[Bug 230466] Re: Likewise uninstall, Lock login to system

Thierry Carrez thierry.carrez at ubuntu.com
Wed Oct 29 13:35:12 GMT 2008

SRU report

Bug impact:
Removing the likewise-open package while a domain is joined will result in a system on which you cannot login anymore.

Fix in the development branch:
This was addressed in Intrepid for version, using the same patch that will be applied here.

Minimal patch:
--- likewise-open-4.0.5.orig/debian/likewise-open.prerm
+++ likewise-open-4.0.5/debian/likewise-open.prerm
@@ -0,0 +1,11 @@
+#!/bin/sh -e
+case "$1" in
+    remove)
+	if [ -x /usr/bin/domainjoin-cli ]; then
+	    domainjoin-cli leave || true
+	fi
+    ;;

NB: You'll need an AD setup to test that (a domain needs to be successfully joined).
$ sudo apt-get install likewise-open
$ sudo domainjoin-cli join your-domain your-Administrator your-password
$ sudo apt-get remove likewise-open
Then try to log in.
Without the fix: SSH or local login will fail with "PAM unable to dlopen(/lib/security/pam_lwidentity.so)" error in auth.log
With the fix: SSH or local login will continue to work after removal of likewise-open (domain is properly left at prerm).

Regression potential:
The patch only affects prerm : it tries to leave the domain but will gracefully accept failure to do so. The only regression I can think of is that before this fix you could reinstall likewise-open after having removed it and still enjoy your domain membership... that is, if you don't log out in between.

Likewise uninstall, Lock login to system
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to likewise-open in ubuntu.

More information about the Ubuntu-server-bugs mailing list