December 2020 - Sssd-maintainers - Fedora Mailing-Lists

[Bug 1897205] New: SSSD fails to start when run as non-root user

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1897205 Bug ID: 1897205 Summary: SSSD fails to start when run as non-root user Product: Fedora Version: 33 OS: Linux Status: NEW Component: sssd Severity: urgent Assignee: sssd-maintainers(a)lists.fedoraproject.org Reporter: apeetham(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: abokovoy(a)redhat.com, atikhono(a)redhat.com, jhrozek(a)redhat.com, lslebodn(a)redhat.com, mzidek(a)redhat.com, pbrezina(a)redhat.com, rharwood(a)redhat.com, sbose(a)redhat.com, ssorce(a)redhat.com, sssd-maintainers(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Description of problem: SSSD service fails to restart, when "user = sssd" is set in SSSD.CONF, we don't see this behaviour in downstream RHEL-8.3 / RHEL-8.4 systems. Version-Release number of selected component (if applicable): sssd-2.4.0-2.fc33.x86_64 libsss_simpleifp-2.4.0-2.fc33.x86_64 How reproducible: Always Steps to Reproduce: 1. Configure sssd.conf as follows: [sssd] config_file_version = 2 reconnection_retries = 3 sbus_timeout = 30 services = nss, pam, ifp debug_level = 0xFFF0 user = sssd [nss] filter_groups = root filter_users = root reconnection_retries = 3 [pam] reconnection_retries = 3 [ifp] allowed_uids = root user_attributes = +mail, +givenname, +sn debug_level = 0xFFF0 2. Restart SSSD service, it fails with error. # systemctl restart sssd; systemctl status sssd Job for sssd.service failed because the control process exited with error code. See "systemctl status sssd.service" and "journalctl -xe" for details. ● sssd.service - System Security Services Daemon Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor preset: enabled) Active: activating (auto-restart) (Result: exit-code) since Thu 2020-11-12 20:27:20 IST; 10ms ago Process: 6678 ExecStart=/usr/sbin/sssd -i ${DEBUG_LOGGER} (code=exited, status=4) Main PID: 6678 (code=exited, status=4) CPU: 15ms Nov 12 20:27:20 mojito.redhat.com systemd[1]: Failed to start System Security Services Daemon. 3. Below is the sssd.log contents, logged right after service restart: (2020-11-12 20:27:20): [sssd] [monitor_quit_signal] (0x2000): Received shutdown command (2020-11-12 20:27:20): [sssd] [monitor_quit_signal] (0x0040): Monitor received Terminated: terminating children (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0040): Returned with: 0 (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating [ifp][6526] (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [ifp] exited gracefully (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating [pam][6525] (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [pam] terminated with a signal (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating [nss][6524] (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [nss] exited gracefully (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Terminating [implicit_files][6523] (2020-11-12 20:27:20): [sssd] [monitor_quit] (0x0020): Child [implicit_files] exited gracefully (2020-11-12 20:27:20): [sssd] [watch_ctx_destructor] (0x2000): Closing inotify fd 0 (2020-11-12 20:27:20:592247): [sssd] [get_service_user] (0x0010): Failed to set allowed UIDs. (2020-11-12 20:27:20:592289): [sssd] [get_monitor_config] (0x0020): Failed to get the unprivileged user (2020-11-12 20:27:20:592325): [sssd] [main] (0x0020): SSSD couldn't load the configuration database. (2020-11-12 20:27:20:860946): [sssd] [get_service_user] (0x0010): Failed to set allowed UIDs. (2020-11-12 20:27:20:861023): [sssd] [get_monitor_config] (0x0020): Failed to get the unprivileged user (2020-11-12 20:27:20:861077): [sssd] [main] (0x0020): SSSD couldn't load the configuration database. (2020-11-12 20:27:21:099530): [sssd] [get_service_user] (0x0010): Failed to set allowed UIDs. (2020-11-12 20:27:21:099570): [sssd] [get_monitor_config] (0x0020): Failed to get the unprivileged user (2020-11-12 20:27:21:099609): [sssd] [main] (0x0020): SSSD couldn't load the configuration database. (2020-11-12 20:27:21:354551): [sssd] [get_service_user] (0x0010): Failed to set allowed UIDs. (2020-11-12 20:27:21:354631): [sssd] [get_monitor_config] (0x0020): Failed to get the unprivileged user (2020-11-12 20:27:21:354678): [sssd] [main] (0x0020): SSSD couldn't load the configuration database. (2020-11-12 20:27:21:596433): [sssd] [get_service_user] (0x0010): Failed to set allowed UIDs. (2020-11-12 20:27:21:596565): [sssd] [get_monitor_config] (0x0020): Failed to get the unprivileged user (2020-11-12 20:27:21:596672): [sssd] [main] (0x0020): SSSD couldn't load the configuration database. Actual results: SSSD fails to restart. Expected results: Like rhel-8.4, sssd service should restart without issues. Additional info: -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.

