[Bug 1430143] [NEW] sss_obfuscate breaks /etc/sssd/sssd.conf

Jens Elkner 1430143 at bugs.launchpad.net
Tue Mar 10 04:34:10 UTC 2015 

Public bug reported:

When "sss_obfuscate -d $section", it adds/replaces the corresponding
password /etc/sssd/sssd.conf, however it also removes valid entries,
which breaks sssd. E.g.:

--- /etc/sssd/sssd.conf.orig	2015-03-10 05:28:29.959787539 +0100
+++ /etc/sssd/sssd.conf	2015-03-10 05:28:14.775787551 +0100
@@ -24,9 +24,7 @@
 #debug_level = 0x01F0
 #debug_level = 65535
 ldap_schema = rfc2307
-ldap_autofs_map_object_class = automountMap
 ldap_autofs_map_name = automountMapName
-ldap_autofs_entry_key = automountKey
 ldap_user_ad_account_expires = ds-pwp-account-expiration-time

Obviously this breaks the automounter, because our automounter maps
follow rfc2307bis and thus the entries removed by sss_obfuscate are
required!

Other entries which are reoved by sss_obfuscate:
- selinux_provider = none
- ldap_autofs_search_base = $base

** Affects: sssd (Ubuntu)
     Importance: Undecided
         Status: New

** Package changed: netcfg (Ubuntu) => sssd (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to netcfg in Ubuntu.
https://bugs.launchpad.net/bugs/1430143

Title:
  sss_obfuscate breaks /etc/sssd/sssd.conf

Status in sssd package in Ubuntu:
  New

Bug description:
  When "sss_obfuscate -d $section", it adds/replaces the corresponding
  password /etc/sssd/sssd.conf, however it also removes valid entries,
  which breaks sssd. E.g.:

  --- /etc/sssd/sssd.conf.orig	2015-03-10 05:28:29.959787539 +0100
  +++ /etc/sssd/sssd.conf	2015-03-10 05:28:14.775787551 +0100
  @@ -24,9 +24,7 @@
   #debug_level = 0x01F0
   #debug_level = 65535
   ldap_schema = rfc2307
  -ldap_autofs_map_object_class = automountMap
   ldap_autofs_map_name = automountMapName
  -ldap_autofs_entry_key = automountKey
   ldap_user_ad_account_expires = ds-pwp-account-expiration-time

  Obviously this breaks the automounter, because our automounter maps
  follow rfc2307bis and thus the entries removed by sss_obfuscate are
  required!

  Other entries which are reoved by sss_obfuscate:
  - selinux_provider = none
  - ldap_autofs_search_base = $base

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1430143/+subscriptions

More information about the foundations-bugs mailing list