freeipa

Clone
Source Code
GIT

#8038 ipa-client-automount --uninstall is not restoring nsswitch.conf
Closed: fixed 4 years ago by fcami. Opened 4 years ago by fcami.

Closed: fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1740167

Description of problem:
ipa-client-automount --uninstall is not restoring  nsswitch.conf

Version-Release number of selected component (if applicable):
ipa-client-4.8.0-6.module+el8.1.0+3869+84a20141.x86_64

Steps to Reproduce:
1: Install ipa-server and ipa-client
2: setup ipa-client-automount with --no-sssd
3: run ipa-client-automount --uninstall

Actual results:
# cat /etc/nsswitch.conf  | grep automount
automount: files ldap

Expected results:
# cat /etc/nsswitch.conf  | grep automount
automount:  sss files

Or it should restore properly

Metadata Update from @fcami:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1740167
4 years ago

Metadata Update from @fcami:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/3529
4 years ago

@rcritten explained the behavior was changed in https://pagure.io/freeipa/c/a0e846f56c8de3b549d1d284087131da13135e34?branch=master

to attend to the following scenario:
set automount to files in /etc/nssswitch.conf
ipa-client-install
grep automount /etc/nsswitch.conf (should be sss files)
ipa-client-automount --no-sssd
grep automount /etc/nsswitch.conf (should be files ldap)
ipa-client-automount --uninstall -U
grep automount /etc/nsswitch.conf will be files, the original state

Hi @fcami , this is what I faced in another issue:
https://pagure.io/freeipa/issue/7820

and corresponding PR:
https://github.com/freeipa/freeipa/pull/2716

I've merged it into my distro, but unfortunately, forgot about an upstream patch.
Edited 4 years ago by slev

It's a similar problem but on the RHEL/Fedora side where authselect is in use things are different. authselect doesn't like other programs writing directly to /etc/nsswitch.conf so IPA needs to be changed to use authselect calls to change the nss databases.

After much smashing of my /etc/nsswitch.conf authselect refused to operate on the file at all because it was out-of-sync with what it thought it should be.

Metadata Update from @rcritten:
- Custom field blocking adjusted to 8042
4 years ago

master:

  • 405dcc6 ipatests: check that ipa-client-automount restores nsswitch.conf at uninstall time
  • b27ad6e ipa-client-automount: always restore nsswitch.conf at uninstall time
  • e5af8c1 Move ipachangeconf from ipaclient.install to ipapython
  • 41ef8fb Use tasks to configure automount nsswitch settings

ipa-4-8:

  • abea98a ipatests: check that ipa-client-automount restores nsswitch.conf at uninstall time
  • 2f0afed ipa-client-automount: always restore nsswitch.conf at uninstall time
  • 6e92776 Move ipachangeconf from ipaclient.install to ipapython
  • 2da9088 Use tasks to configure automount nsswitch settings

Metadata Update from @fcami:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
4 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
None
None
None
None
None
None
None
None
8042
https://github.com/freeipa/freeipa/pull/3529
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1740167
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.