On Tue, Feb 7, 2012 at 10:58 AM, Jakub Hrozek <jhrozek@redhat.com> wrote:

On Tue, Feb 07, 2012 at 10:48:59AM +0100, Marco Pizzoli wrote:
> Hi John,
>
> On Tue, Feb 7, 2012 at 10:42 AM, John Hodrien <J.H.Hodrien@leeds.ac.uk>
> wrote:
>
> On Tue, 7 Feb 2012, Marco Pizzoli wrote:
>
> Hi,
> I'm using sssd-1.7.0-5.fc16.x86_64 and during my sssd startup I see
> this output:
>
> [cut]
> (Tue Feb 7 10:25:16 2012) [sssd] [mark_service_as_started] (0x0100):
> Now starting services!
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Queueing
> service nss for startup
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Queueing
> service pam for startup
> (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [sbus_toggle_watch]
> (0x4000): 0x7f0043097590/0x7f004309c2a0 (17), -/W (disabled)
> (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [sbus_remove_timeout]
> (0x2000): 0x7f004309a510
> (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [sbus_dispatch]
> (0x4000): dbus conn: 7F0043099BF0
> (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [sbus_dispatch]
> (0x4000): Dispatching.
> (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [id_callback] (0x0100):
> Got id ack and version (1) from Monitor
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> Could not exec sssd_nss, reason: No such file or directory
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Child [nss] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Could not
> exec sssd_pam, reason: No such file or directory
> Queueing service nss for startup
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Child [pam] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Could not
> exec sssd_nss, reason: No such file or directory
> Queueing service pam for startup
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Child [nss] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Queueing
> service nss for startup
> Could not exec sssd_pam, reason: No such file or directory
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Could not exec sssd_nss, reason: No such file or directory
> Child [pam] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Queueing
> service pam for startup
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Child [nss] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Queueing
> service nss for startup
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> Could not exec sssd_pam, reason: No such file or directory
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Child [pam] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100): Queueing
> service pam for startup
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> Could not exec sssd_nss, reason: No such file or directory
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Child [nss] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0010):
> Process [nss], definitely stopped!
> (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler] (0x0010):
> Could not exec sssd_pam, reason: No such file or directory
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0040):
> Child [pam] exited with code [1]
> (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler] (0x0010):
> Process [pam], definitely stopped!
> [cut]
>
> [root@fedora16 sssd]# locate sssd_pam
> /usr/lib/debug/usr/libexec/sssd/sssd_pam.debug
> /usr/libexec/sssd/sssd_pam
>
> [root@fedora16 sssd]# locate sssd_nss
> /usr/lib/debug/usr/libexec/sssd/sssd_nss.debug
> /usr/libexec/sssd/sssd_nss
>
> Could you help me in finding the problem?
>
> AVC denials listed in /var/log/audit/audit.log? SELinux was my first
> thought
> looking at this.
>
> If you do:
>
> setenforce 0
> service sssd restart
>
> Does it work then? If not, it's something else ;)
>
> [root@fedora16 sssd]# getenforce
> Disabled
>
>
>
> stracing the sssd process could give you a pointer as to exactly what
> it's
> trying to do that's failing, in case it's looking in the wrong place or
> something.
>
> Thanks to pointing me to this. Found the problem.
> [pid 1853] execve("/usr/local/bin/sssd_pam", ["sssd_pam"], [/* 26 vars
> */]) = -1 ENOENT (No such file or directory)

This ^^ is wrong. Did you build the package yourself or is this an
offictial one? Does your sssd.conf use the "command" parameter?

This is the rpm Stephen asked me to try last week.

Yes, I used the command parameter on both cases. It has been a fault? I was only trying expliciting default parameters.

[nss]
description = NSS Responder Configuration
enum_cache_timeout = 120
entry_cache_nowait_percentage = 50
entry_negative_timeout = 15
filter_groups = root
filter_users = root
filter_users_in_groups = true
#override_homedir = /home/%u
#allowed_shells = bash
#vetoed_shells = csh
#shell_fallback = /bin/sh

debug-level = 0x03B0
debug_timestamps = true
debug_microseconds = true
reconnection_retries = 3
command = sssd_nss

[pam]
description = PAM Responder Configuration
offline_credentials_expiration = 0
offline_failed_login_attempts = 0
offline_failed_login_delay = 5
pam_verbosity = 1
pam_id_timeout = 5
pam_pwd_expiration_warning = 7

debug-level = 0x03B0
debug_timestamps = true
debug_microseconds = true
reconnection_retries = 3
command = sssd_pam