On Thu, Sep 08, 2016 at 06:47:22AM +0000, Joakim Tjernlund wrote:
On Wed, 2016-09-07 at 16:22 -0400, Stephen Gallagher wrote:
> On 09/07/2016 02:22 AM, Joakim Tjernlund wrote:
> >
> > On Tue, 2016-09-06 at 20:51 +0200, Lukas Slebodnik wrote:
> > >
> > > On (06/09/16 17:36), Joakim Tjernlund wrote:
> > > >
> > > >
> > > > I just get no such user unless I enumerate the domain, is that really
needed ?
> > > > sssd-1.13.4
> > > >
> > > It's very difficult to say without log files.
> > >
> > >
https://fedorahosted.org/sssd/wiki/Troubleshooting
> > >
> >
> > I only get a hit in sssd_nss.log when I do "finger <user>"
> >
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [get_client_cred] (0x4000): Client
creds: euid[1001] egid[100]
> > pid[21947].
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [accept_fd_handler] (0x0400): Client
connected!
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [sss_cmd_get_version] (0x0200): Received
client version [1].
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [sss_cmd_get_version] (0x0200): Offered
version [1].
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [nss_cmd_setpwent_send] (0x0100):
Received setpwent request
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [nss_cmd_setpwent_send] (0x0040):
Enumeration disabled on all
> > domains!
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [nss_cmd_getpwent] (0x0100): Requesting
info for all accounts
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [nss_cmd_setpwent_send] (0x0100):
Received setpwent request
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [nss_cmd_setpwent_send] (0x0040):
Enumeration disabled on all
> > domains!
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [reset_idle_timer] (0x4000): Idle timer
re-set for client
> > [0x2641510][24]
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [client_recv] (0x0200): Client
disconnected!
> > (Wed Sep 7 08:21:41 2016) [sssd[nss]] [client_destructor] (0x2000): Terminated
client [0x2641510][24]
>
>
> Definitely looks like it's trying to run setpwent(), which doesn't work
without
> enumeration. I'm guessing that whatever implementation of `finger` you have is
> doing things really, really wrong.
>
I got netkit-fingerd-0.17, is there another one? Also finger -m <user> works as
that
does not need setpwent()
It looks like Fedora uses bsd-finger
(
https://admin.fedoraproject.org/pkgdb/package/rpms/finger/).
When run with ltrace I see that getpwnam("user") is called first and the
setpwent() and getpwent() are called to find other matching users. Maybe
the netkit-fingerd command skips the first getpwnam() when called
without -m?
HTH
bye,
Sumit
>
> Jocke
> _______________________________________________
> sssd-users mailing list
> sssd-users(a)lists.fedorahosted.org
>
https://lists.fedorahosted.org/admin/lists/sssd-users@lists.fedorahosted.org