified
+18 -9