Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authselect select fails if the dconf directory does not exist #30

Closed
jhrozek opened this issue Jan 11, 2018 · 1 comment
Closed

authselect select fails if the dconf directory does not exist #30

jhrozek opened this issue Jan 11, 2018 · 1 comment

Comments

@jhrozek
Copy link
Contributor

jhrozek commented Jan 11, 2018

See:

authselect --trace select --debug=2 sssd                                                       
[info] [authselect_activate] Trying to activate profile [sssd]                                                        
[info] [authselect_profile] Looking up profile [sssd]      
[info] [authselect_profile_open] Profile [sssd] is a default profile                                                  
[info] [authselect_profile] Profile [sssd] found at [/usr/share/authselect/default/sssd]                              
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/README]                                 
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/system-auth]                            
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/password-auth]                          
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/smartcard-auth]                         
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/fingerprint-auth]                       
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/postlogin]                              
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/nsswitch.conf]                          
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/dconf-db]                               
[info] [read_textfile_dirfd] Reading file [/usr/share/authselect/default/sssd/dconf-locks]                            
[error] [check_directories] Directory [/etc/dconf/db/distro.d] does not exist, please create it!
[error] [check_directories] Directory [/etc/dconf/db/distro.d/locks] does not exist, please create it!
[error] [authselect_activate] Some directories are not accessible by authselect!
[error] [authselect_activate] Unable to activate profile [sssd] [1]: Operation not permitted
Unable to activate profile [1]: Operation not permitted

This is a minimal docker container, so the directory is not there, but authselect should either own it,require its owner or not fail.
@jhrozek jhrozek mentioned this issue Jan 11, 2018
Closed
pbrezina referenced this issue Jan 12, 2018
@pbrezina
Make sure /etc/dconf/db/distro.d is created
90fd2c0 
This directory is currently used by gdm to enable smartcard or fingerprint
authentication. It is created by default in Fedora and RHEL systems but
it is not owned by any package. We call make -p in %post phase of the
package installation to ensure that the directory is created even on
systems without gdm (e.g. docker) so we do not fail there and at the
same time the requested authentication works immediately in case gdm
is installed on such systems.

Resolves:
https://github.com/pbrezina/authselect/issues/30
@pbrezina pbrezina mentioned this issue Jan 12, 2018
Closed
pbrezina referenced this issue Feb 5, 2018
@pbrezina
Make sure /etc/dconf/db/distro.d is created
95b0cc7 
This directory is currently used by gdm to enable smartcard or fingerprint
authentication. It is created by default in Fedora and RHEL systems but
it is not owned by any package. We call make -p in %post phase of the
package installation to ensure that the directory is created even on
systems without gdm (e.g. docker) so we do not fail there and at the
same time the requested authentication works immediately in case gdm
is installed on such systems.

Resolves:
https://github.com/pbrezina/authselect/issues/30
pbrezina referenced this issue Feb 5, 2018
@pbrezina
Make sure /etc/dconf/db/distro.d is created
d7f3ab4 
This directory is currently used by gdm to enable smartcard or fingerprint
authentication. It is created by default in Fedora and RHEL systems but
it is not owned by any package. We call make -p in %post phase of the
package installation to ensure that the directory is created even on
systems without gdm (e.g. docker) so we do not fail there and at the
same time the requested authentication works immediately in case gdm
is installed on such systems.

Resolves:
https://github.com/pbrezina/authselect/issues/30
@poncovka poncovka mentioned this issue Feb 14, 2018
Merged
@pbrezina
Copy link
Member

Fixed by 5d2bfb0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jhrozek @pbrezina