From 93bb488176f6189265720783cedbfe571f1f7d51 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gardais=20J=C3=A9r=C3=A9my?=
 <jeremy.gardais@univ-rennes1.fr>
Date: Mon, 29 Jan 2018 16:11:49 +0100
Subject: [PATCH] nsswitch.conf is modified only is `sssd_nsswitch_manage` is
 set (fix #5).

---
 CHANGELOG.md      | 5 +++++
 README.md         | 3 ++-
 defaults/main.yml | 3 +++
 tasks/main.yml    | 2 +-
 4 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e75fdd3..af0c7c0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,9 @@
 
+## v1.2
+
+### Enhancement
+* nsswitch.conf is modified only is `sssd_nsswitch_manage` is set (fix #5).
+
 ## v1.1.4
 
 ### Enhancement
diff --git a/README.md b/README.md
index ac89a6f..6544f4f 100644
--- a/README.md
+++ b/README.md
@@ -24,6 +24,7 @@ Highly inspired by [Lae's system_ldap role][lae sssd galaxy] with minors updates
 * **sssd_mkhomedir** : If home directories should be created at login [default : `true`].
 * **sssd_home_path** : Path where home directories are stored [default : `/home`].
 * **sssd_sudoers_ldap** : If sudo must look to `sss` the list of sudoers [default : `false`].
+* **sssd_nsswitch_manage** : If nsswitch should be managed by the role [default : `false`].
 * **sssd_service_name** : SSSD's service name [default : `sssd`].
 * **sssd_flush_handlers** : If handlers need to be applied at the end of the role [default : `False`].
 
@@ -68,7 +69,7 @@ This role will :
 * Install needed packages to provide `sssd`.
 * Manage the default `sssd` configuration file (`/etc/sssd/sssd.conf`).
 * Create an additional configuration file to only store the bind_password (`/etc/sssd/conf.d/domain.bind.conf`).
-* Remove `sss` directive for `sudoers` in `/etc/nsswitch.conf` file.
+* Remove `sss` directive for `sudoers` in `/etc/nsswitch.conf` file if `sssd_nsswitch_manage` is set.
 * Manage `sssd` service.
 * Restart `systemd-logind` service.
 
diff --git a/defaults/main.yml b/defaults/main.yml
index bc47eeb..5a0a0ff 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -20,6 +20,9 @@ sssd_search_base: ''
 sssd_bind_dn: ''
 sssd_bind_password: ''
 
+# nsswitch configuration
+sssd_nsswitch_manage: false
+
 # Service
 sssd_service_name: 'sssd'
 sssd_flush_handlers: False
diff --git a/tasks/main.yml b/tasks/main.yml
index 0acadc6..c6408ea 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -25,7 +25,7 @@
     owner: root
     group: root
     mode: 0644
-  when: not sssd_sudoers_ldap
+  when: not sssd_sudoers_ldap and sssd_nsswitch_manage
 
 # Configuration file
 - name: CONFIG sssd.conf