Ed Greshko writes:
On 19/07/2021 08:41, Sam Varshavchik wrote:Ed Greshko writes:On 18/07/2021 20:38, Sam Varshavchik wrote:Eyal Lebedinsky writes:In /etc/nsswitch.conf which is a symlink. [egreshko@meimei etc]$ ll nsswitch.conflrwxrwxrwx. 1 root root 29 Jul 14 16:01 nsswitch.conf -> /etc/authselect/nsswitch.confI have: $ ll /etc/nsswitch.conf -rw-r--r-- 1 root root 2150 Jul 18 00:08 /etc/nsswitch.conf $ ll /etc/authselect/nsswitch.conf ls: cannot access '/etc/authselect/nsswitch.conf': No such file or directoryI just checked, and none of my machines have /etc/nsswitch.conf as a symlink. This includes one box that was fresh-installed as F30 (approx).The fresh-installed box had a bunch of files in /etc/authselect. The others, just: [mrsam@monster ~]$ ls -al /etc/authselect/ total 32 drwxr-xr-x. 3 root root 4096 Jul 17 19:30 . drwxr-xr-x. 212 root root 16384 Jul 17 19:37 .. drwxr-xr-x. 2 root root 4096 Mar 31 07:36 custom -rw-r--r--. 1 root root 1783 Jul 17 19:30 user-nsswitch.conf -rw-r--r--. 1 root root 1783 May 22 09:25 user-nsswitch.conf.bak All of them have authselect-libs installed.I must say, none of that makes any sense to me.I just installed a new VM using Fedora-KDE-Live-x86_64-30-1.2.iso. Even the live image has /etc/nsswitch.conf as a sym linkto /etc/authselect/nsswitch.confAnd when I connect with that newly installed VM, without having done any updates, I see.[egreshko@f30k ~]$ ll /etc/nsswitch.conflrwxrwxrwx. 1 root root 29 Jul 19 06:25 /etc/nsswitch.conf -> /etc/authselect/nsswitch.confand [egreshko@f30k ~]$ ls /etc/authselect/ authselect.conf dconf-locks password-auth system-auth custom fingerprint-auth postlogin user-nsswitch.conf dconf-db nsswitch.conf smartcard-authSo, it is hard for me to understand how your results could be so different than mine unless you've then made changes to yoursystem out of habit.Maybe you can double check what version of fedora you actually did install at the start? Assuming the logs haven't beenovergrown you can do "dnf history info 1'.Transaction ID : 1 Begin time : Thu 25 Apr 2019 10:07:40 PM EDT Begin rpmdb : 0:da39a3ee5e6b4b0d3255bfef95601890afd80709 End time : Thu 25 Apr 2019 10:12:12 PM EDT (272 seconds) End rpmdb : 1495:0e25a85737decf86c21aa98d4f2b17b8e03e5d2a User : System <unset> Return-Code : Success Releasever : 30 That's what it says. Doing some more poking: /etc/nsswitch.conf is owned by the glibc package, according to rpm. rpm -q -l -v glibc says that it's a plain file. It is not a symlink.I'm going to guess that it's authselect that replaces /etc/nsswitch.conf with a symlink:# authselect current No existing configuration detected. I also note: [root@thinkpad ~]# authselect test minimal File /etc/nsswitch.conf: # If you want to make changes to nsswitch.conf please modify # /etc/authselect/user-nsswitch.conf and run 'authselect apply-changes'. # [ more stuff ] That sounds more like what you are seeing on your machine.Interesting. On my newly installed F30 system, which I've only run 3 commands as root.[root@f30k ~]# history 1 systemctl --now enable sshd 2 firewall-config 3 history [root@f30k ~]# authselect current Profile ID: sssd Enabled features: - with-fingerprint - with-silent-lastlog [root@f30k ~]# history 1 systemctl --now enable sshd 2 firewall-config 3 history 4 authselect current 5 history I find your experience odd.
Spin-related installation differences? I installed the XFCE spin image.rpm shows that the /etc/nsswitch.conf file is owned by glibc, and it installs it as a plain file.
If authselect replaces it with a symlink, it must mean that something ran authselect.
Looking at authselect's scriptlets, they install all the extra files only if the scriptlets detect, at installation time, that "authselect check" gives the current configuration a clean bill of health:
FILES="nsswitch.conf system-auth password-auth fingerprint-auth \ smartcard-auth postlogin dconf-db dconf-locks"When I installed F30 I distinctly recall, albeit dimly, a step where I get to select the system authentication configuration, and I selected the "I just have a vanilla Fedora system without any funky configuration" option. Maybe that one does not run authselect at all, and just leaves the glibc- installed nsswitch.conf alone.
Attachment:
pgpI2Uqurwq0x.pgp
Description: PGP signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure