#1139637 libnss-sss removes non-empty automount entries from /etc/nsswitch.conf on package removal

Package:
sssd
Source:
sssd
Description:
System Security Services Daemon -- metapackage
Submitter:
Andreas Vögele
Date:
2026-06-10 13:13:02 UTC
Severity:
normal
#1139637#5
Date:
2026-06-10 13:11:26 UTC
From:
To:
There's a libnss-sss.nss file in the debian directory that handles entries in /etc/nsswitch.conf properly. But there's also a libnss-sss.postrm script that removes "automount" entries unconditionally even if there are still keywords such as "files" or "nis".

    # Remove NSS databases: `automount` and `automounter` (legacy).
    sed -i '/^automount/d' "${DPKG_ROOT}/etc/nsswitch.conf"

The script needs to check whether the automount entry is empty. Something like this:

    if grep -q -E '^automount(er)?:\s*$' "${DPKG_ROOT}/etc/nsswitch.conf" ; then
       sed -i '/^automount/d' "${DPKG_ROOT}/etc/nsswitch.conf"
    fi

We use Ubuntu 24.04, but the bug is present in Debian 13.