freeipa

Clone
Source Code
GIT

#9084 ipa-client-automount --no-sssd broken with authselect 1.3.0
Closed: fixed 2 years ago by frenaud. Opened 2 years ago by frenaud.

Closed: fixed
Reopen Issue

Issue

The command ipa-client-automount --no-sssd is broken with authselect 1.3.0, see for instance the PR #1427 with the nightly test nfs_nsswitch_restore (Details).

Steps to Reproduce

  1. install ipa-client
  2. call ipa-client-automount --no-sssd -U

Actual behavior

# /usr/sbin/ipa-client-automount  --no-sssd -U 
Searching for IPA server...
IPA server: DNS discovery
Location: default
Installation failed. Rolling back changes.
IPA automount is not configured on this system

Expected behavior

The command should succeed and configure /etc/nsswitch.conf with the following line: automount: files ldap.

Version/Release/Distribution

# cat /etc/redhat-release 
Fedora release 36 (Rawhide)
# rpm -q freeipa-client authselect
freeipa-client-4.9.8-2.fc36.x86_64
authselect-1.3.0-5.fc36.x86_64

Additional info:

The failure happens when the command ipa-client-automount tries to edit /etc/authselect/user-nsswitch.conf. According to authselect 1.3.0 release notes, user-nsswitch.conf support is now disabled by default.

Possible fixes

IPA can either create a custom profile (https://github.com/authselect/authselect/wiki/How-To:-Create-new-profile#base-new-profile-on-an-existing-one), or ask authselect to add support for automount with LDAP.

Note: Is it really worth supporting the --no-sssd option in ipa-client-automount, since the same option has been removed from ipa-client-install in ticket #7671?

I woud say we should remove --no-sssd from ipa-client-automount to be consistent.

+1. The only reason I implemented --no-sssd in ipa-client-automount is because it was allowed by ipa-client-install.

Metadata Update from @rcritten:
- Issue assigned to rcritten
2 years ago

master:

  • a283735 Remove the --no-sssd option from ipa-client-automount

ipa-4-9:

  • c46ea21 Remove the --no-sssd option from ipa-client-automount

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
2 years ago

Metadata Update from @frenaud:
- Custom field changelog adjusted to The command ipa-client-automount does not support any more the --no-sssd option. As a consequence, the command always configures the client to use SSSD for automount.
2 years ago

Login to comment on this ticket.

Metadata

test-failure

None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
None
The command ipa-client-automount does not support any more the --no-sssd option. As a consequence, the command always configures the client to use SSSD for automount.
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.