Author: jsuchome Date: Fri Mar 18 17:02:56 2011 New Revision: 63609 URL: http://svn.opensuse.org/viewcvs/yast?rev=63609&view=rev Log: remove pam_krb5 when sssd is configured (fate#308902) Modified: branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp Modified: branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp?rev=63609&r1=63608&r2=63609&view=diff ============================================================================== --- branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp (original) +++ branches/SuSE-Code-11-SP2-Branch/ldap-client/src/Ldap.ycp Fri Mar 18 17:02:56 2011 @@ -2076,6 +2076,7 @@ // In a mixed Kerberos/LDAP setup the following changes are needed in the [domain/default] section: if (Pam::Enabled("krb5")) { +// FIXME: do not test for pam, it may be already off... SCR::Write (add (domain, "auth_provider"), "krb5"); SCR::Write (add (domain, "chpass_provider"), "krb5"); /* @@ -2093,7 +2094,6 @@ if (is (e,map) && e != $[]) { map kerberos = (map) e; -y2internal ("kerberos export map: %1", kerberos); SCR::Write (add (domain, "krb5_realm"), kerberos["kerberos_client","default_domain"]:nil); SCR::Write (add (domain, "krb5_kdcip"), kerberos["kerberos_client","kdc_server"]:nil); } @@ -2614,6 +2614,11 @@ union (nsswitch["passwd"]:[], ["sss"])); Nsswitch::WriteDb ("group", (list<string>) union (nsswitch["group"]:[], ["sss"])); + if (Pam::Enabled("krb5")) + { + y2milestone ("configuring 'sss', so 'krb5' will be removed"); + Pam::Remove ("krb5"); + } } else { -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org