libnss-windind not installed when using --client-software=winbind
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
realmd (Ubuntu) |
Fix Released
|
Low
|
Unassigned |
Bug Description
When joining a domain with --client-
[winbind-packages]
winbind = /usr/sbin/winbindd
libpam-winbind =
The key ("winbind", "libpam-winbind") is the package name, and the value, if supplied, is a file that should be checked on the system to determine if the package is installed or not. If there is no value, then just the package listing is considered.
In our case, it's missing libnss-winbind. The winbind package has a "Suggests" on libpam-winbind and libnss-winbind, but that is not enough to install them.
We should add "libnss-winbind =" to that section.
Related branches
- Canonical Server: Pending requested
- Canonical Server Core Reviewers: Pending requested
-
Diff: 17668 lines (+5130/-3188) (has conflicts)141 files modifiedMakefile.am (+2/-2)
Makefile.in (+439/-144)
NEWS (+17/-0)
aclocal.m4 (+352/-187)
build/compile (+9/-8)
build/depcomp (+5/-5)
build/install-sh (+44/-16)
build/missing (+8/-8)
build/tap-driver (+83/-21)
build/test-driver (+5/-5)
config.h.in (+8/-0)
configure (+273/-116)
configure.ac (+14/-4)
dbus/org.freedesktop.realmd.service.in (+1/-1)
dbus/realm-dbus-constants.h (+2/-0)
dbus/realmd.service.in (+2/-2)
debian/changelog (+83/-0)
debian/control (+1/-1)
debian/links (+1/-0)
debian/patches/03_ldap-discovery-socket-timeout.patch (+76/-0)
debian/patches/04_add-computer-name-to-manpage.patch (+32/-0)
debian/patches/dont-add-services-line.patch (+16/-0)
debian/patches/series (+7/-0)
debian/watch (+1/-2)
dev/null (+0/-578)
doc/manual/Makefile.am (+10/-1)
doc/manual/devhelp2.xsl (+173/-0)
doc/manual/gtk-doc.xsl (+183/-253)
doc/manual/realm.xml (+113/-44)
doc/manual/realmd-guide-active-directory.xml (+2/-2)
doc/manual/realmd-guide-ipa.xml (+1/-1)
doc/manual/realmd-guide-kerberos.xml (+1/-1)
doc/manual/realmd.conf.xml (+138/-12)
doc/manual/static/gtk-doc.css (+319/-101)
doc/privatedir.xml.in (+1/-0)
doc/version.xml (+1/-1)
manual/book.devhelp2 (+68/-0)
manual/dbus-interface-raw.html (+9/-11)
manual/dbus-interface-reference.html (+9/-11)
manual/development.html (+9/-11)
manual/gdbus-org.freedesktop.realmd.Kerberos.html (+16/-22)
manual/gdbus-org.freedesktop.realmd.KerberosMembership.html (+16/-23)
manual/gdbus-org.freedesktop.realmd.Provider.html (+16/-23)
manual/gdbus-org.freedesktop.realmd.Realm.html (+16/-23)
manual/gdbus-org.freedesktop.realmd.Service.html (+16/-23)
manual/gtk-doc.css (+319/-101)
manual/guide-active-directory-client.html (+11/-13)
manual/guide-active-directory-join.html (+9/-11)
manual/guide-active-directory-permit.html (+9/-11)
manual/guide-active-directory.html (+11/-13)
manual/guide-integration.html (+9/-11)
manual/guide-ipa-client.html (+9/-11)
manual/guide-ipa-join.html (+9/-11)
manual/guide-ipa-permit.html (+9/-11)
manual/guide-ipa.html (+11/-13)
manual/guide-kerberos.html (+11/-13)
manual/guide.html (+13/-15)
manual/index.html (+8/-10)
manual/realm-manual.html (+9/-11)
manual/realm.html (+123/-56)
manual/realmd-conf.html (+130/-25)
po/LINGUAS (+4/-5)
po/POTFILES.in (+1/-0)
po/ca.po (+132/-129)
po/cs.po (+132/-131)
po/da.po (+40/-38)
po/de.po (+11/-10)
po/el.po (+1/-1)
po/en_GB.po (+5/-5)
po/es.po (+4/-4)
po/fa.po (+1/-1)
po/fi.po (+130/-129)
po/fr.po (+2/-2)
po/gl.po (+1/-1)
po/he.po (+1/-1)
po/hr.po (+130/-129)
po/hu.po (+120/-118)
po/id.po (+5/-5)
po/ja.po (+119/-118)
po/ka.po (+1/-1)
po/kk.po (+1/-1)
po/kn.po (+1/-1)
po/ko.po (+2/-2)
po/lt.po (+1/-1)
po/oc.po (+10/-9)
po/pl.po (+33/-33)
po/pt.po (+130/-129)
po/pt_BR.po (+1/-1)
po/ru.po (+1/-1)
po/sk.po (+1/-1)
po/sl.po (+1/-1)
po/sv.po (+6/-4)
po/tr.po (+5/-4)
po/uk.po (+2/-2)
po/zh_CN.po (+56/-52)
service/Makefile.am (+3/-1)
service/realm-adcli-enroll.c (+18/-7)
service/realm-adcli-enroll.h (+2/-0)
service/realm-command.c (+5/-1)
service/realm-daemon.c (+5/-0)
service/realm-disco-dns.c (+7/-3)
service/realm-disco-dns.h (+1/-0)
service/realm-disco-domain.c (+7/-1)
service/realm-disco-domain.h (+1/-0)
service/realm-disco-mscldap.c (+8/-1)
service/realm-disco-rootdse.c (+31/-1)
service/realm-disco-rootdse.h (+1/-0)
service/realm-disco.c (+1/-0)
service/realm-disco.h (+1/-0)
service/realm-kerberos-config.c (+116/-0)
service/realm-kerberos-config.h (+35/-0)
service/realm-kerberos.c (+70/-2)
service/realm-kerberos.h (+2/-0)
service/realm-ldap.c (+57/-3)
service/realm-ldap.h (+1/-0)
service/realm-options.c (+22/-6)
service/realm-options.h (+4/-1)
service/realm-packages.c (+2/-1)
service/realm-provider.c (+28/-2)
service/realm-samba-enroll.c (+73/-6)
service/realm-samba-enroll.h (+3/-0)
service/realm-samba-provider.c (+4/-1)
service/realm-samba-winbind.c (+51/-14)
service/realm-samba.c (+28/-6)
service/realm-sssd-ad.c (+43/-2)
service/realm-sssd-config.c (+2/-2)
service/realm-sssd-ipa.c (+6/-24)
service/realm-sssd-provider.c (+4/-1)
service/realmd-debian.conf (+2/-0)
service/realmd-defaults.conf (+1/-0)
service/realmd-redhat.conf (+1/-0)
service/realmd-suse.conf (+6/-4)
tests/test-ini-config.c (+1/-1)
tests/test-sssd-config.c (+39/-2)
tools/Makefile.am (+1/-1)
tools/realm-client.c (+2/-0)
tools/realm-client.h (+1/-0)
tools/realm-discover.c (+8/-3)
tools/realm-join.c (+20/-16)
tools/realm-leave.c (+11/-4)
tools/realm.c (+6/-2)
- Christian Ehrhardt (community): Approve
- Rafael David Tinoco (community): Approve
- Canonical Server Core Reviewers: Pending requested
- Canonical Server: Pending requested
-
Diff: 3377 lines (+3187/-1)30 files modifieddebian/changelog (+63/-0)
debian/control (+2/-1)
debian/patches/0001-Add-missing-xsl-file-to-Makefile.am.patch (+29/-0)
debian/patches/0001-Find-NetBIOS-name-in-keytab-while-leaving.patch (+163/-0)
debian/patches/0001-Fix-issues-found-by-Coverity.patch (+37/-0)
debian/patches/0001-Fix-man-page-reference-in-systemd-service-file.patch (+27/-0)
debian/patches/0001-IPA-do-not-call-sssd-enable-logins.patch (+58/-0)
debian/patches/0001-LDAP-don-t-close-LDAP-socket-twice.patch (+43/-0)
debian/patches/0001-Set-NEWEST-flag-when-resolving-packages-with-Package.patch (+49/-0)
debian/patches/0001-Use-current-idmap-options-for-smb.conf.patch (+178/-0)
debian/patches/0001-doc-make-sure-cross-reference-ids-are-predictable.patch (+1502/-0)
debian/patches/0002-Change-qualified-names-default-for-IPA.patch (+105/-0)
debian/patches/0002-Use-startTLS-with-FreeIPA.patch (+76/-0)
debian/patches/0002-configure-do-not-inherit-DISTRO-from-the-environment.patch (+34/-0)
debian/patches/0002-tools-remove-duplicated-va_start.patch (+27/-0)
debian/patches/0003-discover-try-to-get-domain-name-from-hostname.patch (+71/-0)
debian/patches/0003-doc-extend-user-principal-section.patch (+77/-0)
debian/patches/0003-service-remove-dead-code.patch (+35/-0)
debian/patches/0003-service-use-net-ads-join-with-k-for-user-join-as-wel.patch (+34/-0)
debian/patches/0004-doc-fix-discover-name-only.patch (+28/-0)
debian/patches/0004-service-check-return-value-of-fcntl.patch (+38/-0)
debian/patches/0004-service-use-additional-dns-hostnames-with-net-ads-jo.patch (+169/-0)
debian/patches/0005-doc-add-see-also-to-man-pages.patch (+48/-0)
