search

linux-system-roles / tlog

https://linux-system-roles.github.io/tlog/
GNU General Public License v3.0
5 stars 15 forks source link

Issues if freeIPA are installed on server. #131

Open kborup-redhat opened 5 months ago

kborup-redhat commented 5 months ago

Hello

If the freeipa-client is installed and configured before the system-roles-tlog is run then the sssd client will stop to work with the domain that we are connected too.

Before tlog

services = nss, pam, ssh, sudo domains = nssfiles, pfy.local

After tlog

services = nss, pam domains = nssfiles

As shown the tlog removes the domain and ssh + sudo from the sssd.conf this needs to be retained for the domain function of sssd to work the correct way.

if i do id <username> for a IDM user after installing tlog it fails to lookup the user.

I think the role will require to read services and domains first and add the missing services instead of overwriting already configured services.

richm commented 5 months ago

@justin-stephenson

justin-stephenson commented 5 months ago

This seems like a valid request, we did something similar in cockpit-session-recording configuration of Tlog https://github.com/Scribery/cockpit-session-recording/blob/main/src/config.jsx#L521