Ubuntu
realmd package

libnss-windind not installed when using --client-software=winbind

Bug #1894150 reported by Andreas Hasenack
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
realmd (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

When joining a domain with --client-software=winbind, realmd uses packagekit to install a few extra packages. This list comes from services/realmd-debian.conf in the source (/usr/lib/realmd/realmd-distro.conf at runtime), and is specified as:

[winbind-packages]
winbind = /usr/sbin/winbindd
libpam-winbind =

The key ("winbind", "libpam-winbind") is the package name, and the value, if supplied, is a file that should be checked on the system to determine if the package is installed or not. If there is no value, then just the package listing is considered.

In our case, it's missing libnss-winbind. The winbind package has a "Suggests" on libpam-winbind and libnss-winbind, but that is not enough to install them.

We should add "libnss-winbind =" to that section.

Related branches

~ahasenack/ubuntu/+source/realmd:jammy-realmd-merge
Canonical Server: Pending requested
Canonical Server Core Reviewers: Pending requested
Diff: 17668 lines (+5130/-3188) (has conflicts)
141 files modified
Makefile.am (+2/-2)
Makefile.in (+439/-144)
NEWS (+17/-0)
aclocal.m4 (+352/-187)
build/compile (+9/-8)
build/depcomp (+5/-5)
build/install-sh (+44/-16)
build/missing (+8/-8)
build/tap-driver (+83/-21)
build/test-driver (+5/-5)
config.h.in (+8/-0)
configure (+273/-116)
configure.ac (+14/-4)
dbus/org.freedesktop.realmd.service.in (+1/-1)
dbus/realm-dbus-constants.h (+2/-0)
dbus/realmd.service.in (+2/-2)
debian/changelog (+83/-0)
debian/control (+1/-1)
debian/links (+1/-0)
debian/patches/03_ldap-discovery-socket-timeout.patch (+76/-0)
debian/patches/04_add-computer-name-to-manpage.patch (+32/-0)
debian/patches/dont-add-services-line.patch (+16/-0)
debian/patches/series (+7/-0)
debian/watch (+1/-2)
dev/null (+0/-578)
doc/manual/Makefile.am (+10/-1)
doc/manual/devhelp2.xsl (+173/-0)
doc/manual/gtk-doc.xsl (+183/-253)
doc/manual/realm.xml (+113/-44)
doc/manual/realmd-guide-active-directory.xml (+2/-2)
doc/manual/realmd-guide-ipa.xml (+1/-1)
doc/manual/realmd-guide-kerberos.xml (+1/-1)
doc/manual/realmd.conf.xml (+138/-12)
doc/manual/static/gtk-doc.css (+319/-101)
doc/privatedir.xml.in (+1/-0)
doc/version.xml (+1/-1)
manual/book.devhelp2 (+68/-0)
manual/dbus-interface-raw.html (+9/-11)
manual/dbus-interface-reference.html (+9/-11)
manual/development.html (+9/-11)
manual/gdbus-org.freedesktop.realmd.Kerberos.html (+16/-22)
manual/gdbus-org.freedesktop.realmd.KerberosMembership.html (+16/-23)
manual/gdbus-org.freedesktop.realmd.Provider.html (+16/-23)
manual/gdbus-org.freedesktop.realmd.Realm.html (+16/-23)
manual/gdbus-org.freedesktop.realmd.Service.html (+16/-23)
manual/gtk-doc.css (+319/-101)
manual/guide-active-directory-client.html (+11/-13)
manual/guide-active-directory-join.html (+9/-11)
manual/guide-active-directory-permit.html (+9/-11)
manual/guide-active-directory.html (+11/-13)
manual/guide-integration.html (+9/-11)
manual/guide-ipa-client.html (+9/-11)
manual/guide-ipa-join.html (+9/-11)
manual/guide-ipa-permit.html (+9/-11)
manual/guide-ipa.html (+11/-13)
manual/guide-kerberos.html (+11/-13)
manual/guide.html (+13/-15)
manual/index.html (+8/-10)
manual/realm-manual.html (+9/-11)
manual/realm.html (+123/-56)
manual/realmd-conf.html (+130/-25)
po/LINGUAS (+4/-5)
po/POTFILES.in (+1/-0)
po/ca.po (+132/-129)
po/cs.po (+132/-131)
po/da.po (+40/-38)
po/de.po (+11/-10)
po/el.po (+1/-1)
po/en_GB.po (+5/-5)
po/es.po (+4/-4)
po/fa.po (+1/-1)
po/fi.po (+130/-129)
po/fr.po (+2/-2)
po/gl.po (+1/-1)
po/he.po (+1/-1)
po/hr.po (+130/-129)
po/hu.po (+120/-118)
po/id.po (+5/-5)
po/ja.po (+119/-118)
po/ka.po (+1/-1)
po/kk.po (+1/-1)
po/kn.po (+1/-1)
po/ko.po (+2/-2)
po/lt.po (+1/-1)
po/oc.po (+10/-9)
po/pl.po (+33/-33)
po/pt.po (+130/-129)
po/pt_BR.po (+1/-1)
po/ru.po (+1/-1)
po/sk.po (+1/-1)
po/sl.po (+1/-1)
po/sv.po (+6/-4)
po/tr.po (+5/-4)
po/uk.po (+2/-2)
po/zh_CN.po (+56/-52)
service/Makefile.am (+3/-1)
service/realm-adcli-enroll.c (+18/-7)
service/realm-adcli-enroll.h (+2/-0)
service/realm-command.c (+5/-1)
service/realm-daemon.c (+5/-0)
service/realm-disco-dns.c (+7/-3)
service/realm-disco-dns.h (+1/-0)
service/realm-disco-domain.c (+7/-1)
service/realm-disco-domain.h (+1/-0)
service/realm-disco-mscldap.c (+8/-1)
service/realm-disco-rootdse.c (+31/-1)
service/realm-disco-rootdse.h (+1/-0)
service/realm-disco.c (+1/-0)
service/realm-disco.h (+1/-0)
service/realm-kerberos-config.c (+116/-0)
service/realm-kerberos-config.h (+35/-0)
service/realm-kerberos.c (+70/-2)
service/realm-kerberos.h (+2/-0)
service/realm-ldap.c (+57/-3)
service/realm-ldap.h (+1/-0)
service/realm-options.c (+22/-6)
service/realm-options.h (+4/-1)
service/realm-packages.c (+2/-1)
service/realm-provider.c (+28/-2)
service/realm-samba-enroll.c (+73/-6)
service/realm-samba-enroll.h (+3/-0)
service/realm-samba-provider.c (+4/-1)
service/realm-samba-winbind.c (+51/-14)
service/realm-samba.c (+28/-6)
service/realm-sssd-ad.c (+43/-2)
service/realm-sssd-config.c (+2/-2)
service/realm-sssd-ipa.c (+6/-24)
service/realm-sssd-provider.c (+4/-1)
service/realmd-debian.conf (+2/-0)
service/realmd-defaults.conf (+1/-0)
service/realmd-redhat.conf (+1/-0)
service/realmd-suse.conf (+6/-4)
tests/test-ini-config.c (+1/-1)
tests/test-sssd-config.c (+39/-2)
tools/Makefile.am (+1/-1)
tools/realm-client.c (+2/-0)
tools/realm-client.h (+1/-0)
tools/realm-discover.c (+8/-3)
tools/realm-join.c (+20/-16)
tools/realm-leave.c (+11/-4)
tools/realm.c (+6/-2)
~ahasenack/ubuntu/+source/realmd:groovy-realmd-fixes
Christian Ehrhardt  (community): Approve
Rafael David Tinoco (community): Approve
Canonical Server Core Reviewers: Pending requested
Canonical Server: Pending requested
Diff: 3377 lines (+3187/-1)
30 files modified
debian/changelog (+63/-0)
debian/control (+2/-1)
debian/patches/0001-Add-missing-xsl-file-to-Makefile.am.patch (+29/-0)
debian/patches/0001-Find-NetBIOS-name-in-keytab-while-leaving.patch (+163/-0)
debian/patches/0001-Fix-issues-found-by-Coverity.patch (+37/-0)
debian/patches/0001-Fix-man-page-reference-in-systemd-service-file.patch (+27/-0)
debian/patches/0001-IPA-do-not-call-sssd-enable-logins.patch (+58/-0)
debian/patches/0001-LDAP-don-t-close-LDAP-socket-twice.patch (+43/-0)
debian/patches/0001-Set-NEWEST-flag-when-resolving-packages-with-Package.patch (+49/-0)
debian/patches/0001-Use-current-idmap-options-for-smb.conf.patch (+178/-0)
debian/patches/0001-doc-make-sure-cross-reference-ids-are-predictable.patch (+1502/-0)
debian/patches/0002-Change-qualified-names-default-for-IPA.patch (+105/-0)
debian/patches/0002-Use-startTLS-with-FreeIPA.patch (+76/-0)
debian/patches/0002-configure-do-not-inherit-DISTRO-from-the-environment.patch (+34/-0)
debian/patches/0002-tools-remove-duplicated-va_start.patch (+27/-0)
debian/patches/0003-discover-try-to-get-domain-name-from-hostname.patch (+71/-0)
debian/patches/0003-doc-extend-user-principal-section.patch (+77/-0)
debian/patches/0003-service-remove-dead-code.patch (+35/-0)
debian/patches/0003-service-use-net-ads-join-with-k-for-user-join-as-wel.patch (+34/-0)
debian/patches/0004-doc-fix-discover-name-only.patch (+28/-0)
debian/patches/0004-service-check-return-value-of-fcntl.patch (+38/-0)
debian/patches/0004-service-use-additional-dns-hostnames-with-net-ads-jo.patch (+169/-0)
debian/patches/0005-doc-add-see-also-to-man-pages.patch (+48/-0)
debian/patches/0005-service-avoid-dereference-of-a-null-pointer.patch (+41/-0)
debian/patches/0006-doc-extend-description-of-config-handling.patch (+106/-0)
debian/patches/0006-service-avoid-dereferencing-a-NULL-pointer.patch (+26/-0)
debian/patches/0007-service-use-kerberos-method-secrets-and-keytab.patch (+32/-0)
debian/patches/dont-add-services-line.patch (+41/-0)
debian/patches/install-libnss-winbind.patch (+19/-0)
debian/patches/series (+29/-0)
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.3 KiB)

This bug was fixed in the package realmd - 0.16.3-3ubuntu1

---------------
realmd (0.16.3-3ubuntu1) groovy; urgency=medium

  * d/p/0001-LDAP-don-t-close-LDAP-socket-twice.patch: don't close LDAP
    socket twice.
  * d/p/0001-Fix-man-page-reference-in-systemd-service-file.patch: the
    manpage is realm(8), not realmd(8)
  * d/p/0001-Use-current-idmap-options-for-smb.conf.patch: use the
    idmap options in smb.conf for modern versions of samba (LP: #1894153)
  * d/p/0001-Find-NetBIOS-name-in-keytab-while-leaving.patch: find
    NetBIOS name in keytab while leaving the domain (LP: #1894340)
  * d/p/0001-Fix-issues-found-by-Coverity.patch: fix issues found by
    Coverity
  * d/p/0002-Change-qualified-names-default-for-IPA.patch: change
    qualified names default for IPA
  * d/p/0003-discover-try-to-get-domain-name-from-hostname.patch: if
    there is no domain name returned by DHCP check if the hostname
    contains a domain part and use this to discover a realm.
  * d/p/0001-IPA-do-not-call-sssd-enable-logins.patch: IPA: do not call
    sssd-enable-logins
  * d/p/0001-Set-NEWEST-flag-when-resolving-packages-with-Package.patch:
    install the latest version of a package when resolving packages with
    PackageKit
  * d/p/0001-doc-make-sure-cross-reference-ids-are-predictable.patch: make
    sure cross-reference ids are predictable
  * d/p/0002-tools-remove-duplicated-va_start.patch: remove duplicated
    va_start()
  * d/p/0003-service-remove-dead-code.patch: remove unused code
  * d/p/0004-service-check-return-value-of-fcntl.patch: check return
    value of fcntl()
  * d/p/0005-service-avoid-dereference-of-a-null-pointer.patch: avoid
    dereference of a null pointer
  * d/p/0006-service-avoid-dereferencing-a-NULL-pointer.patch: avoid
    dereferencing a NULL pointer
  * d/p/0001-Add-missing-xsl-file-to-Makefile.am.patch: add missing xsl
    file to Makefile.am
  * d/p/0002-configure-do-not-inherit-DISTRO-from-the-environment.patch:
    do not inherit DISTRO from the environment
  * d/p/0003-doc-extend-user-principal-section.patch: doc: extend
    user-principal section
  * d/p/0004-doc-fix-discover-name-only.patch: doc: fix discover
    name-only parameter
  * d/p/0005-doc-add-see-also-to-man-pages.patch: doc: add see also to
    man pages
  * d/p/0006-doc-extend-description-of-config-handling.patch: doc: extend
    description of config handling
  * d/p/0007-service-use-kerberos-method-secrets-and-keytab.patch: when
    using Samba with Winbind, set "kerberos method" to "secrets and keytab"
  * d/p/install-libnss-winbind.patch: install libnss-winbind when needed
    (LP: #1894150)
  * d/p/dont-add-services-line.patch: in Ubuntu and Debian, the sssd_*
    services are socket activated and don't need a "services" line in
    sssd.conf (LP: #1880157)
  * d/p/0004-service-use-additional-dns-hostnames-with-net-ads-jo.patch:
    when using samba to join a domain, and the client is from a different
    domain, also set "additional dns hostnames"
  * d/p/0002-Use-startTLS-with-FreeIPA.patch: attempt StartTLS first
    when talking to FreeIPA
  * d/p/0003-service-use-net-ads-join-with-k-for-user-join-as-wel.patch:
    when joining using samba, ...

Read more...

Changed in realmd (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.