| Message ID | ec6cbffc-09f5-dfab-1c92-3a38ba0d575d@redhat.com |
|---|---|
| State | Committed |
| Headers |
Received: (qmail 110947 invoked by alias); 29 Oct 2019 16:07:55 -0000 Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: <libc-alpha.sourceware.org> List-Unsubscribe: <mailto:libc-alpha-unsubscribe-##L=##H@sourceware.org> List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org> List-Archive: <http://sourceware.org/ml/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs> Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org Received: (qmail 110937 invoked by uid 89); 29 Oct 2019 16:07:54 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-18.1 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, SPF_HELO_PASS autolearn=ham version=3.3.1 spammy=HX-Languages-Length:932, networks X-HELO: mx1.redhat.com To: libc-alpha <libc-alpha@sourceware.org>, Florian Weimer <fweimer@redhat.com> From: Carlos O'Donell <carlos@redhat.com> Subject: [PATCH] Comment out initgroups from example nsswitch.conf (Bug 25146) Message-ID: <ec6cbffc-09f5-dfab-1c92-3a38ba0d575d@redhat.com> Date: Tue, 29 Oct 2019 12:07:48 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit |
Commit Message
Carlos O'Donell
Oct. 29, 2019, 4:07 p.m. UTC
In commit 4b7c74179c8928d971d370e1137d202f891a4cf5 the nsswitch.conf file was harmonized with downstream distributions, but this change included adding "initgroups: files". We should not add initgroups by default, we can have it, but it should be commented out to allow it to inherit the settings from groups. The problem is principally that downstream authconfig won't update initgroups and it will get out of sync with groups. --- nss/nsswitch.conf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Comments
* Carlos O'Donell: > In commit 4b7c74179c8928d971d370e1137d202f891a4cf5 the nsswitch.conf > file was harmonized with downstream distributions, but this change > included adding "initgroups: files". We should not add initgroups by > default, we can have it, but it should be commented out to allow it > to inherit the settings from groups. The problem is principally that Typo: "group" > downstream authconfig won't update initgroups and it will get out of > sync with groups. Likewise. > --- > nss/nsswitch.conf | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/nss/nsswitch.conf b/nss/nsswitch.conf > index f553588114..9156af32ea 100644 > --- a/nss/nsswitch.conf > +++ b/nss/nsswitch.conf > @@ -58,7 +58,8 @@ ethers: files > group: files > gshadow: files > hosts: files dns > -initgroups: files > +# Allow initgroups to default to groups. > +# initgroups: files Typo: "group". Or "the setting for group". Okay with either change. Thanks, Florian
On 10/29/19 12:09 PM, Florian Weimer wrote: > * Carlos O'Donell: > >> In commit 4b7c74179c8928d971d370e1137d202f891a4cf5 the nsswitch.conf >> file was harmonized with downstream distributions, but this change >> included adding "initgroups: files". We should not add initgroups by >> default, we can have it, but it should be commented out to allow it >> to inherit the settings from groups. The problem is principally that > > Typo: "group" Fixed. >> downstream authconfig won't update initgroups and it will get out of >> sync with groups. > > Likewise. Fixed. >> --- >> nss/nsswitch.conf | 3 ++- >> 1 file changed, 2 insertions(+), 1 deletion(-) >> >> diff --git a/nss/nsswitch.conf b/nss/nsswitch.conf >> index f553588114..9156af32ea 100644 >> --- a/nss/nsswitch.conf >> +++ b/nss/nsswitch.conf >> @@ -58,7 +58,8 @@ ethers: files >> group: files >> gshadow: files >> hosts: files dns >> -initgroups: files >> +# Allow initgroups to default to groups. >> +# initgroups: files > > Typo: "group". Or "the setting for group". Used "# Allow initgroups to default to the setting for group." > Okay with either change. Pushed. Thanks!
diff --git a/nss/nsswitch.conf b/nss/nsswitch.conf index f553588114..9156af32ea 100644 --- a/nss/nsswitch.conf +++ b/nss/nsswitch.conf @@ -58,7 +58,8 @@ ethers: files group: files gshadow: files hosts: files dns -initgroups: files +# Allow initgroups to default to groups. +# initgroups: files netgroup: files networks: files dns passwd: files