https://bugzilla.redhat.com/show_bug.cgi?id=1965818
Bug ID: 1965818
Summary: sssd - failing on "dotted"languages (Example turkish
language)
Product: Fedora
Version: 34
Hardware: x86_64
OS: Linux
Status: NEW
Component: sssd
Severity: high
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: thunderbirdtr(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
luk.claes(a)gmail.com, mzidek(a)redhat.com,
pbrezina(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Description of problem:
Hello,
SSSD Service isn't starting If we use dotted language in our system. For
example, adding "LANG=tr_TR" into "/etc/sysconfig/sssd" makes sssd fails on
start. If anyone install Fedora with "turkish" or other dotted language in
their pc/laptop, that makes sssd fails on start.
After I made little bit research, I notice this issue has been addressed
multiple times around RHEL[0] and samba[1] and github[2] as well. So for that
reason at least can we add "english" locale setting into rpm spec with
"language" check as a workaround has been suggest in github link.That is at
least gives us "working" package in dotted languge, and If anyone wants change
setting, they can change it. At least for normal users, we can have working
sssd service and not complain about fails all the times. I know this isn't the
cleanest solution (proper solution is patching libldb package which causing
this issue, but at least we can have a "quick&dirty" solution avoid on new
installs.
Thank you.
[0] : https://bugzilla.redhat.com/show_bug.cgi?id=1743531
[1] : https://lists.samba.org/archive/samba-technical/2019-December/134659.html
[2] : https://github.com/SSSD/sssd/issues/5285
Version-Release number of selected component (if applicable):
sssd-2.5.0-2.fc34.x86_64
libldb-2.3.0-2.fc34.x86_64
How reproducible:
Steps to Reproduce:
1. Install Fedora or change language into dotted or change "LANG" env into
dotted langauge
2. reset sssd counter
3. start sssd
Actual results:
sssd fails
Expected results:
sssd should start clean in default config.
Additional info:
SSSD Systemctl errors
systemd[1]: Starting System Security Services Daemon...
sssd[760632]: Starting up
systemd[1]: sssd.service: Main process exited,
code=exited, status=4/NOPERMISSION
systemd[1]: sssd.service: Failed with result
'exit-code'.
systemd[1]: Failed to start System Security Services
Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
systemd[1]: sssd.service: Scheduled restart job,
restart counter is at 1.
systemd[1]: Stopped System Security Services Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
systemd[1]: Starting System Security Services Daemon...
sssd[760633]: Starting up
systemd[1]: sssd.service: Main process exited,
code=exited, status=4/NOPERMISSION
systemd[1]: sssd.service: Failed with result
'exit-code'.
systemd[1]: Failed to start System Security Services
Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
systemd[1]: sssd.service: Scheduled restart job,
restart counter is at 2.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
systemd[1]: Stopped System Security Services Daemon.
systemd[1]: Starting System Security Services Daemon...
sssd[760636]: Starting up
systemd[1]: sssd.service: Main process exited,
code=exited, status=4/NOPERMISSION
systemd[1]: sssd.service: Failed with result
'exit-code'.
systemd[1]: Failed to start System Security Services
Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
systemd[1]: sssd.service: Scheduled restart job,
restart counter is at 3.
systemd[1]: Stopped System Security Services Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
systemd[1]: Starting System Security Services Daemon...
sssd[760637]: Starting up
systemd[1]: sssd.service: Main process exited,
code=exited, status=4/NOPERMISSION
systemd[1]: sssd.service: Failed with result
'exit-code'.
systemd[1]: Failed to start System Security Services
Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
systemd[1]: sssd.service: Scheduled restart job,
restart counter is at 4.
systemd[1]: Stopped System Security Services Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
systemd[1]: Starting System Security Services Daemon...
sssd[760639]: Starting up
systemd[1]: sssd.service: Main process exited,
code=exited, status=4/NOPERMISSION
systemd[1]: sssd.service: Failed with result
'exit-code'.
systemd[1]: Failed to start System Security Services
Daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295
ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
-----------
/var/log/sssd/sssd.log (last error with LANG setting is tr_TR (LANG=tr_TR) )
-----------
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING
BACKTRACE:
* (2021-05-30 15:46:52): [sssd] [check_file] (0x0400): lstat for
[/run/sssd.pid] failed: [2][No such file or directory].
* (2021-05-30 15:46:52): [sssd] [check_file] (0x0400): lstat for
[/var/run/nscd/socket] failed: [2][No such file or directory].
* (2021-05-30 15:46:52): [sssd] [ldb] (0x0400): server_sort:Unable to
register control with rootdse!
* (2021-05-30 15:46:52): [sssd] [sss_ini_open] (0x0400): No
/etc/sssd/sssd.conf.
* (2021-05-30 15:46:52): [sssd] [sss_ini_read_sssd_conf] (0x0100): File
/etc/sssd/sssd.conf does not exist.
* (2021-05-30 15:46:52): [sssd] [confdb_ldif_from_ini_file] (0x0100): Value
of config_file_version option not found. Assumed to be version 2.
* (2021-05-30 15:46:52): [sssd] [sss_confdb_create_ldif] (0x0400):
Processing config section [sssd]
* (2021-05-30 15:46:52): [sssd] [sss_confdb_create_ldif] (0x0400):
Processing attribute [services]
* (2021-05-30 15:46:52): [sssd] [sss_confdb_create_ldif] (0x4000):
services:
nss
* (2021-05-30 15:46:52): [sssd] [sss_confdb_create_ldif] (0x4000): Section
dn
dn: cn=sssd,cn=config
cn: sssd
services: nss
* (2021-05-30 15:46:52): [sssd] [confdb_init_db] (0x0100): LDIF file to
import:
dn: cn=config
version: 2
dn: cn=sssd,cn=config
cn: sssd
services: nss
* (2021-05-30 15:46:52): [sssd] [add_implicit_services] (0x0040): No
domains
configured!
