On Fri, 2014-04-11 at 11:14 -0400, Stephen Gallagher wrote:
Well, the major technical reason is that it would be a
backwards-incompatible change. Updating the SSSD and changing that
behavior could very easily mean suddenly locking a whole lot of people
out of their system. There's really no easy way to change this unless
we want to force an upgrade to set it explicitly to 'access_provider =
permit', but that would still break if something like puppet overwrote
it again.
Although there are risks, I think we should do it in the next major
release.
Simo.
--
Simo Sorce * Red Hat, Inc * New York