On 3 April 2018 at 08:23, Lachlan Musicman <datakid@gmail.com> wrote:
On 29 March 2018 at 20:23, Valentin Fischer <valentin@servergeek.at> wrote:
Permission issue.

Reinstall sssd-common



I tried this on two different machines an it didn't work on either. Am getting identical output.


I found this old thread

https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org/message/IMP4NFXOW6RPKB2GIU4WXKLY54CTJG6A/

I tried running

sssd -i -d9

and it works fine, the /var/lib/sss/pipes have returned (I deleted them, reinstalled sssd-common, they weren't replaced), and I can login successfully.

So it's just running

systemctl start sssd
or
systemctl restart sssd

fails with the same errors as reported initially. So running manually in interactive mode works, but starting via systemctl doesn't.

I can't apply the update to production in that state, but if you want any more logs or testing done, let me know.

Here are the permissions on the file system (I've not changed them by hand), but they look the same as a working 1.16.0_4 sssd installation.

[root@vmts-linuxclient1 sssd]# ls -la /var/lib/sss/pipes/
total 8
drwxr-xr-x.  3 sssd sssd   71 Apr  3 10:11 .
drwxr-xr-x. 10 root root 4096 Mar 29 03:01 ..
srw-rw-rw-   1 root root    0 Apr  3 10:11 nss
srw-rw-rw-   1 root root    0 Apr  3 10:11 pac
srw-rw-rw-   1 root root    0 Apr  3 10:11 pam
drwxr-x---.  2 sssd root 4096 Apr  3 10:11 private
srw-rw-rw-   1 root root    0 Apr  3 10:11 ssh
srw-rw-rw-   1 root root    0 Apr  3 10:11 sudo
[root@vmts-linuxclient1 sssd]# ls -la /var/lib/sss/pipes/private/
total 4
drwxr-x---. 2 sssd root 4096 Apr  3 10:11 .
drwxr-xr-x. 3 sssd sssd   71 Apr  3 10:11 ..
srw-------  1 root root    0 Apr  3 10:11 pam
lrwxrwxrwx  1 root root   63 Apr  3 10:11 sbus-dp_mycompany.com -> /var/lib/sss/pipes/private/sbus-dp_mycompany.com.3913
srw-------  1 root root    0 Apr  3 10:11 sbus-dp_mycompany.com.3913
srw-------  1 root root    0 Apr  3 10:11 sbus-monitor


Cheers
L.



 
 
On Thu 29. Mar 2018 at 00:20, Lachlan Musicman <datakid@gmail.com> wrote:
Using the newly minted SSSD 1.16.1 from COPR, the sssd service doesn't restart.

( https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-16/)

The journalctl -xe shows:

-- Unit sssd.service has begun starting up.
Mar 29 09:05:55 linuxclient1.unixdev.company.com sssd[1477]: Starting up
Mar 29 09:05:55 linuxclient1.unixdev.company.com systemd[1]: sssd.service: main process exited, code=exited, status=3/NOTIMPLEMENTED
Mar 29 09:05:55 linuxclient1.unixdev.company.com systemd[1]: Failed to start System Security Services Daemon.
-- Subject: Unit sssd.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel


The /var/log/sssd/sssd.log shows


(Thu Mar 29 09:03:44 2018) [sssd] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
(Thu Mar 29 09:03:44 2018) [sssd] [_snotify_create] (0x0400): Added a watch for /etc/resolv.conf with inotify flags 0x8D88 internal flags 0x1 using function resolv_conf_inotify_cb after delay 1.0
(Thu Mar 29 09:03:44 2018) [sssd] [sss_names_init_from_args] (0x0100): Using re [(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Thu Mar 29 09:03:44 2018) [sssd] [sss_fqnames_init] (0x0100): Using fq format [%1$s].
(Thu Mar 29 09:03:44 2018) [sssd] [sysdb_domain_init_internal] (0x0200): DB File for unixdev.company.com: /var/lib/sss/db/cache_unixdev.company.com.ldb
(Thu Mar 29 09:03:44 2018) [sssd] [sysdb_domain_init_internal] (0x0200): Timestamp file for unixdev.company.com: /var/lib/sss/db/timestamps_unixdev.company.com.ldb
(Thu Mar 29 09:03:44 2018) [sssd] [ldb] (0x0400): asq: Unable to register control with rootdse!
(Thu Mar 29 09:03:44 2018) [sssd] [sbus_new_server] (0x0020): dbus_server_listen failed! (name=org.freedesktop.DBus.Error.AccessDenied, message=Failed to bind socket "/var/lib/sss/pipes/private/sbus-monitor": Permission denied)
(Thu Mar 29 09:05:55 2018) [sssd] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
(Thu Mar 29 09:05:55 2018) [sssd] [_snotify_create] (0x0400): Added a watch for /etc/resolv.conf with inotify flags 0x8D88 internal flags 0x1 using function resolv_conf_inotify_cb after delay 1.0
(Thu Mar 29 09:05:55 2018) [sssd] [sss_names_init_from_args] (0x0100): Using re [(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Thu Mar 29 09:05:55 2018) [sssd] [sss_fqnames_init] (0x0100): Using fq format [%1$s].
(Thu Mar 29 09:05:55 2018) [sssd] [sysdb_domain_init_internal] (0x0200): DB File for unixdev.company.com: /var/lib/sss/db/cache_unixdev.company.com.ldb
(Thu Mar 29 09:05:55 2018) [sssd] [sysdb_domain_init_internal] (0x0200): Timestamp file for unixdev.company.com: /var/lib/sss/db/timestamps_unixdev.company.com.ldb
(Thu Mar 29 09:05:55 2018) [sssd] [ldb] (0x0400): asq: Unable to register control with rootdse!
(Thu Mar 29 09:05:55 2018) [sssd] [sbus_new_server] (0x0020): dbus_server_listen failed! (name=org.freedesktop.DBus.Error.AccessDenied, message=Failed to bind socket "/var/lib/sss/pipes/private/sbus-monitor": Permission denied)


/var/lib/sss/pipes/private shows

drwxr-x---. 2 sssd root 4096 Mar 29 08:50 .
drwxr-xr-x. 3 sssd sssd   71 Mar 29 03:01 ..
srw-------  1 root root    0 Mar 19 09:21 pam
lrwxrwxrwx  1 root root   62 Mar 19 09:20 sbus-dp_unixdev.company.com -> /var/lib/sss/pipes/private/sbus-dp_unixdev.company.com.758
srw-------  1 root root    0 Sep 18  2017 sbus-dp_unixdev.company.com.732
srw-------  1 root root    0 Dec 28 09:47 sbus-dp_unixdev.company.com.746


It looks like there's some clean up that's not happening? I don't actually know what sbus_dp files do, but the top result (pointing to .758) doesn't exist...

How do I fix this?

Cheers
L.


------
"The antidote to apocalypticism is apocalyptic civics. Apocalyptic civics is the insistence that we cannot ignore the truth, nor should we panic about it. It is a shared consciousness that our institutions have failed and our ecosystem is collapsing, yet we are still here — and we are creative agents who can shape our destinies. Apocalyptic civics is the conviction that the only way out is through, and the only way through is together. "

Greg Bloom @greggish https://twitter.com/greggish/status/873177525903609857
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org

_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org