[Freeipa-devel] [PATCH] 0017 Configure pam_krb5 only when sssd is not in use
Alexander Bokovoy
abokovoy at redhat.com
Tue Oct 4 11:36:27 UTC 2011
Hi,
attached patch fixes https://fedorahosted.org/freeipa/ticket/1775
--
/ Alexander Bokovoy
-------------- next part --------------
>From e956fb4cb1738cb98d006973db0016868204c10c Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Tue, 4 Oct 2011 14:33:36 +0300
Subject: [PATCH] Configure pam_krb5 on the client only if sssd is not
configured
https://fedorahosted.org/freeipa/ticket/1775
---
ipa-client/ipa-install/ipa-client-install | 15 ++++++++-------
1 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 76f7f1913c804053edb8b90979286a0592fa5737..f8905641662aac17bb1164d49e84527aad4c3bf7 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -1052,13 +1052,14 @@ def install(options, env, fstore, statestore):
auth_config.execute()
print message
- #Modify pam to add pam_krb5
- auth_config.reset()
- auth_config.enable("krb5").\
- add_option("update").\
- add_option("nostart")
- auth_config.execute()
- print "Kerberos 5 enabled"
+ if not options.sssd:
+ #Modify pam to add pam_krb5 only when sssd is not in use
+ auth_config.reset()
+ auth_config.enable("krb5").\
+ add_option("update").\
+ add_option("nostart")
+ auth_config.execute()
+ print "Kerberos 5 enabled"
# Update non-SSSD LDAP configuration after authconfig calls as it would
# change its configuration otherways
--
1.7.6.4
More information about the Freeipa-devel
mailing list