Jakub Hrozek wrote:
On Mon, Dec 07, 2015 at 06:04:30PM +0100, Stefano Cortese wrote:So the questions are: - is there another cleaner way to exclude the localauth sssd plugin (considering that the configuration snippet is recreated at every sssd restart)?Can you test if this hack would help: # service sssd stop # rm /var/lib/sss/pubconf/krb5.include.d/localauth_plugin # touch /var/lib/sss/pubconf/krb5.include.d/localauth_plugin # chattr +i /var/lib/sss/pubconf/krb5.include.d/localauth_plugin # service sssd startIt works, thanksbtw also check out this ticket: https://fedorahosted.org/sssd/ticket/2788not needing principal switching from/to root for the momentYes, sorry, wrong ticket: https://fedorahosted.org/sssd/ticket/2707
yes maybe it could help, even if I didn't find many details (bugzilla says I am not authorized to access the RedHat Bug 1240302 with my bugzilla account, I have tried also with our RedHat support licensed account) .
It seems having been filed for sssd 1.14 and RHEL7 , is there any hope that it will be implemented also for 6.7 or 6.8 ? we can't upgrade to 7 for the IPA clients.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project