3 years, 3 months

1
4
0 / 0

[Bug 1906802] New: sssd-2.4.0-3.fc33 breaks kinit

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1906802 Bug ID: 1906802 Summary: sssd-2.4.0-3.fc33 breaks kinit Product: Fedora Version: 33 Status: NEW Component: sssd Severity: urgent Assignee: sssd-maintainers(a)lists.fedoraproject.org Reporter: kvolny(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: abokovoy(a)redhat.com, atikhono(a)redhat.com, jhrozek(a)redhat.com, lslebodn(a)redhat.com, mzidek(a)redhat.com, pbrezina(a)redhat.com, rharwood(a)redhat.com, sbose(a)redhat.com, ssorce(a)redhat.com, sssd-maintainers(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Description of problem: Some recent upgrade broke my kerberos setup. Grepping /var/log/dnf.rpm.log for krb5 to find recent kerberos updates, then trying `dnf downgrade sssd-krb5` fixed the problem. Version-Release number of selected component (if applicable): sssd-krb5-2.4.0-3.fc33.x86_64 How reproducible: always Steps to Reproduce: 1. setup /etc/krb5.conf 2. $ kinit kvolny(a)EXAMPLE.COM Actual results: kinit: Credentials cache I/O operation failed while getting default ccache Expected results: Password for kvolny(a)EXAMPLE.COM: Additional info: -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.

3 years, 4 months

1
5
0 / 0

[Bug 1904715] New: [abrt] sssd-common: __strlen_avx2(): sssd_be killed by SIGSEGV

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1904715 Bug ID: 1904715 Summary: [abrt] sssd-common: __strlen_avx2(): sssd_be killed by SIGSEGV Product: Fedora Version: 32 Hardware: x86_64 Status: NEW Whiteboard: abrt_hash:7d9d9b1f720c2c02532c294e8d84614e07fd9f97;VAR IANT_ID=workstation; Component: sssd Assignee: sssd-maintainers(a)lists.fedoraproject.org Reporter: wertstoffe(a)schuerz.at QA Contact: extras-qa(a)fedoraproject.org CC: abokovoy(a)redhat.com, atikhono(a)redhat.com, jhrozek(a)redhat.com, lslebodn(a)redhat.com, mzidek(a)redhat.com, pbrezina(a)redhat.com, rharwood(a)redhat.com, sbose(a)redhat.com, ssorce(a)redhat.com Target Milestone: --- Group: fedora_contrib_private Classification: Fedora Version-Release number of selected component: sssd-common-2.4.0-1.fc32 Additional info: reporter: libreport-2.13.1 backtrace_rating: 4 cmdline: /usr/libexec/sssd/sssd_be --domain LDAP --uid 0 --gid 0 --logger=files crash_function: __strlen_avx2 executable: /usr/libexec/sssd/sssd_be journald_cursor: s=eb4efcbbb3454bbaa84a7b08c471eacb;i=d34;b=927dda9f2f8748f89925260b80b2ff8d;m=6701cf7;t=5b5bb691b2473;x=eed9396ae2c700e kernel: 5.9.11-100.fc32.x86_64 rootdir: / runlevel: N 5 type: CCpp uid: 0 Truncated backtrace: Thread no. 1 (10 frames) #0 __strlen_avx2 at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65 #1 talloc_strdup at ../../talloc.c:2471 #2 resolv_copy_hostent_common at src/resolv/async_resolv.c:533 #3 resolv_copy_hostent_ares at src/resolv/async_resolv.c:616 #4 resolv_gethostbyname_dns_parse at src/resolv/async_resolv.c:981 #5 resolv_gethostbyname_dns_query_done at src/resolv/async_resolv.c:927 #6 end_squery at /usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_search.c:208 #7 qcallback at /usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_query.c:183 #8 end_query at /usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_process.c:1493 #9 process_answer at /usr/src/debug/c-ares-1.17.0-1.fc32.x86_64/src/lib/ares_process.c:582 -- You are receiving this mail because: You are the assignee for the bug.

3 years, 4 months

1
1
0 / 0

[Bug 1902666] New: sssd_be processes segfault

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1902666 Bug ID: 1902666 Summary: sssd_be processes segfault Product: Fedora Version: 32 Hardware: x86_64 OS: Linux Status: NEW Component: sssd Severity: medium Assignee: sssd-maintainers(a)lists.fedoraproject.org Reporter: alexey.shcherbakov(a)kaspersky.com QA Contact: extras-qa(a)fedoraproject.org CC: abokovoy(a)redhat.com, atikhono(a)redhat.com, jhrozek(a)redhat.com, lslebodn(a)redhat.com, mzidek(a)redhat.com, pbrezina(a)redhat.com, rharwood(a)redhat.com, sbose(a)redhat.com, ssorce(a)redhat.com, sssd-maintainers(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Created attachment 1734792 --> https://bugzilla.redhat.com/attachment.cgi?id=1734792&action=edit log and coredump files Hi, need help find solution, something wrong happening with sssd_be processes, sssd-ad-1.16.4-37.el7_8.4.x86_64, libsss_idmap-1.16.4-37.el7_8.4.x86_64, more info in screenshot and attachments (log and coredump files), -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.

3 years, 4 months

1
8
0 / 0

2024

2023

2022

2021

2020

Sssd-maintainers December 2020