[Freeipa-users] sudo (sssd) hangs due to ipa install/uninstall scripts
Prasun Gera
prasun.gera at gmail.com
Wed Jun 24 05:46:14 UTC 2015
Version: idm 4.x on rhel 7.1
Yet again, I've discovered a problem with residual state left behind by ipa
client install and uninstall scripts. I was having some trouble with
autofs+sssd leading to users not being mapped correctly (got nobody users
for everything). So I tried theipa-client-automount --uninstall, followed
by ipa-client-install --uninstall, and then did a fresh install of the
client. The original autofs issue aside, I started getting hangs in sudo.
After spending a better part of the day, the culprit was this line in
nsswitch.conf:
sudoers: files sss sss
It turns out that the extra sss left behind is sufficient to make any sudo
command hang. Easy to reproduce too.
Regarding the original autofs problem, I don't have a conclusive
explanation yet, but explicitly adding nfsvers=3 seems to map users
correctly.
It's always scary to use these install and uninstall scripts. They always
tend to leave bits and pieces behind. Isn't there a cleaner way to achieve
this ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150623/ee191805/attachment.htm>
More information about the Freeipa-users
mailing list