[Freeipa-users] ipa-client-install generates bad sssd.conf
Rob Crittenden
rcritten at redhat.com
Fri Mar 3 14:53:04 UTC 2017
Harald Dunkel wrote:
> On 03/03/17 10:14, Jakub Hrozek wrote:
>> On Fri, Mar 03, 2017 at 09:56:55AM +0100, Harald Dunkel wrote:
>>>
>>> This is systemd-only?
>>>
>>> Wouldn't it be better to create a working sssd.conf, no matter
>>> what?
>>
>> It is up to whoever is creating the sssd.conf. As I said, the change is
>> backwards-compatible. If you want the services to be started by sssd,
>> then list them in the services line. If you want to have them started on
>> demand and have a simpler configuration, you rely on the systemd services
>> manager.
>>
>
> Understood. I will try 1.15.1 as soon as possible.
>
> Reading ipa-client-install it appears to me that the other
> services haven't been omitted on purpose. I have the
> impression that nss and pam have simply been forgotten.
>
> sssd's ssh service is defined only if ipa-client-install
> is allowed to touch the ssh or sshd configuration, but I
> have *no* idea why there is such a correlation.
>
> Would somebody mind to look into this?
This is managed by authconfig on Fedora/RHEL systems. Not sure what
Debian does in this regard. Timo?
rob
More information about the Freeipa-users
mailing list