[Bug 1781991] Re: libsss-sudo.postinst clobbers local change to /etc/nsswitch.conf

Andreas Hasenack andreas at canonical.com
Fri Jun 21 14:56:04 UTC 2019 

Bionic verification


First, confirming the bug:
ubuntu at bionic-verification-sssd-sudo:~$ apt-cache policy libsss-sudo
libsss-sudo:
  Installed: 1.16.1-1ubuntu1.2
  Candidate: 1.16.1-1ubuntu1.2
  Version table:
 *** 1.16.1-1ubuntu1.2 500
        500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages

$ grep ^sudoers /etc/nsswitch.conf
sudoers:        files sss

Removing sss and checking again:
ubuntu at bionic-verification-sssd-sudo:~$ sudo vi /etc/nsswitch.conf 
ubuntu at bionic-verification-sssd-sudo:~$ grep ^sudoers /etc/nsswitch.conf
sudoers:        files

Reinstalling brings sss back to the sudoers line:
ubuntu at bionic-verification-sssd-sudo:~$ sudo apt install --reinstall libsss-sudo
Reading package lists... Done
...
Processing triggers for libc-bin (2.27-3ubuntu1) ...
ubuntu at bionic-verification-sssd-sudo:~$ grep ^sudoers /etc/nsswitch.conf
sudoers:        files sss


Now, prior to the upgrade to the package in proposed, removing the sss bit again:
ubuntu at bionic-verification-sssd-sudo:~$ sudo vi /etc/nsswitch.conf 
ubuntu at bionic-verification-sssd-sudo:~$ grep ^sudoers /etc/nsswitch.conf
sudoers:        files

ubuntu at bionic-verification-sssd-sudo:~$ sudo apt install libsss-sudo
Reading package lists... Done
...
ubuntu at bionic-verification-sssd-sudo:~$ grep ^sudoers /etc/nsswitch.conf
sudoers:        files

"sss" is not back, confirming the fix.
ubuntu at bionic-verification-sssd-sudo:~$ apt-cache policy libsss-sudo
libsss-sudo:
  Installed: 1.16.1-1ubuntu1.3
  Candidate: 1.16.1-1ubuntu1.3
  Version table:
 *** 1.16.1-1ubuntu1.3 500
        500 http://br.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages


But it's again placed there on a fresh install:
ubuntu at bionic-verification-sssd-sudo:~$ sudo apt purge libsss-sudo -y
Reading package lists... Done
Building dependency tree       
...
ubuntu at bionic-verification-sssd-sudo:~$ grep ^sudoers /etc/nsswitch.conf
ubuntu at bionic-verification-sssd-sudo:~$ sudo apt install libsss-sudo
Reading package lists... Done
Building dependency tree       
...
ubuntu at bionic-verification-sssd-sudo:~$ grep ^sudoers /etc/nsswitch.conf
sudoers:        files sss


Bionic verification succeeded.

** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to sssd in Ubuntu.
https://bugs.launchpad.net/bugs/1781991

Title:
  libsss-sudo.postinst clobbers local change to /etc/nsswitch.conf

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1781991/+subscriptions

More information about the Ubuntu-server-bugs mailing list