On 19/07/2021 10:04, Sam Varshavchik wrote:
Ed Greshko writes:
On 19/07/2021 08:41, Sam Varshavchik wrote:
Ed Greshko writes:
On 18/07/2021 20:38, Sam Varshavchik wrote:
Eyal Lebedinsky writes:
In /etc/nsswitch.conf which is a symlink.
[egreshko@meimei etc]$ ll nsswitch.conf
lrwxrwxrwx. 1 root root 29 Jul 14 16:01 nsswitch.conf -> /etc/authselect/nsswitch.conf
I have:
$ ll /etc/nsswitch.conf
-rw-r--r-- 1 root root 2150 Jul 18 00:08 /etc/nsswitch.conf
$ ll /etc/authselect/nsswitch.conf
ls: cannot access '/etc/authselect/nsswitch.conf': No such file or directory
I just checked, and none of my machines have /etc/nsswitch.conf as a symlink. This includes one box that was fresh-installed as F30 (approx).
The fresh-installed box had a bunch of files in /etc/authselect.
The others, just:
[mrsam@monster ~]$ ls -al /etc/authselect/
total 32
drwxr-xr-x. 3 root root 4096 Jul 17 19:30 .
drwxr-xr-x. 212 root root 16384 Jul 17 19:37 ..
drwxr-xr-x. 2 root root 4096 Mar 31 07:36 custom
-rw-r--r--. 1 root root 1783 Jul 17 19:30 user-nsswitch.conf
-rw-r--r--. 1 root root 1783 May 22 09:25 user-nsswitch.conf.bak
All of them have authselect-libs installed.
I must say, none of that makes any sense to me.
I just installed a new VM using Fedora-KDE-Live-x86_64-30-1.2.iso. Even the live image has /etc/nsswitch.conf as a sym link
to /etc/authselect/nsswitch.conf
And when I connect with that newly installed VM, without having done any updates, I see.
[egreshko@f30k ~]$ ll /etc/nsswitch.conf
lrwxrwxrwx. 1 root root 29 Jul 19 06:25 /etc/nsswitch.conf -> /etc/authselect/nsswitch.conf
and
[egreshko@f30k ~]$ ls /etc/authselect/
authselect.conf dconf-locks password-auth system-auth
custom fingerprint-auth postlogin user-nsswitch.conf
dconf-db nsswitch.conf smartcard-auth
So, it is hard for me to understand how your results could be so different than mine unless you've then made changes to your
system out of habit.
Maybe you can double check what version of fedora you actually did install at the start? Assuming the logs haven't been
overgrown you can do "dnf history info 1'.
Transaction ID : 1
Begin time : Thu 25 Apr 2019 10:07:40 PM EDT
Begin rpmdb : 0:da39a3ee5e6b4b0d3255bfef95601890afd80709
End time : Thu 25 Apr 2019 10:12:12 PM EDT (272 seconds)
End rpmdb : 1495:0e25a85737decf86c21aa98d4f2b17b8e03e5d2a
User : System <unset>
Return-Code : Success
Releasever : 30
That's what it says.
Doing some more poking:
/etc/nsswitch.conf is owned by the glibc package, according to rpm.
rpm -q -l -v glibc says that it's a plain file. It is not a symlink.
I'm going to guess that it's authselect that replaces /etc/nsswitch.conf with a symlink:
# authselect current
No existing configuration detected.
I also note:
[root@thinkpad ~]# authselect test minimal
File /etc/nsswitch.conf:
# If you want to make changes to nsswitch.conf please modify
# /etc/authselect/user-nsswitch.conf and run 'authselect apply-changes'.
#
[ more stuff ]
That sounds more like what you are seeing on your machine.
Interesting. On my newly installed F30 system, which I've only run 3 commands as root.
[root@f30k ~]# history
1 systemctl --now enable sshd
2 firewall-config
3 history
[root@f30k ~]# authselect current
Profile ID: sssd
Enabled features:
- with-fingerprint
- with-silent-lastlog
[root@f30k ~]# history
1 systemctl --now enable sshd
2 firewall-config
3 history
4 authselect current
5 history
I find your experience odd.
Spin-related installation differences? I installed the XFCE spin image.
rpm shows that the /etc/nsswitch.conf file is owned by glibc, and it installs it as a plain file.
If authselect replaces it with a symlink, it must mean that something ran authselect.
Looking at authselect's scriptlets, they install all the extra files only if the scriptlets detect, at installation time, that "authselect check" gives the current configuration a clean bill of health:
FILES="nsswitch.conf system-auth password-auth fingerprint-auth \
smartcard-auth postlogin dconf-db dconf-locks"
When I installed F30 I distinctly recall, albeit dimly, a step where I get to select the system authentication configuration, and I selected the "I just have a vanilla Fedora system without any funky configuration" option. Maybe that one does not run authselect at all, and just leaves the glibc-installed nsswitch.conf alone.
I just installed an F30 VM from Fedora-Xfce-Live-x86_64-30-1.2.iso
After install, the very first thing I did from a terminal was.
[egreshko@f30x ~]$ sudo authselect current
We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:
#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.
[sudo] password for egreshko:
Profile ID: sssd
Enabled features:
- with-fingerprint
- with-silent-lastlog
and
[egreshko@f30x ~]$ ll /etc/nsswitch.conf
lrwxrwxrwx. 1 root root 29 Jul 19 09:52 /etc/nsswitch.conf -> /etc/authselect/nsswitch.conf
When I installed from the Live image there was no such step as you've dimly recalled.
Did you, by chance, not install from the Xfce live image but from the Netinst image or Everything image?
--
Remind me to ignore comments which aren't germane to the thread.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
