[Bug 1781991] Re: libsss-sudo.postinst clobbers local change to /etc/nsswitch.conf
Andreas Hasenack
andreas at canonical.com
Tue May 28 14:19:35 UTC 2019
** Description changed:
- I have reported this bug to Debian, but this applies equally to Ubuntu.
- Please see the Debian bug report for details.
+ [Impact]
+ The libsss-sudo package insists on inserting a "sudoers: files sss" configuration line into /etc/nsswitch.conf at install time and every upgrade after that. If the line already exists and has no "sss" component, the postinst adds that.
+
+ This behavior ignores changes the user might have done. For example,
+ some users remove "sss", like seen in bug #1249777. At the next upgrade,
+ libsss-sudo will just add it back again.
+
+ The proposed fix here is already applied in debian and later ubuntu
+ releases, and only triggers the nsswitch.conf check on first install.
+
+ [Test Case]
+
+ * detailed instructions how to reproduce the bug
+
+ * these should allow someone who is not familiar with the affected
+ package to reproduce the bug and verify that the updated package fixes
+ the problem.
+
+ [Regression Potential]
+
+ * discussion of how regressions are most likely to manifest as a result
+ of this change.
+
+ * It is assumed that any SRU candidate patch is well-tested before
+ upload and has a low overall risk of regression, but it's important
+ to make the effort to think about what ''could'' happen in the
+ event of a regression.
+
+ * This both shows the SRU team that the risks have been considered,
+ and provides guidance to testers in regression-testing the SRU.
+
+ [Other Info]
+
+ * Anything else you think is useful to include
+ * Anticipate questions from users, SRU, +1 maintenance, security teams and the Technical Board
+ * and address these questions in advance
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to sssd in Ubuntu.
https://bugs.launchpad.net/bugs/1781991
Title:
libsss-sudo.postinst clobbers local change to /etc/nsswitch.conf
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1781991/+subscriptions
More information about the Ubuntu-server-bugs
mailing list