From 2e80bce18b153ee69e86e4bbf4d213e4f3e7fa51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gardais=20J=C3=A9r=C3=A9my?= Date: Wed, 6 Sep 2017 15:59:45 +0200 Subject: [PATCH] For Debian Stretch ensure to also install `ca-certificates` (fix #2). --- CHANGELOG.md | 5 +++++ README.md | 3 ++- vars/debian.yml | 1 + 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f03d8dd..40ec820 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ +## v1.1.x + +### Fix +* For Debian Stretch ensure to also install `ca-certificates` (fix #2). + ## v1.1.1 ### Fix diff --git a/README.md b/README.md index e759fe9..0f6d390 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ Highly inspired by [Lae's system_ldap role][lae sssd galaxy] with minors updates Please see default value by Operating System file in [vars][vars directory] directory. * **sssd_pkg_list** : The list of packages to install to provide `sssd`. + * Be careful, `sssd` may need additional packages to be able to establish a TLS connection to a LDAP/AD/… server (such as `ca-certificates`,…). ## Example Playbook @@ -59,7 +60,7 @@ sssd_bind_dn: 'cn=sssd_user,ou=apps,dc=domain,dc=tld' This role will : * Install needed packages to provide `sssd`. * Manage the default `sssd` configuration file (`/etc/sssd/sssd.conf`). -* Create an additionnal configuration file to only store the bind_password (`/etc/sssd/conf.d/domain.bind.conf`). +* Create an additional configuration file to only store the bind_password (`/etc/sssd/conf.d/domain.bind.conf`). * Remove `sss` directive for `sudoers` in `/etc/nsswitch.conf` file. * Manage `sssd` service. diff --git a/vars/debian.yml b/vars/debian.yml index bbda19f..3b34b18 100644 --- a/vars/debian.yml +++ b/vars/debian.yml @@ -1,4 +1,5 @@ --- # vars file for Debian-based distros sssd_pkg_list: + - ca-certificates - sssd