From c2a5cae7aa8ee736edc698ade37f7c2264ec2eb0 Mon Sep 17 00:00:00 2001
From: Carneiro <gabriel.chaves.carneiro@gmail.com>
Date: Tue, 19 Nov 2024 08:38:41 -0300
Subject: [PATCH] Update DEBIAN/postinst

---
 DEBIAN/postinst | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/DEBIAN/postinst b/DEBIAN/postinst
index 503e417..c02f76a 100755
--- a/DEBIAN/postinst
+++ b/DEBIAN/postinst
@@ -4,17 +4,26 @@ set -e
 
 . /usr/share/debconf/confmodule
 
+# stores ldap bindpw in $RET
 db_get alice-auth/ldap-bind-password
 
 SSSD_CONFIG=/etc/sssd/sssd.conf
 SSHD_CONFIG=/etc/ssh/sshd_config
 
+# sets bindpw in sssd config
 sed -i "s/ldap_default_authtok =.*/ldap_default_authtok = $RET/" $SSSD_CONFIG
 
+# sets auth keys script in sshd config
 sed -i "s/#AuthorizedKeysCommand/AuthorizedKeysCommand/" $SSHD_CONFIG
 sed -i "/AuthorizedKeysCommand\( \|$\)/s/AuthorizedKeysCommand.*/AuthorizedKeysCommand \/usr\/bin\/sss_ssh_authorizedkeys/" $SSHD_CONFIG
 
+# change permissions and owner of sssd config
 chmod 600 $SSSD_CONFIG
 chown root:root $SSSD_CONFIG
 
-systemctl restart sssd autofs ssh
+# check if sss is set on hosts in /etc/nsswitch.conf
+if ! grep -q '^hosts:.*sss' /etc/nsswitch.conf; then
+    sed -i 's/files/files sss/' /etc/nsswitch.conf
+fi
+
+systemctl restart sssd autofs ssh
\ No newline at end of file