jakub/ansible
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Prioritize SSS over local accounts in nsswitch

Browse Source 
Rewrites the passwd and group lines in /etc/nsswitch.conf so SSSD
is consulted before local files, and notifies the existing SSSD
restart handler so the change takes effect immediately.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jakub Žáček
2026-05-26 18:02:29 +02:00
parent 9eb3e446af
commit 65a02177fa
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
initial_install/roles/freeipa_client/tasks/main.yml
+10
View File
@@ -34,6 +34,16 @@
no_log: false no_log: false
when: not ipa_client_conf.stat.exists when: not ipa_client_conf.stat.exists
- name: Prioritize SSS over local accounts in NSS
ansible.builtin.lineinfile:
path: /etc/nsswitch.conf
regexp: '^{{ item }}:'
line: '{{ item }}: sss files systemd'
loop:
- passwd
- group
notify: Restart SSSD
- name: Enable mkhomedir - name: Enable mkhomedir
ansible.builtin.command: ansible.builtin.command:
argv: argv: