[Freeipa-devel] [PATCH] 0017 Configure pam_krb5 only when sssd is not in use

Tue Oct 4 11:36:27 UTC 2011

Hi,

attached patch fixes https://fedorahosted.org/freeipa/ticket/1775

-- 
/ Alexander Bokovoy
-------------- next part --------------
>From e956fb4cb1738cb98d006973db0016868204c10c Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Tue, 4 Oct 2011 14:33:36 +0300
Subject: [PATCH] Configure pam_krb5 on the client only if sssd is not
 configured

https://fedorahosted.org/freeipa/ticket/1775
---
 ipa-client/ipa-install/ipa-client-install |   15 ++++++++-------
 1 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 76f7f1913c804053edb8b90979286a0592fa5737..f8905641662aac17bb1164d49e84527aad4c3bf7 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -1052,13 +1052,14 @@ def install(options, env, fstore, statestore):
     auth_config.execute()
     print message
 
-    #Modify pam to add pam_krb5
-    auth_config.reset()
-    auth_config.enable("krb5").\
-                add_option("update").\
-                add_option("nostart")
-    auth_config.execute()
-    print "Kerberos 5 enabled"
+    if not options.sssd:
+        #Modify pam to add pam_krb5 only when sssd is not in use
+        auth_config.reset()
+        auth_config.enable("krb5").\
+                    add_option("update").\
+                    add_option("nostart")
+        auth_config.execute()
+        print "Kerberos 5 enabled"
 
     # Update non-SSSD LDAP configuration after authconfig calls as it would
     # change its configuration otherways
-- 
1.7.6.4

