Bug#770825: base-files: add sudoers entry to nsswitch.conf
On Sat, Jan 17, 2015 at 06:32:55PM +0100, Andreas Beckmann wrote: > It would solve the question "Which package is responsible for removing > that line from /etc/nsswicth.conf?" with "NONE." > This action is problematic if there is more than one package > using/adding/modifying this line. Even if several packages use the line, the important thing here, I think, is the package providing the functionality that makes the line to work (i.e. the library). That's where I would put support scripts to add or delete content to the sudo line. Removing such package would ideally make the sudo line to disappear altogether, and piuparts will be happy. But if there are several packages providing the sudo nsswitch.conf functionality, then a -common package would be required. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#770825: base-files: add sudoers entry to nsswitch.conf
reassign 770825 libsss-sudo thanks There should not be a sudoers line by default. The current lines in /etc/nsswitch.conf are there by default because they come from glibc, which is always present. The proposed line, AFAIK, has only effect when the libsss-sudo package is installed. Otherwise it is meaningless. So, it makes sense that the libsss-sudo takes care of this, not base-files, and that's why I'm reassigning this to libsss-sudo. Thanks. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#770825: base-files: add sudoers entry to nsswitch.conf
On Thu, 27 Nov 2014 11:41:23 +0100 (CET) Santiago Vila wrote: > In either case, packages modifying this file should leave it in the > same state as before, be it the default from base-files, or the default > from another package that also modified the file before, so I don't > see how adding the line by default would help at all. It would solve the question "Which package is responsible for removing that line from /etc/nsswicth.conf?" with "NONE." This action is problematic if there is more than one package using/adding/modifying this line. Knowing that there should be a sudoers line by default, the first one would add it if it were missing but should not attempt to remove it any time later. This and other packages would still modify the content of that line (adding and removing their bits as needed), and once all were removed, the line would remain in its default configuration. I'm running into problems with "leaving /etc/nsswicth.conf modified after purge" in piuparts. There I recently added a workaround for the removal of the gshadow line - base-files only replaces a pristine nsswitch.conf, so I saw a lot of failures if some mdns package was involved in the upgrade test, while it is not part of the upgrade of a minimal chroot which serves as reference. (The modification was the existence of the gshadow line, the mdns packages had cleaned up the hosts line carefully to restore initial state.) Not sure if base-files should attempt to delete this line (if the line was unmodified) from an otherwise modified nsswitch.conf. Andreas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#770825: base-files: add sudoers entry to nsswitch.conf
On Mon, 24 Nov 2014, Timo Aaltonen wrote: > Package: base-files > Version: 7.10 > Severity: normal > > Hi, > > libsss-sudo and sudo-ldap (at least) modify nsswitch.conf in their > postinst, adding 'sudoers: files $foo' to it. The problem is that on > purge they'd need to remove the entry completely so that piuparts > doesn't fail, but that might break other packages. Can you elaborate on the "might break other packages" part? Do you refer to other packages that also need to add things to the "sudoers" line? In either case, packages modifying this file should leave it in the same state as before, be it the default from base-files, or the default from another package that also modified the file before, so I don't see how adding the line by default would help at all. In either case, there is a request for a mechanism to update nsswitch.conf, so this is more a bug aginats libc-bin: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649265#78 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#770825: base-files: add sudoers entry to nsswitch.conf
Package: base-files Version: 7.10 Severity: normal Hi, libsss-sudo and sudo-ldap (at least) modify nsswitch.conf in their postinst, adding 'sudoers: files $foo' to it. The problem is that on purge they'd need to remove the entry completely so that piuparts doesn't fail, but that might break other packages. It would make sense for base-files to carry the 'sudoers: files' entry so that packages can add to it and not worry about piuparts or breaking other packages. Doing this would allow fixing #749722 properly. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