* (2021-05-30 15:46:52): [sssd] [get_monitor_config] (0x0040): Failed to
add
implicit configured services. Some functionality might be missing
* (2021-05-30 15:46:53): [sssd] [confdb_expand_app_domains] (0x2000):
implicit_files is not an app domain
* (2021-05-30 15:46:53): [sssd] [confdb_get_domain_internal] (0x0400): No
enumeration for [implicit_files]!
* (2021-05-30 15:46:53): [sssd] [confdb_get_domain_internal] (0x0400):
Please note that when enumeration is disabled `getent passwd` does not return
all users by design. See sssd.conf man page for more detailed information
* (2021-05-30 15:46:53): [sssd] [confdb_get_domain_internal] (0x1000):
pwd_expiration_warning is -1
* (2021-05-30 15:46:53): [sssd] [server_setup] (0x0080): Failed setting
process group: Operation not permitted[1]. We might leak processes in case of
failure
* (2021-05-30 15:46:53): [sssd] [become_user] (0x0200): Trying to become
user [0][0].
* (2021-05-30 15:46:53): [sssd] [become_user] (0x0200): Already user [0].
* (2021-05-30 15:46:53): [sssd] [ldb] (0x0400): server_sort:Unable to
register control with rootdse!
* (2021-05-30 15:46:53): [sssd] [server_setup] (0x0400): CONFDB:
/var/lib/sss/db/config.ldb
* (2021-05-30 15:46:53): [sssd] [confdb_get_enabled_domain_list] (0x0040):
Failed to get [domains] from [sssd], error [2] (Böyle bir dosya ya da dizin
yok)
********************** BACKTRACE DUMP ENDS HERE
*********************************
(2021-05-30 15:46:53): [sssd] [main] (0x0010): No domains configured.
********************** PREVIOUS MESSAGE WAS TRIGGERED BY THE FOLLOWING
BACKTRACE:
* (2021-05-30 15:46:53): [sssd] [confdb_get_domains] (0x0080): No domains
configured, fatal error!
* (2021-05-30 15:46:53): [sssd] [main] (0x0010): No domains configured.
********************** BACKTRACE DUMP ENDS HERE
*********************************
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2066688
Bug ID: 2066688
Summary: rawhide ships older sssd version than fc36
Product: Fedora
Version: rawhide
Status: NEW
Component: sssd
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: frenaud(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
luk.claes(a)gmail.com, mzidek(a)redhat.com,
pbrezina(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Description of problem:
Fedora rawhide is shipping sssd version 2.6.2-3.fc36 while fedora 36 already
has sssd-2.6.3-1.fc36.
This old version is missing some fixes related to IPA-AD trust and our freeipa
rawhide tests are failing because of it
(https://github.com/SSSD/sssd/issues/5947 fixed in 2.6.3).
Version-Release number of selected component (if applicable):
sssd-client-2.6.2-3.fc36.x86_64
How reproducible:
Steps to Reproduce:
1. install sssd on rawhide
2. # rpm -qa sssd-client
sssd-client-2.6.2-3.fc36.x86_64
This issue was already discussed internally with SSSD developers, and is
related to a build issue (make check failure).
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2066688
https://bugzilla.redhat.com/show_bug.cgi?id=1995608
Bug ID: 1995608
Summary: sssd logging verbose by default results in huge log
files
Product: Fedora
Version: 34
Hardware: x86_64
OS: Linux
Status: NEW
Component: sssd
Severity: urgent
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: brian(a)interlinx.bc.ca
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
luk.claes(a)gmail.com, mzidek(a)redhat.com,
pbrezina(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Created attachment 1815664
--> https://bugzilla.redhat.com/attachment.cgi?id=1815664&action=edit
Example log spew
Description of problem:
My /var/log/sssd/sssd_$domain.log grows huge.
Version-Release number of selected component (if applicable):
sssd-2.5.2-2.fc34.x86_64
How reproducible:
100%
Steps to Reproduce:
Should pretty obvious.
Actual results:
Log grows large with useless debug info.
Expected results:
Log should not grow as quick and large as it does.
Additional info:
Every minute a spew similar to the attachment is added to the log.
I can squelch this log spam with:
# sssctl debug-level 0
Neither the words debug or log even appear in my configuration:
# grep -ri -e debug -e log /etc/sssd/
[nothing]
so this is appearing to be a rather verbose default setting.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1927907
Bug ID: 1927907
Summary: Latest release sssd 2.4.1 hard requires Python 3
Product: Fedora
Version: 34
Status: NEW
Component: sssd
Assignee: sssd-maintainers(a)lists.fedoraproject.org
Reporter: jlebon(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: abokovoy(a)redhat.com, atikhono(a)redhat.com,
jhrozek(a)redhat.com, lslebodn(a)redhat.com,
mzidek(a)redhat.com, pbrezina(a)redhat.com,
rharwood(a)redhat.com, sbose(a)redhat.com,
ssorce(a)redhat.com,
sssd-maintainers(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Description of problem:
It seems since the 2.4.1 rebase
(https://src.fedoraproject.org/rpms/sssd/c/9e5dd4b66572aeb348f3cc854ce7fca9f…),
sssd now pulls in python3 because it changed python3-sssdconfig from a
"Suggests" to a "Requires". In Fedora CoreOS, we're trying to avoid shipping
Python entirely to encourage containerizing user workloads and to keep the OS
minimal. In a rawhide and f34 build, this package was identified as pulling it
back in.
Would it be possible to make it a weak dep again? This would also be useful in
other environments like containers and custom OS builds which value minimalism.
We can help with that if there's agreement.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.