Description of problem: sssd running one client but fails another, any idea? Actual results: # journalctl -xe -- Unit sssd.service has begun starting up. Ağu 20 09:20:17 slreport.linktera.lan sssd[31252]: Starting up Ağu 20 09:20:17 slreport.linktera.lan systemd[1]: sssd.service: main process exited, code=exited, status=4/NOPERMISSION Ağu 20 09:20:17 slreport.linktera.lan systemd[1]: Failed to start System Security Services Daemon. # cat /var/log/sssd/sssd.log (Tue Aug 20 09:20:17 2019) [sssd] [confdb_get_domains] (0x0010): No domains configured, fatal error! (Tue Aug 20 09:20:17 2019) [sssd] [main] (0x0010): No domains configured. Expected results: SSSD is running Additional info: i tried 1. check permission of sssd.conf 2. disable firewalls, selinux, firewalld 3. configuring sssd.conf
Hi, 'No domains configured, fatal error!' sounds like you have a /etc/sssd/sssd.conf file but either the 'domains' option is missing in the [sssd] section or there is no matching [domain/...] section. Can you send your sssd.conf file (sanitized if needed)?. bye, Sumit
my sssd.conf file is: What is the problem? [sssd] debug_level = 9 domains = linktera.lan services = nss, sudo, pam, ssh, ifp [domain/LINKTERA.LAN] enumerate = true cache_credentials = True krb5_store_password_if_offline = True ipa_domain = linktera.lan id_provider = ipa auth_provider = ipa access_provider = ipa ipa_hostname = slreport.linktera.lan chpass_provider = ipa ipa_server = _srv_, ipa.linktera.lan ldap_tls_cacert = /etc/ipa/ca.crt [nss] homedir_substring = /home [pam] [sudo] [autofs] [ssh] [pac] [ifp] [secrets] [session_recording]
Hi, I just copied-and-pasted your config and it works for me. Can you check if the file /var/lib/sss/db/config.ldb exists and if yes, please install the ldb-tools package and send the output of ldbsearch -H /var/lib/sss/db/config.ldb bye, Sumit
my ldbsearch -H /var/lib/sss/db/config.ldb is: # record 1 dn: cn=sssd,cn=config cn: sssd debug_level: 9 enable_files_domain: true services: nss, sudo, pam, ssh, ifp domains: implicit_files,linktera.lan distinguishedName: cn=sssd,cn=config # record 2 dn: cn=config version: 2 lastUpdate: 1566296406 distinguishedName: cn=config # record 3 dn: cn=nss,cn=config cn: nss homedir_substring: /home distinguishedName: cn=nss,cn=config # record 4 dn: cn=sudo,cn=config cn: sudo distinguishedName: cn=sudo,cn=config # record 5 dn: cn=ssh,cn=config cn: ssh distinguishedName: cn=ssh,cn=config # record 6 dn: cn=autofs,cn=config cn: autofs distinguishedName: cn=autofs,cn=config # record 7 dn: cn=ifp,cn=config cn: ifp distinguishedName: cn=ifp,cn=config # record 8 dn: cn=secrets,cn=config cn: secrets distinguishedName: cn=secrets,cn=config # record 9 dn: cn=pac,cn=config cn: pac distinguishedName: cn=pac,cn=config # record 10 dn: cn=pam,cn=config cn: pam distinguishedName: cn=pam,cn=config # record 11 dn: cn=session_recording,cn=config cn: session_recording distinguishedName: cn=session_recording,cn=config # record 12 dn: cn=linktera.lan,cn=domain,cn=config access_provider: ipa auth_provider: ipa cache_credentials: True chpass_provider: ipa cn: linktera.lan enumerate: true id_provider: ipa ipa_domain: linktera.lan ipa_hostname: slreport.linktera.lan ipa_server: _srv_, ipa.linktera.lan krb5_store_password_if_offline: True ldap_tls_cacert: /etc/ipa/ca.crt distinguishedName: cn=linktera.lan,cn=domain,cn=config # record 13 dn: cn=implicit_files,cn=domain,cn=config cn: implicit_files id_provider: files distinguishedName: cn=implicit_files,cn=domain,cn=config # returned 13 records # 13 entries # 0 referrals thank you for your quick reply
there is a bug i think
Hi, which RHEL version are you using and package versions? Can you send the output of: rpm -qa sssd rpm -qa libtalloc rpm -qa libtdb rpm -qa libldb rpm -qa libtevent bye, Sumit
I solved, i changed system config language Turkish to English, problem suddenly disappeared. now sssd is working. i thing there is a bug about turkih language packages
Thank you so much!
