The same error I receive when I try to start the ifp service manually:
# /usr/libexec/sssd/sssd_ifp --uid 0 --gid 0 --dbus-activated --logger=stderr
...
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added allowed attr
sn to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
name to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
uidNumber to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
gidNumber to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
gecos to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
homeDirectory to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
loginShell to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
groups to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
domain to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [parse_attr_list_ex] (0x2000): Added default attr
domainname to whitelist
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [sysbus_init] (0x0020): Unable to request name on
the system bus: [Connection ":1.33561" is not allowed to own the service
"org.freedesktop.sssd.infopipe" due to security policies in the configuration
file]
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [sysbus_init] (0x0040): DBus error message:
Connection ":1.33561" is not allowed to own the service
"org.freedesktop.sssd.infopipe" due to security policies in the configuration
file
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [ifp_process_init] (0x0020): Failed to connect to
the system message bus
(Tue Oct 9 09:53:40 2018) [sssd[ifp]] [sss_responder_ctx_destructor] (0x0400): Responder
is being shut down
-----Original Message-----
From: Jakub Hrozek [mailto:jhrozek@redhat.com]
Sent: Tuesday, October 09, 2018 10:29 AM
To: End-user discussions about the System Security Services Daemon
<sssd-users(a)lists.fedorahosted.org>
Cc: Pavel Březina <pbrezina(a)redhat.com>
Subject: [SSSD-users] Re: sssd fails to start when I enable [ifp]
Interesting..Pavel, do you have some idea?
On 9 Oct 2018, at 10:27, Ondrej Valousek
<Ondrej.Valousek(a)s3group.com> wrote:
Ok, obviously this error message does not appear when using SystemD, therefore I try to
start it as root interactively, i.e.
# /usr/sbin/sssd -i
-----Original Message-----
From: Ondrej Valousek [mailto:Ondrej.Valousek@s3group.com]
Sent: Tuesday, October 09, 2018 10:25 AM
To: End-user discussions about the System Security Services Daemon
<sssd-users(a)lists.fedorahosted.org>
Subject: [SSSD-users] Re: sssd fails to start when I enable [ifp]
Hi,
As root, i.e. "systemctl start sssd"
Ondrej
-----Original Message-----
From: Jakub Hrozek [mailto:jhrozek@redhat.com]
Sent: Tuesday, October 09, 2018 10:24 AM
To: End-user discussions about the System Security Services Daemon
<sssd-users(a)lists.fedorahosted.org>
Subject: [SSSD-users] Re: sssd fails to start when I enable [ifp]
Do you run sssd as root or the unprivileged sssd user?
> On 8 Oct 2018, at 15:29, Ondrej Valousek <Ondrej.Valousek(a)s3group.com> wrote:
>
> Hi List,
> Seems like sssd fails to start when I enable infopipe (i.e. add “ifp” to the services
list).
> Log says:
> (Mon Oct 8 14:18:08 2018) [sssd[ifp]] [sysbus_init] (0x0020): Unable
> to request name on the system bus: [Connection ":1.33273" is not
> allowed to own the service "org.freedesktop.sssd.infopipe" due to
> security policies in the configuration file] (Mon Oct 8 14:18:08
> 2018) [sssd[ifp]] [sysbus_init] (0x0040): DBus error message:
> Connection ":1.33273" is not allowed to own the service
> "org.freedesktop.sssd.infopipe" due to security policies in the
> configuration file (Mon Oct 8 14:18:08 2018) [sssd[ifp]]
> [ifp_process_init] (0x0020): Failed to connect to the system message
> bus
>
> This is Centos-7, all updates applied, i.e. dbus-1.10.24,
> sssd-1.16.0-19.el7
>
> Thanks,
> Ondrej
> -----
>
> The information contained in this e-mail and in any attachments is confidential and
is designated solely for the attention of the intended recipient(s). If you are not an
intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or
any part thereof. If you have received this e-mail in error, please notify the sender by
return e-mail and delete all copies of this e-mail from your computer system(s). Please
direct any additional queries to:
> communications(a)s3group.com. Thank You. Silicon and Software Systems Limited (S3
Group). Registered in Ireland no. 378073. Registered Office: South County Business Park,
Leopardstown, Dublin 18.
> _______________________________________________
> sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org To
> unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
> List Guidelines:
>
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
>
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorah
> o
>
sted.org
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org To
unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedoraho
sted.org
-----
The information contained in this e-mail and in any attachments is confidential and is
designated solely for the attention of the intended recipient(s). If you are not an
intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or
any part thereof. If you have received this e-mail in error, please notify the sender by
return e-mail and delete all copies of this e-mail from your computer system(s). Please
direct any additional queries to: communications(a)s3group.com. Thank You. Silicon and
Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office:
South County Business Park, Leopardstown, Dublin 18.
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org To
unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedoraho
sted.org
-----
The information contained in this e-mail and in any attachments is confidential and is
designated solely for the attention of the intended recipient(s). If you are not an
intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or
any part thereof. If you have received this e-mail in error, please notify the sender by
return e-mail and delete all copies of this e-mail from your computer system(s). Please
direct any additional queries to: communications(a)s3group.com. Thank You. Silicon and
Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office:
South County Business Park, Leopardstown, Dublin 18.
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org To
unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://getfedora.org/code-of-conduct.html
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedoraho
sted.org
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org To unsubscribe send an email
to sssd-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
-----
The information contained in this e-mail and in any attachments is confidential and is
designated solely for the attention of the intended recipient(s). If you are not an
intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or
any part thereof. If you have received this e-mail in error, please notify the sender by
return e-mail and delete all copies of this e-mail from your computer system(s). Please
direct any additional queries to: communications(a)s3group.com. Thank You. Silicon and
Software Systems Limited (S3 Group). Registered in Ireland no. 378073. Registered Office:
South County Business Park, Leopardstown, Dublin 18.