On Mon, 2018-11-26 at 14:38 +0100, Pavel Březina wrote: > On 11/26/18 2:21 PM, Stephen Gallagher wrote: > > On Mon, Nov 26, 2018 at 8:16 AM Pavel Březina <pbrezina@xxxxxxxxxx> wrote: > > > > > > This e-mail is long so I just put the question here before explanation: > > > > > > Do you know about any package that installs an nsswitch.conf module and > > > automatically enables it in /etc/nsswitch.conf? So far I have two > > > packages - nss-mdns and systemd. > > > > > > Why? > > > > > > As you might have noticed, in Fedora 28 we switched from authconfig to > > > authselect. This brought some adoption issues and feature requests which > > > we tried hard to resolved, mostly related to nsswitch.conf. Thank you > > > for all your feedback. > > > > > > At this point I am aware of only one nsswitch.conf related issue that we > > > would like to fix. The problem is that when you choose to use authselect > > > you are no longer allowed to touch /etc/nsswitch.conf (and various file > > > in /etc/pam.d) manually but you should use authselect and its profiles > > > instead. > > > > > > However, this does not work well for small environments (possibly single > > > user machines) where you want to just change something in nsswitch.conf > > > and do not want to create custom profile. For this, we introduced > > > /etc/authselect/user-nsswitch.conf and 'authselect apply-changes' > > > command to do this the authselect way (of course you are free to not use > > > authselect and just modify the files manually). > > > > > > But there are some packages that installs nsswitch modules and > > > automatically puts them in /etc/nsswitch.conf in %post which conflicts > > > with authselect. We would like to provide an authselect call for these > > > packages, that would make sure it does not conflict with authselect [1]. > > > > > > I started working on a design for such feature and I'm trying to obtain > > > list of all packages that installs nsswitch modules and automatically > > > enable them in /etc/nsswitch.conf. > > > > > > So far I was able to find these packages: > > > - nss-altfiles > > > - nss_db > > > - nss-mdns > > > - nss_nis > > > - nss-pam-ldapd > > > - nss_updatedb > > > - sssd > > > - systemd > > > > > > But only two of them (nss-mdns, systemd) touches /etc/nsswitch.conf. Do > > > you know about any other package? > > > > > > Thank you, > > > Pavel. > > > > > > [1] https://github.com/pbrezina/authselect/issues/77 > > > > > > IIRC, doesn't autofs also use nsswitch.conf for configuration? > > Yes, but it is not part of glibc. AFAIK it works similar to sudo - > lookup automount line in nsswitch.conf and acts according to its > settings. But it does not have proper support in glibc. Yes, automount uses the "automount:" line of nsswitch.conf. It doesn't mess with nsswitch.conf and I'm not willing to change a file autofs doesn't own, it's the users responsibility to set the autofs map sources they need. Umm .. "proper" ... I'll take that to just mean I don't use the glibc API rather than a criticism of what I chose to do. Originally I tried to use the glibc API and I even had autofs specific nsswitch example code but I found I couldn't do what I needed. When I did this I didn't have time to work through the glibc API code to work out if it did provide what I needed so I wrote my own parser. If I need to change that then I'll need pointers to adequate glibc nsswitch API documentation as I still don't want to dive into the glibc code to work out how do this. Ian _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
