From 258fa9fd14673b8201c14f804cd94f8d8b94c37a Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Sun, 16 Feb 2025 10:31:28 -0800 Subject: [PATCH] ipa/client: sssd drop in needs to be owned by root, sssd changes it on restart Signed-off-by: Kevin Fenzi --- roles/ipa/client/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/ipa/client/tasks/main.yml b/roles/ipa/client/tasks/main.yml index 26f7e457d8..0f34197004 100644 --- a/roles/ipa/client/tasks/main.yml +++ b/roles/ipa/client/tasks/main.yml @@ -74,7 +74,7 @@ run_once: yes - name: Ensure that nss knows to skip certain users (f41/rhel) - ansible.builtin.template: src=fedora-nss-ignore.conf.j2 dest=/etc/sssd/conf.d/fedora-nss-ignore.conf mode=600 owner=sssd group=sssd + ansible.builtin.template: src=fedora-nss-ignore.conf.j2 dest=/etc/sssd/conf.d/fedora-nss-ignore.conf mode=600 owner=root group=sssd tags: - ipa/client - config