As I created the role following the Red Hat KB Set Password Policy/Complexity in Red Hat Enterprise Linux 8 the role creates a new authselect profile based on the authselect profile sssd. I did that because the KB told me so and on a fresh install there is now authselect profile in use.
When and why does it break?
On an existing system with different state this might break things. When a system uses an authselect profile other than sssd the profile would be replaced by the new costomized profile and all individual settings of the previously used are lost.
How to improve it?
Check whether an authselect profile is currently in use. If not, proceed by copying sssd profile.
If an authselect profile is already in use, copy the active authselect profile to create a new custom profile.
IMHO that should reduce the risk of breaking things.
Current situation
As I created the role following the Red Hat KB Set Password Policy/Complexity in Red Hat Enterprise Linux 8 the role creates a new authselect profile based on the authselect profile sssd. I did that because the KB told me so and on a fresh install there is now authselect profile in use.
When and why does it break?
On an existing system with different state this might break things. When a system uses an authselect profile other than sssd the profile would be replaced by the new costomized profile and all individual settings of the previously used are lost.
How to improve it?
IMHO that should reduce the risk of breaking things.