Comment 0 for bug 1916562

lsb_release -rdc
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal

apt-cache policy libnss-sss
libnss-sss:
  Installed: 2.2.3-3ubuntu0.3
  Candidate: 2.2.3-3ubuntu0.3
  Version table:
 *** 2.2.3-3ubuntu0.3 500
        500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     2.2.3-3ubuntu0.1 500
        500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
     2.2.3-3 500
        500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages

libnss-sss has a postinst script that modifies /etc/nsswitch.conf and adds "sss" to many of the lines. (/var/lib/dpkg/info/libnss-sss:amd64.postinst)

After running `apt remove libnss-sss`, the same lines are modified again in /etc/nsswitch.conf to remove the changes.

If you then install libnss-sss again, nsswitch.conf is NOT re-modified on subsequent installs. libnss-sss will only re-modify /etc/nsswitch.conf if it has been purged first / "clean" install.

Expectation: if config is changed *only* during initial install, then config should be left behind during a remove, and config only removed when the package is *purged*.

The only exception I can think of is if there's some specific reason to want to back out the changes to /etc/nsswitch.conf any time libnss-sss is removed (but *not* purged)... and if this is the case, then I'd think maybe the postinst script should be *re-adding* "sss" to nsswitch.conf on *any* install/reinstall (even if it wasn't purged first).