On 11/26/18 2:21 PM, Stephen Gallagher wrote:
On Mon, Nov 26, 2018 at 8:16 AM Pavel Březina <pbrezina@xxxxxxxxxx> wrote:
This e-mail is long so I just put the question here before explanation:
Do you know about any package that installs an nsswitch.conf module and
automatically enables it in /etc/nsswitch.conf? So far I have two
packages - nss-mdns and systemd.
Why?
As you might have noticed, in Fedora 28 we switched from authconfig to
authselect. This brought some adoption issues and feature requests which
we tried hard to resolved, mostly related to nsswitch.conf. Thank you
for all your feedback.
At this point I am aware of only one nsswitch.conf related issue that we
would like to fix. The problem is that when you choose to use authselect
you are no longer allowed to touch /etc/nsswitch.conf (and various file
in /etc/pam.d) manually but you should use authselect and its profiles
instead.
However, this does not work well for small environments (possibly single
user machines) where you want to just change something in nsswitch.conf
and do not want to create custom profile. For this, we introduced
/etc/authselect/user-nsswitch.conf and 'authselect apply-changes'
command to do this the authselect way (of course you are free to not use
authselect and just modify the files manually).
But there are some packages that installs nsswitch modules and
automatically puts them in /etc/nsswitch.conf in %post which conflicts
with authselect. We would like to provide an authselect call for these
packages, that would make sure it does not conflict with authselect [1].
I started working on a design for such feature and I'm trying to obtain
list of all packages that installs nsswitch modules and automatically
enable them in /etc/nsswitch.conf.
So far I was able to find these packages:
- nss-altfiles
- nss_db
- nss-mdns
- nss_nis
- nss-pam-ldapd
- nss_updatedb
- sssd
- systemd
But only two of them (nss-mdns, systemd) touches /etc/nsswitch.conf. Do
you know about any other package?
Thank you,
Pavel.
[1] https://github.com/pbrezina/authselect/issues/77
IIRC, doesn't autofs also use nsswitch.conf for configuration?
Yes, but it is not part of glibc. AFAIK it works similar to sudo -
lookup automount line in nsswitch.conf and acts according to its
settings. But it does not have proper support in glibc.
Also CCing Will Woods and James Antill who have been looking at
scriptlets in Fedora in general and may have further information
handy.
Thanks.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
