Bug 1392444
Summary: | sssd_be keeps crashing | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Ming Davies <minyu> | ||||||||
Component: | sssd | Assignee: | SSSD Maintainers <sssd-maint> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | Madhuri <mupadhye> | ||||||||
Severity: | unspecified | Docs Contact: | |||||||||
Priority: | high | ||||||||||
Version: | 7.3 | CC: | cww, fjayalat, gparente, grajaiya, jhrozek, jstephen, lslebodn, minyu, mkolaja, mkosek, mzidek, pbrezina, sbose, sgoveas, sssd-maint, striker, toby, tscherf | ||||||||
Target Milestone: | rc | Keywords: | ZStream | ||||||||
Target Release: | --- | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | sssd-1.15.0-1.el7 | Doc Type: | If docs needed, set a value | ||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | |||||||||||
: | 1396485 (view as bug list) | Environment: | |||||||||
Last Closed: | 2017-08-01 09:00:03 UTC | Type: | Bug | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 1396485, 1396494, 1399979 | ||||||||||
Attachments: |
|
Description
Ming Davies
2016-11-07 14:14:14 UTC
Could you also attach log file with debug_level = 9 in domain section? Upstream ticket: https://fedorahosted.org/sssd/ticket/3234 The crash is triggered by 'auth_provider = krb5' (and 'chpass_provider = krb5'). Setting it to 'ad' or just removing it should fix it. Is there a reason for using 'krb5' and not 'ad' here? I'll try to prepare a fix. Created attachment 1218144 [details]
sssd debug log
Created attachment 1218511 [details]
sssd debug after replacing auth_provider=ad
Created attachment 1218513 [details]
sssd debug after removing ad_provider
*** Bug 1393133 has been marked as a duplicate of this bug. *** *** Bug 1404560 has been marked as a duplicate of this bug. *** Tested with sssd-1.15.2-29.el7.x86_64 Steps followed during verification: 1) System was updated using # yum update 2) Configured sssd on client. 3) Set id_provider=ad and auth_provider= krb5 in sssd.conf. 4) Started sssd service. 5) Checked user lookup. form yum.log: May 15 07:55:20 Updated: python-sssdconfig-1.15.2-29.el7.noarch May 15 07:56:36 Updated: sssd-client-1.15.2-29.el7.x86_64 May 15 07:57:42 Updated: sssd-common-1.15.2-29.el7.x86_64 May 15 07:57:43 Updated: sssd-krb5-common-1.15.2-29.el7.x86_64 May 15 07:57:45 Updated: sssd-common-pac-1.15.2-29.el7.x86_64 May 15 07:58:02 Updated: sssd-ipa-1.15.2-29.el7.x86_64 May 15 07:58:07 Updated: sssd-krb5-1.15.2-29.el7.x86_64 May 15 07:58:07 Updated: sssd-ldap-1.15.2-29.el7.x86_64 May 15 07:58:08 Updated: sssd-proxy-1.15.2-29.el7.x86_64 May 15 07:58:10 Updated: sssd-ad-1.15.2-29.el7.x86_64 May 15 07:58:41 Updated: sssd-1.15.2-29.el7.x86_64 # cat /etc/sssd/sssd.conf | grep provider id_provider = ad auth_provider = krb5 # systemctl status sssd ● sssd.service - System Security Services Daemon Loaded: loaded (/usr/lib/systemd/system/sssd.service; disabled; vendor preset: disabled) Drop-In: /etc/systemd/system/sssd.service.d └─journal.conf Active: active (running) since Mon 2017-05-15 08:26:14 EDT; 17h ago Main PID: 8516 (sssd) CGroup: /system.slice/sssd.service ├─8516 /usr/sbin/sssd -i -f ├─8517 /usr/libexec/sssd/sssd_be --domain EXAMPLE.COM --uid 0 --gid 0 --debug-to-files ├─8518 /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --debug-to-files └─8519 /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --debug-to-files # getent passwd administrator administrator:*:217800500:217800513:Administrator:/home/EXAMPLE.COM/administrator:/bin/bash # id administrator uid=217800500(administrator) gid=217800513 groups=217800513 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2017:2294 |