Hi, glad to hear it is working for you now. Can you tell me what was the content of /etc/locale.conf before the change so that I can try to reproduce the issue with your original settings? bye, Sumit
# cat /etc/locale.conf LANG="tr_TR.UTF-8"
(In reply to Selman Keskin from comment #11) > # cat /etc/locale.conf > LANG="tr_TR.UTF-8" (In reply to Sumit Bose from comment #10) > Hi, > > glad to hear it is working for you now. Can you tell me what was the content > of /etc/locale.conf before the change so that I can try to reproduce the > issue with your original settings? > Sumit, that's bug in libldb make check in libldb pass with de_DE.UTF-8 but fails with tr_TR.UTF-8
(In reply to Lukas Slebodnik from comment #12) > (In reply to Selman Keskin from comment #11) > > # cat /etc/locale.conf > > LANG="tr_TR.UTF-8" > > (In reply to Sumit Bose from comment #10) > > Hi, > > > > glad to hear it is working for you now. Can you tell me what was the content > > of /etc/locale.conf before the change so that I can try to reproduce the > > issue with your original settings? > > > > > Sumit, that's bug in libldb > make check in libldb pass with de_DE.UTF-8 but fails with tr_TR.UTF-8 Hi Lukas, thanks for the info, do you know if this is already tracked somewhere or shall we move this ticket to the libldb component? bye, Sumit
(In reply to Sumit Bose from comment #13) > (In reply to Lukas Slebodnik from comment #12) > > (In reply to Selman Keskin from comment #11) > > > # cat /etc/locale.conf > > > LANG="tr_TR.UTF-8" > > > > (In reply to Sumit Bose from comment #10) > > > Hi, > > > > > > glad to hear it is working for you now. Can you tell me what was the content > > > of /etc/locale.conf before the change so that I can try to reproduce the > > > issue with your original settings? > > > > > > > > > Sumit, that's bug in libldb > > make check in libldb pass with de_DE.UTF-8 but fails with tr_TR.UTF-8 > > Hi Lukas, > > thanks for the info, do you know if this is already tracked somewhere or > shall we move this ticket to the libldb component? > > bye, > Sumit I have no idea. BTW I was testing with ldb-2.0.5 but I assume it is the same issue with older version. Please double check on el7
I did some investigation and realy looks like ldb or lmdb bug. SSSD log shows processing of /etc/sssd/sssd.conf and the content is written into /var/lib/sss/db/config.ldb. Then SSSD fails to read items back from ldb file. When running `LANG=tr_TR.UTF-8 make check` in ldb source directory we can see several errors like this Running Python test with /usr/bin/python3: tests/python/index.py ...F...FF...F......F...FF...F.... ====================================================================== FAIL: test_delete_index_multi_valued_truncated_keys (__main__.MaxIndexKeyLengthTests) ---------------------------------------------------------------------- Traceback (most recent call last): File "tests/python/index.py", line 999, in test_delete_index_multi_valued_truncated_keys b"0123456789abcde1" + b"0123456789abcde1") File "tests/python/index.py", line 98, in checkGuids self.assertEqual(len(res), 1) AssertionError: 0 != 1 The actual test writes into database and then it tries to read it but 0 items are returned back (AssertionError: 0 != 1 => 0 items returned, 1 expected) I tested with 1.5.5
Re-assigning to libldb for further inspection.
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release. Therefore, it is being closed. If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.