On (16/11/16 11:46), Lachlan Musicman wrote:
>I don't know what I've done wrong, but when I use ipa-client-install on a
>new host to add to my one way trust domain, I now have a
>This first happened a couple of weeks ago, I saw this bug and thought "it
>will be solved soon".
>The report says it's been resolved in a recent advisory but I'm still
>seeing the error.
It was fixed by reverting upstream commit which
introduced such seature.
>Is it because I'm using sssd 1.14.2-1 from COPR instead of the centrally
Yes, theis feature is still available in upstream/fedora.
A) "domain/shadowutils" should not cause any problems.
If yes then it should be also reproducible on fedora
please filae a bug.
B) It does not happen with SELinux in enforcing mode.
Another reason for "setenforce 1" :-)
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project