[debian-edu-commits] r79960 - in branches/wheezy/debian-edu-config: debian share/debian-edu-config/tools

pere at alioth.debian.org pere at alioth.debian.org
Sun May 5 18:13:07 UTC 2013 

Author: pere
Date: 2013-05-05 18:13:07 +0000 (Sun, 05 May 2013)
New Revision: 79960

Modified:
   branches/wheezy/debian-edu-config/debian/changelog
   branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-roaming
Log:
Improve roaming workstation setup and adjust for newer sssd.  Use
libnss-sss for netgroup lookup and make sure libnss-myhostname is
enabled.

Modified: branches/wheezy/debian-edu-config/debian/changelog
===================================================================
--- branches/wheezy/debian-edu-config/debian/changelog	2013-05-05 13:15:36 UTC (rev 79959)
+++ branches/wheezy/debian-edu-config/debian/changelog	2013-05-05 18:13:07 UTC (rev 79960)
@@ -1,3 +1,12 @@
+debian-edu-config (1.704~svn79935) UNRELEASED; urgency=low
+
+  [ Petter Reinholdtsen ]
+  * Improve roaming workstation setup and adjust for newer sssd.  Use
+    libnss-sss for netgroup lookup and make sure libnss-myhostname is
+    enabled.
+
+ -- Petter Reinholdtsen <pere at debian.org>  Sun, 05 May 2013 20:09:26 +0200
+
 debian-edu-config (1.704~svn79934) wheezy-test; urgency=low
 
   [ Petter Reinholdtsen ]

Modified: branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-roaming
===================================================================
--- branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-roaming	2013-05-05 13:15:36 UTC (rev 79959)
+++ branches/wheezy/debian-edu-config/share/debian-edu-config/tools/setup-roaming	2013-05-05 18:13:07 UTC (rev 79960)
@@ -17,6 +17,9 @@
 aptitude install -y libpam-mklocaluser
 aptitude install -y libpam-sss libnss-sss
 
+# Make sure the NSS module refered below always is installed
+aptitude install -y libnss-myhostname libnss-mdns libnss-ldapd
+
 # Avoid duplicate pam setup, remove the non-caching ldapd version
 apt-get purge -y libpam-ldapd
 
@@ -46,23 +49,27 @@
 invoke-rc.d sssd restart || true
 
 
-# FIXME Review this when newer sssd version with netgroup support is
-# available in Debian (ie wheezy++).
-# libnss-sss version 1.2 do not support netgroup, so we leave that to
-# libnss-ldapd.
+# FIXME See if we can drop libnss-ldapd now that sssd support sudoers. (compatible LDAP schema?)
+# FIXME See if we can drop libnss-ldapd even if sssd do not support networks
 # This code is still needed even thought sssd since version 1.2-2
 # update nsswitch.conf during installation, because we want to disable
 # ldap and enable sss for only some of the tables.
 cat > /etc/nsswitch.conf <<EOF
+# /etc/nsswitch.conf
+#
+# Example configuration of GNU Name Service Switch functionality.
+# If you have the `glibc-doc-reference' and `info' packages installed, try:
+# `info libc "Name Service Switch"' for information about this file.
+
 passwd:         files sss
 group:          files sss
 shadow:         files sss
-hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
+hosts:          files myhostname mdns4_minimal [NOTFOUND=return] dns mdns4
 networks:       files ldap
 protocols:      files
 services:       files
 ethers:         files
 rpc:            files
-netgroup:       files sss ldap
+netgroup:       files sss
 sudoers:        files ldap
 EOF

More information about the debian-edu-commits mailing list