[Bug 1897205] New: SSSD fails to start when run as non-root user
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1897205
Bug ID: 1897205
Summary: SSSD fails to start when run as non-root user
Product: Fedora
Version: 33
OS: Linux
Status: NEW
Component: sssd
Severity: urgent
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: apeetham(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
mzidek(a)redhat.com, pbrezina(a)redhat.com,
rharwood(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Description of problem:
SSSD service fails to restart, when "user = sssd" is set in SSSD.CONF, we don't
see this behaviour in downstream RHEL-8.3 / RHEL-8.4 systems.
Version-Release number of selected component (if applicable):
sssd-2.4.0-2.fc33.x86_64
libsss_simpleifp-2.4.0-2.fc33.x86_64
How reproducible: Always
Steps to Reproduce:
1. Configure sssd.conf as follows:
[sssd]
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 30
services = nss, pam, ifp
debug_level = 0xFFF0
user = sssd
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
[pam]
reconnection_retries = 3
[ifp]
allowed_uids = root
user_attributes = +mail, +givenname, +sn
debug_level = 0xFFF0
2. Restart SSSD service, it fails with error.
# systemctl restart sssd; systemctl status sssd
Job for sssd.service failed because the control process exited with error code.
See "systemctl status sssd.service" and "journalctl -xe" for details.
● sssd.service - System Security Services Daemon
Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Thu 2020-11-12
20:27:20 IST; 10ms ago
Process: 6678 ExecStart=/usr/sbin/sssd -i ${DEBUG_LOGGER} (code=exited,
status=4)
Main PID: 6678 (code=exited, status=4)
CPU: 15ms
Nov 12 20:27:20 mojito.redhat.com systemd[1]: Failed to start System Security
Services Daemon.
3. Below is the sssd.log contents, logged right after service restart:
(2020-11-12 20:27:20): [sssd] [monitor_quit_signal] (0x2000): Received shutdown
command
(2020-11-12 20:27:20): [sssd] [monitor_quit_signal] (0x0040): Monitor received
Terminated: terminating children
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0040): Returned with: 0
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating [ifp][6526]
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [ifp] exited
gracefully
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating [pam][6525]
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [pam] terminated
with a signal
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating [nss][6524]
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [nss] exited
gracefully
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating
[implicit_files][6523]
(2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [implicit_files]
exited gracefully
(2020-11-12 20:27:20): [sssd] [watch_ctx_destructor] (0x2000): Closing inotify
fd 0
(2020-11-12 20:27:20:592247): [sssd] [get_service_user] (0x0010): Failed to set
allowed UIDs.
(2020-11-12 20:27:20:592289): [sssd] [get_monitor_config] (0x0020): Failed to
get the unprivileged user
(2020-11-12 20:27:20:592325): [sssd] [main] (0x0020): SSSD couldn't load the
configuration database.
(2020-11-12 20:27:20:860946): [sssd] [get_service_user] (0x0010): Failed to set
allowed UIDs.
(2020-11-12 20:27:20:861023): [sssd] [get_monitor_config] (0x0020): Failed to
get the unprivileged user
(2020-11-12 20:27:20:861077): [sssd] [main] (0x0020): SSSD couldn't load the
configuration database.
(2020-11-12 20:27:21:099530): [sssd] [get_service_user] (0x0010): Failed to set
allowed UIDs.
(2020-11-12 20:27:21:099570): [sssd] [get_monitor_config] (0x0020): Failed to
get the unprivileged user
(2020-11-12 20:27:21:099609): [sssd] [main] (0x0020): SSSD couldn't load the
configuration database.
(2020-11-12 20:27:21:354551): [sssd] [get_service_user] (0x0010): Failed to set
allowed UIDs.
(2020-11-12 20:27:21:354631): [sssd] [get_monitor_config] (0x0020): Failed to
get the unprivileged user
(2020-11-12 20:27:21:354678): [sssd] [main] (0x0020): SSSD couldn't load the
configuration database.
(2020-11-12 20:27:21:596433): [sssd] [get_service_user] (0x0010): Failed to set
allowed UIDs.
(2020-11-12 20:27:21:596565): [sssd] [get_monitor_config] (0x0020): Failed to
get the unprivileged user
(2020-11-12 20:27:21:596672): [sssd] [main] (0x0020): SSSD couldn't load the
configuration database.
