Hi, this patch fixes <https://fedorahosted.org/freeipa/ticket/3069>.
Users no longer have to configure SSH in sssd.conf manually if the file exists prior to running ipa-client-install.
Honza -- Jan Cholasta
>From 38fd87c7b9d941b76753c3f11eca0058a83b8954 Mon Sep 17 00:00:00 2001 From: Jan Cholasta <jchol...@redhat.com> Date: Tue, 11 Sep 2012 04:43:57 -0400 Subject: [PATCH] Add the SSH service to SSSD config file before trying to activate it. ticket 3069 --- ipa-client/ipa-install/ipa-client-install | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 06e0798..ccb2228 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -803,14 +803,18 @@ def configure_sssd_conf(fstore, cli_realm, cli_domain, cli_server, options, clie domain = sssdconfig.new_domain(cli_domain) try: - sssdconfig.activate_service('ssh') - except SSSDConfig.NoServiceError: + sssdconfig.new_service('ssh') + except SSSDConfig.ServiceAlreadyExists: + pass + except SSSDConfig.ServiceNotRecognizedError: root_logger.error("Unable to activate the SSH service in SSSD config.") root_logger.info( "Please make sure you have SSSD built with SSH support installed.") root_logger.info( "Configure SSH support manually in /etc/sssd/sssd.conf.") + sssdconfig.activate_service('ssh') + domain.add_provider('ipa', 'id') #add discovery domain if client domain different from server domain -- 1.7.11.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel