IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Properly configure nsswitch.conf when using the --no-sssd option.

Browse Source 
Even with --no-sssd authconfig was setting nsswitch.conf to use sssd
for users, groups, shadow and netgroups. We need to pass in the
--enableforcelegacy option hwen configuring nss_ldap.

Also always back up and restore sssd.conf. It still gets configured for
kerberos.

ticket 1142
This commit is contained in:
Rob Crittenden 2011-04-21 15:55:17 -04:00 committed by Martin Kosek
parent 4027b12371
commit 7a867102c5
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ipa-client/ipa-install/ipa-client-install
View File

@ -66,7 +66,7 @@ def parse_options():
help="unattended installation never prompts the user")
parser.add_option("--ntp-server", dest="ntp_server", help="ntp server to use")
parser.add_option("-S", "--no-sssd", action="store_false",
help="do not configure sssd", default=True, dest="sssd")
help="Do not configure the client to use SSSD for authentication", default=True, dest="sssd")
parser.add_option("-N", "--no-ntp", action="store_false",
help="do not configure ntp", default=True, dest="conf_ntp")
parser.add_option("-w", "--password", dest="password", sensitive=True,
@ -494,7 +494,6 @@ def configure_certmonger(fstore, subject_base, cli_realm, hostname, options):
print "certmonger request for host certificate failed"
def configure_sssd_conf(fstore, cli_realm, cli_domain, cli_server, options):
fstore.backup_file("/etc/sssd/sssd.conf")
sssdconfig = SSSDConfig.SSSDConfig()
sssdconfig.new_config()
@ -851,6 +850,8 @@ def main():
configure_ipa_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server)
print "Created /etc/ipa/default.conf"
# Always back up sssd.conf. It gets updated by authconfig --enablekrb5.
fstore.backup_file("/etc/sssd/sssd.conf")
if options.sssd:
if configure_sssd_conf(fstore, cli_realm, cli_domain, cli_server, options):
return 1
@ -913,7 +914,7 @@ def main():
cmd = ["/usr/sbin/authconfig", "--enablesssd", "--enablesssdauth", "--update"]
message = "SSSD enabled"
else:
cmd = ["/usr/sbin/authconfig", "--enableldap", "--update"]
cmd = ["/usr/sbin/authconfig", "--enableldap", "--enableforcelegacy", "--update"]
message = "LDAP enabled"
if options.mkhomedir: