mkhomedir option not working on ipa-client-install

Bug #1336869 reported by Juan Andrés Ghigliazza on 2014-07-02
74
This bug affects 14 people
Affects Status Importance Assigned to Milestone
freeipa (Ubuntu)
Medium
Unassigned

Bug Description

The option --mkhomedir of ipa-client-install script is not working (Ubuntu 14.04). As a workaround, after executing the script, the following line can be added to the file /etc/pam.d/common-session:

session required pam_mkhomedir.so skel=/etc/skel/

Unless for this problem and the bug https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1309655 everything is working fine. Really nice!.

Workaround: https://bgstack15.wordpress.com/2017/06/26/enabling-mkhomedir-on-ubuntu-for-freeipa/

Timo Aaltonen (tjaalton) wrote :
Changed in freeipa (Ubuntu):
importance: Undecided → Medium
status: New → Triaged

This bug is still present in Ubuntu 16.04. I am writing it here, because my problem is with the option "--mkhomedir" of ipa-client-install script. Don't really know what is the cause of the problem.

Mirzet Kadic (caracal-enl) wrote :

This bug is still present in Ubuntu 16.04

Timo Aaltonen (tjaalton) wrote :

feel free to help with 1192719

description: updated
Timo Aaltonen (tjaalton) wrote :

pam-auth-update is fixed in Debian, freeipa support for it pending

Marius B. Kotsbak (mariusko) wrote :

@tjaalton do you have any references to the Debian fix? So Free IPA still needs to switch the toggle to enable it?

Timo Aaltonen (tjaalton) wrote :

the version in bionic-proposed has support for this

Timo Aaltonen (tjaalton) wrote :

freeipa (4.7.0~pre1+git20180411-2ubuntu1) bionic; urgency=medium

  * tests/server-install: Fix the fake domain, single label domains are not
    supported anymore.
  * tests: If the server install fails, just dump the log and exit
    successfully.

 -- Timo Aaltonen <email address hidden> Wed, 18 Apr 2018 17:50:11 +0300

freeipa (4.7.0~pre1+git20180411-2) experimental; urgency=medium

  * fix-bind-ldap-so-path.diff: Dropped, the plugin uses non-MA path
    now, fix depends to match.
  * control: Add python-augeas to python-ipaclient depends. (LP: #1764615)
  * ldap-multiarch.diff: Replace hack-libarch.diff with a new patch to
    support more than x86. (LP: #1600634)

 -- Timo Aaltonen <email address hidden> Tue, 17 Apr 2018 23:47:32 +0300

freeipa (4.7.0~pre1+git20180411-1) experimental; urgency=medium

  * New upstream prerelease + git snapshot.
  * tests: Fix whitespace.
  * client.dirs: Add /var/lib/ipa-client/pki.
  * server.post*: Enable session, session_cookie apache modules.
  * control: Add sssd-dbus to server Depends.
  * fix-httpd-group.diff: Fix apache group for Debian.
  * control: Bump dependency on certmonger.
  * support-pam-mkhomedir.diff: Add support for enabling pam_mkhomedir.
    (LP: #1336869)
  * control: Add libsss-certmap-dev to build-depends.
  * control: Drop hardcoded libcurl3 dependency from client.
  * control*, rules: Add support for client-only build.
  * Fold admintools into the client package.
  * fix-bind-ldap-so-path.diff: Use multiarch path to bind/ldap.so.
  * fix-ipa-conf.diff: Dropped, upstream.
  * rules: Force building with python2.
  * server.install: Updated.
  * debian/.gitignore: Ignore d/control.
  * rules: If git is installed, revert po/ on clean.
  * server.dirs: Add missing directories, fix some permissions in
    postinst.
  * control.server: Bump dogtag dependencies to 10.6.0~.
  * control.server: Drop mod-nss from Depends, mod_ssl is used instead.
  * enable-mod-nss-during-setup.diff: Dropped, not needed anymore.
  * server.postinst/postrm: Enable/disable mod_ssl.
  * control: Bump 389-ds-base dependency.
  * rules: Modify python scripts to use python2.
  * fix-paths.diff: Add some paths to platform data.
  * hack-tomcat-race.diff: Restarting pki-tomcatd takes time, and renew_ca_cert
    does that several times in a row, so wait for 80s before starting migrating
    profiles to ldap to make sure the instance is up.
  * fix-apache-ssl-setup.diff: Fix mod_ssl setup.
  * hack-duplicate-cert-directive.diff: Delete a duplicate
    SSLCertificateFile directive until upstream is fixed.
  * server.postinst: Enable default-ssl site.
  * control: Depend on chrony instead of ntp.
  * fix-paths.diff: Add CHRONY_CONF.
  * python-ipaserver.install: Updated after dropping NTP.
  * fix-version.diff: Append +git to prerelease tag, don't require git.
  * pydist_overrides: Added.
  * rules: Update clean target.
  * control: Bump depends on bind9.

 -- Timo Aaltonen <email address hidden> Thu, 12 Apr 2018 14:01:56 +0300

Changed in freeipa (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers