Comment out initgroups from example nsswitch.conf (Bug 25146)
Commit Message
In commit 4b7c74179c8928d971d370e1137d202f891a4cf5 the nsswitch.conf
file was harmonized with downstream distributions, but this change
included adding "initgroups: files". We should not add initgroups by
default, we can have it, but it should be commented out to allow it
to inherit the settings from groups. The problem is principally that
downstream authconfig won't update initgroups and it will get out of
sync with groups.
---
nss/nsswitch.conf | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Comments
* Carlos O'Donell:
> In commit 4b7c74179c8928d971d370e1137d202f891a4cf5 the nsswitch.conf
> file was harmonized with downstream distributions, but this change
> included adding "initgroups: files". We should not add initgroups by
> default, we can have it, but it should be commented out to allow it
> to inherit the settings from groups. The problem is principally that
Typo: "group"
> downstream authconfig won't update initgroups and it will get out of
> sync with groups.
Likewise.
> ---
> nss/nsswitch.conf | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/nss/nsswitch.conf b/nss/nsswitch.conf
> index f553588114..9156af32ea 100644
> --- a/nss/nsswitch.conf
> +++ b/nss/nsswitch.conf
> @@ -58,7 +58,8 @@ ethers: files
> group: files
> gshadow: files
> hosts: files dns
> -initgroups: files
> +# Allow initgroups to default to groups.
> +# initgroups: files
Typo: "group". Or "the setting for group".
Okay with either change.
Thanks,
Florian
On 10/29/19 12:09 PM, Florian Weimer wrote:
> * Carlos O'Donell:
>
>> In commit 4b7c74179c8928d971d370e1137d202f891a4cf5 the nsswitch.conf
>> file was harmonized with downstream distributions, but this change
>> included adding "initgroups: files". We should not add initgroups by
>> default, we can have it, but it should be commented out to allow it
>> to inherit the settings from groups. The problem is principally that
>
> Typo: "group"
Fixed.
>> downstream authconfig won't update initgroups and it will get out of
>> sync with groups.
>
> Likewise.
Fixed.
>> ---
>> nss/nsswitch.conf | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/nss/nsswitch.conf b/nss/nsswitch.conf
>> index f553588114..9156af32ea 100644
>> --- a/nss/nsswitch.conf
>> +++ b/nss/nsswitch.conf
>> @@ -58,7 +58,8 @@ ethers: files
>> group: files
>> gshadow: files
>> hosts: files dns
>> -initgroups: files
>> +# Allow initgroups to default to groups.
>> +# initgroups: files
>
> Typo: "group". Or "the setting for group".
Used "# Allow initgroups to default to the setting for group."
> Okay with either change.
Pushed. Thanks!
@@ -58,7 +58,8 @@ ethers: files
group: files
gshadow: files
hosts: files dns
-initgroups: files
+# Allow initgroups to default to groups.
+# initgroups: files
netgroup: files
networks: files dns
passwd: files