diff options
author | dmaiocchi <dmaiocchi@suse.com> | 2020-09-12 17:27:33 +0200 |
---|---|---|
committer | dmaiocchi <dmaiocchi@suse.com> | 2020-11-23 21:22:22 +0100 |
commit | 0ecaea273a192628c98253cb6aff85f04b12e5a1 (patch) | |
tree | f1a18a2d44991686be47bd13b1deef63abcbb672 /service | |
parent | 8cddf81199e96c7edc701bcb7ca782d7bcddbddd (diff) |
Fix nsswitch handling when joining and leaving domain
for suse distro
Diffstat (limited to 'service')
-rw-r--r-- | service/realmd-suse.conf | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/service/realmd-suse.conf b/service/realmd-suse.conf index 3165efa..68da049 100644 --- a/service/realmd-suse.conf +++ b/service/realmd-suse.conf @@ -28,9 +28,11 @@ winbind-disable-service = /usr/bin/systemctl disable winbind.service winbind-restart-service = /usr/bin/systemctl restart winbind.service winbind-stop-service = /usr/bin/systemctl stop winbind.service -# TODO: How do we enable sssd in /etc/nsswitch.conf? -sssd-enable-logins = /usr/sbin/pam-config --add --sss --mkhomedir -sssd-disable-logins = /usr/sbin/pam-config --delete --sss + +# add pam via pam-config and nssswitch.conf via sed, since there is no cli handling nsswitch (sed add idempotently word sss to nsswitch.conf) +sssd-enable-logins = /bin/sh -c "/usr/sbin/pam-config --add --sss --mkhomedir && sed -E 's/(passwd:.*) sss/\1/; s/(passwd:.*)/\1 sss/; s/(group:.*) sss/\1/; s/(group:.*)/\1 sss/; s/(shadow:.*) sss/\1/; s/(shadow:.*)/\1 sss/;' -i /etc/nsswitch.conf" +# remove pam via pam-config and nssswitch.conf via sed, since there is no cli handling nsswitch (sed remove sss word from passwd/group/shadow lines) +sssd-disable-logins = /usr/bin/sh -c "/usr/sbin/pam-config --delete --sss && sed -E 's/(passwd:.*) sss/\1/; s/(group:.*) sss/\1/; s/(shadow:.*) sss/\1/;' -i /etc/nsswitch.conf" sssd-enable-service = /usr/bin/systemctl enable sssd.service sssd-disable-service = /usr/bin/systemctl disable sssd.service sssd-restart-service = /usr/bin/systemctl restart sssd.service |