F18 users unable to log in due to cached nsswitch.conf
simo at redhat.com
Wed Oct 17 15:29:02 UTC 2012
On Wed, 2012-10-17 at 11:21 -0400, Simo Sorce wrote:
> On Wed, 2012-10-17 at 17:17 +0200, Stef Walter wrote:
> > In Fedora 17 and 18 we have a problem where remote users are unable to
> > log in until the machine has been rebooted. This used to work
> > previously. To fix this we probably need to:
> > Include 'sss' in /etc/nsswitch.conf by default and have the small
> > sssd-client package (with just thepam, nss plugins) installed on all but
> > minimal Fedora installs.
> > Is it too late to do this for Fedora 18? I'd jump in and provide the
> > patches necessary. Sadly it's been hard to test a coherent system up
> > until this point, so I thought this was a fluke of my test F18 systems
> > until just the other day.
> > Cheers,
> > Stef
> I want to add, that having the 'sss' line in nsswitch.conf is completely
> harmless both if the libnss_sss plugin is not available (minimal) and if
> it is available but sssd is not.
> The library has been built to be resilient and not block or cause issues
> when the daemon is present. glibc also just ignores missing plugins.
and I meant 'missing' here ^^ of course ...
> So adding that line by default in nsswitch.conf should have no
> unintended consequences or bad failure modes.
Simo Sorce * Red Hat, Inc * New York
More information about the devel