From f3eb7ccaf864bb1cc86773f75ea458abe6ca34bb Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 31 Mar 2021 17:09:02 -0700 Subject: [PATCH] ipa / client / sssd: ignore the named user in ipa as well to make named work on nameservers Signed-off-by: Kevin Fenzi --- roles/ipa/client/files/fedora-nss-ignore.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/ipa/client/files/fedora-nss-ignore.conf b/roles/ipa/client/files/fedora-nss-ignore.conf index 0e65ad0398..4bee8c471f 100644 --- a/roles/ipa/client/files/fedora-nss-ignore.conf +++ b/roles/ipa/client/files/fedora-nss-ignore.conf @@ -2,5 +2,5 @@ ## creating restricted accounts but we want to make sure the id in ## /etc/passwd and /etc/group are used. [nss] -filter_users = root,bin,daemon,adm,lp,sync,shutdown,halt,mail,operator,games,ftp,nobody,avahi-autoipd,dbus,polkitd,rpc,tss,ntp,rpcuser,nfsnobody,postfix,sshd,nagios,nrpe,openvpn,,chrony,sssd -filter_groups = root,bin,daemon,sys,adm,tty,disk,lp,mem,kmem,wheel,cdrom,mail,man,dialout,floppy,games,tape,video,ftp,lock,audio,nobody,users,utmp,utempter,avahi-autoipd,ssh_keys,systemd-journal,dbus,rpc,tss,ntp,dip,rpcuser,nfsnobody,postdrop,postfix,sshd,screen,nagios,nrpe,openvpn,input,systemd-bus-proxy,systemd-network,cgred,chrony,printadmin,sssd +filter_users = root,bin,daemon,adm,lp,sync,shutdown,halt,mail,operator,games,ftp,nobody,avahi-autoipd,dbus,polkitd,rpc,tss,ntp,rpcuser,nfsnobody,postfix,sshd,nagios,nrpe,openvpn,,chrony,sssd,named +filter_groups = root,bin,daemon,sys,adm,tty,disk,lp,mem,kmem,wheel,cdrom,mail,man,dialout,floppy,games,tape,video,ftp,lock,audio,nobody,users,utmp,utempter,avahi-autoipd,ssh_keys,systemd-journal,dbus,rpc,tss,ntp,dip,rpcuser,nfsnobody,postdrop,postfix,sshd,screen,nagios,nrpe,openvpn,input,systemd-bus-proxy,systemd-network,cgred,chrony,printadmin,sssd,named