debian/patches/0005-service-avoid-dereference-of-a-null-pointer.patch (+41/-0)
debian/patches/0006-doc-extend-description-of-config-handling.patch (+106/-0)
debian/patches/0006-service-avoid-dereferencing-a-NULL-pointer.patch (+26/-0)
debian/patches/0007-service-use-kerberos-method-secrets-and-keytab.patch (+32/-0)
debian/patches/dont-add-services-line.patch (+41/-0)
debian/patches/install-libnss-winbind.patch (+19/-0)
debian/patches/series (+29/-0)
This bug was fixed in the package realmd - 0.16.3-3ubuntu1
---------------
realmd (0.16.3-3ubuntu1) groovy; urgency=medium
* d/p/0001- LDAP-don- t-close- LDAP-socket- twice.patch: don't close LDAP Fix-man- page-reference- in-systemd- service- file.patch: the Use-current- idmap-options- for-smb. conf.patch: use the Find-NetBIOS- name-in- keytab- while-leaving. patch: find Fix-issues- found-by- Coverity. patch: fix issues found by Change- qualified- names-default- for-IPA. patch: change discover- try-to- get-domain- name-from- hostname. patch: if IPA-do- not-call- sssd-enable- logins. patch: IPA: do not call enable- logins Set-NEWEST- flag-when- resolving- packages- with-Package. patch: doc-make- sure-cross- reference- ids-are- predictable. patch: make tools-remove- duplicated- va_start. patch: remove duplicated service- remove- dead-code. patch: remove unused code service- check-return- value-of- fcntl.patch: check return service- avoid-dereferen ce-of-a- null-pointer. patch: avoid service- avoid-dereferen cing-a- NULL-pointer. patch: avoid Add-missing- xsl-file- to-Makefile. am.patch: add missing xsl configure- do-not- inherit- DISTRO- from-the- environment. patch: doc-extend- user-principal- section. patch: doc: extend doc-fix- discover- name-only. patch: doc: fix discover doc-add- see-also- to-man- pages.patch: doc: add see also to doc-extend- description- of-config- handling. patch: doc: extend service- use-kerberos- method- secrets- and-keytab. patch: when libnss- winbind. patch: install libnss-winbind when needed add-services- line.patch: in Ubuntu and Debian, the sssd_* service- use-additional- dns-hostnames- with-net- ads-jo. patch: Use-startTLS- with-FreeIPA. patch: attempt StartTLS first service- use-net- ads-join- with-k- for-user- join-as- wel.patch:
socket twice.
* d/p/0001-
manpage is realm(8), not realmd(8)
* d/p/0001-
idmap options in smb.conf for modern versions of samba (LP: #1894153)
* d/p/0001-
NetBIOS name in keytab while leaving the domain (LP: #1894340)
* d/p/0001-
Coverity
* d/p/0002-
qualified names default for IPA
* d/p/0003-
there is no domain name returned by DHCP check if the hostname
contains a domain part and use this to discover a realm.
* d/p/0001-
sssd-
* d/p/0001-
install the latest version of a package when resolving packages with
PackageKit
* d/p/0001-
sure cross-reference ids are predictable
* d/p/0002-
va_start()
* d/p/0003-
* d/p/0004-
value of fcntl()
* d/p/0005-
dereference of a null pointer
* d/p/0006-
dereferencing a NULL pointer
* d/p/0001-
file to Makefile.am
* d/p/0002-
do not inherit DISTRO from the environment
* d/p/0003-
user-principal section
* d/p/0004-
name-only parameter
* d/p/0005-
man pages
* d/p/0006-
description of config handling
* d/p/0007-
using Samba with Winbind, set "kerberos method" to "secrets and keytab"
* d/p/install-
(LP: #1894150)
* d/p/dont-
services are socket activated and don't need a "services" line in
sssd.conf (LP: #1880157)
* d/p/0004-
when using samba to join a domain, and the client is from a different
domain, also set "additional dns hostnames"
* d/p/0002-
when talking to FreeIPA
* d/p/0003-
when joining using samba, ...