Description of problem: # sssctl config-check, the command does not show an error when we don't have id_provider in the domain section and sssd fails to start due to id_provider being missing in sssd.conf file. Version-Release number of selected component (if applicable): RHEL9.1 How reproducible: Always Steps to Reproduce: 1. Install sssd 2. Add sssd.conf without id_provider in the domain section 3. Actual results: Not showing any error message Expected results: Expected to show an error message when sssd fails to start due to id_provider is missing from domain section Additional info: [root@ci-vm-10-0-137-32 bin]# cat /etc/sssd/sssd.conf [sssd] debug_level = 9 services = nss, pam domains = shadowutils [nss] debug_level = 9 [pam] debug_level = 9 [domain/shadowutils] debug_level = 9 [root@ci-vm-10-0-137-32 bin]# sssctl config-check Issues identified by validators: 0 Messages generated during configuration merging: 0 Used configuration snippet files: 0 from /var/log/sssd.log [sssd] [confdb_init_domain] (0x0010): Domain [shadowutils] does not specify an ID provider, disabling! [sssd] [confdb_get_domains] (0x0010): Error (22 [Invalid argument]) retrieving domain [shadowutils], skipping! [sssd] [confdb_get_domains] (0x0010): No properly configured domains, fatal error! [sssd] [get_monitor_config] (0x0010): No domains configured. [sssd] [main] (0x0010): SSSD couldn't load the configuration database.
Upstream PR: https://github.com/SSSD/sssd/pull/6550
Pushed PR: https://github.com/SSSD/sssd/pull/6550 * `master` * f283248ffc238d4601da561bfd1717601d556436 - CONFIG-CHECK: inherit_from is not a typo * f604d033f89f49ec6061ef5e9de40554731fca23 - TESTS: Test mandatory id_provider * 255d9f6e8974e219958204aab8623f186b9a928e - CHECK-CONFIG: id_provider is now mandatory * 1911ad64fbdd957235df29ee8b7315b8130e9ac4 - CONFIG-CHECK: Function always returns EOK * fe67123cc106a57e8087e518f9ef60606c0f5f10 - CONFIG-CHECK: Extracted code checking 'inherit_from'
Verified with: [root@ip-10-0-189-89 ~]# rpm -qa sssd sssd-2.9.0-3.el9.x86_64 Case 1: remove id_provider from domain section of sssd [root@ip-10-0-189-89 ~]# sssctl config-check Issues identified by validators: 1 [rule/sssd_checks]: Attribute 'id_provider' is missing in section 'domain/example1'. Messages generated during configuration merging: 0 Used configuration snippet files: 0 Case 2: Add invalid id_provider's value [root@ip-10-0-189-89 ~]# cat /etc/sssd/sssd.conf | grep id_provider id_provider = invalid [root@ip-10-0-189-89 ~]# sssctl config-check Issues identified by validators: 1 [rule/sssd_checks]: Attribute 'id_provider' in section 'domain/example1' has an invalid value: invalid Messages generated during configuration merging: 0 Used configuration snippet files: 0 From above marking this verified.