Actual results:
SSSD fails to restart.
Expected results:
Like rhel-8.4, sssd service should restart without issues.
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
3 years, 3 months
[Bug 1906802] New: sssd-2.4.0-3.fc33 breaks kinit
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1906802
Bug ID: 1906802
Summary: sssd-2.4.0-3.fc33 breaks kinit
Product: Fedora
Version: 33
Status: NEW
Component: sssd
Severity: urgent
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: kvolny(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
mzidek(a)redhat.com, pbrezina(a)redhat.com,
rharwood(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Description of problem:
Some recent upgrade broke my kerberos setup.
Grepping /var/log/dnf.rpm.log for krb5 to find recent kerberos updates, then
trying `dnf downgrade sssd-krb5` fixed the problem.
Version-Release number of selected component (if applicable):
sssd-krb5-2.4.0-3.fc33.x86_64
How reproducible:
always
Steps to Reproduce:
1. setup /etc/krb5.conf
2. $ kinit kvolny(a)EXAMPLE.COM
Actual results:
kinit: Credentials cache I/O operation failed while getting default ccache
Expected results:
Password for kvolny(a)EXAMPLE.COM:
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
3 years, 4 months
[Bug 1904715] New: [abrt] sssd-common: __strlen_avx2(): sssd_be killed by SIGSEGV
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1904715
Bug ID: 1904715
Summary: [abrt] sssd-common: __strlen_avx2(): sssd_be killed by
SIGSEGV
Product: Fedora
Version: 32
Hardware: x86_64
Status: NEW
Whiteboard: abrt_hash:7d9d9b1f720c2c02532c294e8d84614e07fd9f97;VAR
IANT_ID=workstation;
Component: sssd
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: wertstoffe(a)schuerz.at
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
mzidek(a)redhat.com, pbrezina(a)redhat.com,
rharwood(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com
Target Milestone: ---
Group: fedora_contrib_private
Classification: Fedora
Version-Release number of selected component:
sssd-common-2.4.0-1.fc32
Additional info:
reporter: libreport-2.13.1
backtrace_rating: 4
cmdline: /usr/libexec/sssd/sssd_be --domain LDAP --uid 0 --gid 0
--logger=files
crash_function: __strlen_avx2
executable: /usr/libexec/sssd/sssd_be
journald_cursor:
s=eb4efcbbb3454bbaa84a7b08c471eacb;i=d34;b=927dda9f2f8748f89925260b80b2ff8d;m=6701cf7;t=5b5bb691b2473;x=eed9396ae2c700e
kernel: 5.9.11-100.fc32.x86_64
rootdir: /
runlevel: N 5
type: CCpp
uid: 0
Truncated backtrace:
Thread no. 1 (10 frames)
#0 __strlen_avx2 at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
#1 talloc_strdup at ../../talloc.c:2471
#2 resolv_copy_hostent_common at src/resolv/async_resolv.c:533
#3 resolv_copy_hostent_ares at src/resolv/async_resolv.c:616
#4 resolv_gethostbyname_dns_parse at src/resolv/async_resolv.c:981
#5 resolv_gethostbyname_dns_query_done at src/resolv/async_resolv.c:927
#6 end_squery at
/usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_search.c:208
#7 qcallback at
/usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_query.c:183
#8 end_query at
/usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_process.c:1493
#9 process_answer at
/usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_process.c:582
--
You are receiving this mail because:
You are the assignee for the bug.
3 years, 4 months
[Bug 1902666] New: sssd_be processes segfault
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1902666
Bug ID: 1902666
Summary: sssd_be processes segfault
Product: Fedora
Version: 32
Hardware: x86_64
OS: Linux
Status: NEW
Component: sssd
Severity: medium
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: alexey.shcherbakov(a)kaspersky.com
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
mzidek(a)redhat.com, pbrezina(a)redhat.com,
rharwood(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Created attachment 1734792
--> https://bugzilla.redhat.com/attachment.cgi?id=1734792&action=edit
log and coredump files
Hi,
need help find solution,
something wrong happening with sssd_be processes,
sssd-ad-1.16.4-37.el7_8.4.x86_64,
libsss_idmap-1.16.4-37.el7_8.4.x86_64,
more info in screenshot and attachments (log and coredump files),
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
3 years, 4 months