Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1740167
Description of problem: ipa-client-automount --uninstall is not restoring nsswitch.conf Version-Release number of selected component (if applicable): ipa-client-4.8.0-6.module+el8.1.0+3869+84a20141.x86_64 Steps to Reproduce: 1: Install ipa-server and ipa-client 2: setup ipa-client-automount with --no-sssd 3: run ipa-client-automount --uninstall Actual results: # cat /etc/nsswitch.conf | grep automount automount: files ldap Expected results: # cat /etc/nsswitch.conf | grep automount automount: sss files Or it should restore properly
Metadata Update from @fcami: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1740167
Metadata Update from @fcami: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/3529
@rcritten explained the behavior was changed in https://pagure.io/freeipa/c/a0e846f56c8de3b549d1d284087131da13135e34?branch=master
to attend to the following scenario: set automount to files in /etc/nssswitch.conf ipa-client-install grep automount /etc/nsswitch.conf (should be sss files) ipa-client-automount --no-sssd grep automount /etc/nsswitch.conf (should be files ldap) ipa-client-automount --uninstall -U grep automount /etc/nsswitch.conf will be files, the original state
Hi @fcami , this is what I faced in another issue: https://pagure.io/freeipa/issue/7820
and corresponding PR: https://github.com/freeipa/freeipa/pull/2716
I've merged it into my distro, but unfortunately, forgot about an upstream patch.
It's a similar problem but on the RHEL/Fedora side where authselect is in use things are different. authselect doesn't like other programs writing directly to /etc/nsswitch.conf so IPA needs to be changed to use authselect calls to change the nss databases.
After much smashing of my /etc/nsswitch.conf authselect refused to operate on the file at all because it was out-of-sync with what it thought it should be.
Metadata Update from @rcritten: - Custom field blocking adjusted to 8042
master:
ipa-4-8:
Metadata Update from @fcami: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.