Bug#776141: unblock: sssd/1.11.7-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package sssd
sssd/1.11.7-3 fixes handling of /etc/nsswitch.conf (#749722)
(libnss-sss needs a sudoers: entry in /etc/nsswitch.conf)
* on some install/upgrade scenarios the check was inadvertantly skipped
and therefore sss was not enabled by default
* on package removal remove the sudoers line from etc/nsswitch.conf
if only the default values remain - restores /etc/nsswitch.conf to the
state before installation of libnss-sss (by undoing the edits, not by
restoring a backup)
(piuparts triggers an error if /etc/nsswitch.conf has still
modifications left after the package was purged)
Andreas
unblock sssd/1.11.7-3
diff -u sssd-1.11.7/debian/changelog sssd-1.11.7/debian/changelog
--- sssd-1.11.7/debian/changelog
+++ sssd-1.11.7/debian/changelog
@@ -1,3 +1,13 @@
+sssd (1.11.7-3) unstable; urgency=medium
+
+ * libsss-sudo.postrm: Delete sudoers line from nsswitch.conf, if only
+ files source left. (Closes: #749722)
+ * libsss-sudo.postinst: Fix comments.
+ * libsss-sudo.postinst: Check nsswitch sudoers entry unconditionally,
+ so that it is added on upgrade too if missing.
+
+ -- Timo Aaltonen <tjaalton@debian.org> Fri, 16 Jan 2015 13:53:22 +0200
+
sssd (1.11.7-2) unstable; urgency=medium
* default, upstart.in: Upstream ticket #2312 is fixed now, so drop the
diff -u sssd-1.11.7/debian/libsss-sudo.postinst sssd-1.11.7/debian/libsss-sudo.postinst
--- sssd-1.11.7/debian/libsss-sudo.postinst
+++ sssd-1.11.7/debian/libsss-sudo.postinst
@@ -24,10 +24,9 @@
echo "$*"
}
-# try to insert sss entries to the passwd, group, shadow and netgroup
-# lines in /etc/nsswitch.conf to automatically enable libnss-sss
-# support; do not change the configuration if the lines already
-# references some sss lookups
+# try to insert sss entries to the sudoers line in /etc/nsswitch.conf to
+# automatically enable libsss-sudo support; do not change the configuration
+# if the lines already references some sss lookups
insert_nss_entry() {
log "Checking NSS setup..."
# abort if /etc/nsswitch.conf does not exist
@@ -49,19 +48,6 @@
}
-action="$1"
+insert_nss_entry
-if [ configure = "$action" ]; then
- if [ -z "$2" ]; then
- log "First installation detected..."
- # first install: setup the recommended configuration (unless
- # nsswitch.conf already contains sss entries)
- insert_nss_entry
- else
- # upgrade
- version="$2"
-
- # Nothing to do here yet
- fi
-fi
exit 0
diff -u sssd-1.11.7/debian/libsss-sudo.postrm sssd-1.11.7/debian/libsss-sudo.postrm
--- sssd-1.11.7/debian/libsss-sudo.postrm
+++ sssd-1.11.7/debian/libsss-sudo.postrm
@@ -22,6 +22,11 @@
s/[[:space:]]+$//
}
' /etc/nsswitch.conf
+
+ # delete sudoers line if only default entry left"
+ if ! [ -z "grep \"^sudoers: files$\" /etc/nsswitch.conf" ]; then
+ sed -i /^sudoers:/d /etc/nsswitch.conf
+ fi
}
case "$1" in
Reply to: