On (19/05/17 14:07), Joakim Tjernlund wrote:
On Fri, 2017-05-19 at 15:24 +0200, Lukas Slebodnik wrote:
> On (19/05/17 12:50), Joakim Tjernlund wrote:
> > On Fri, 2017-05-19 at 14:14 +0200, Lukas Slebodnik wrote:
> > > On (19/05/17 12:07), Joakim Tjernlund wrote:
> > > > On Fri, 2017-05-19 at 13:43 +0200, Lukas Slebodnik wrote:
> > > > > On (19/05/17 11:31), Joakim Tjernlund wrote:
> > > > > > On Fri, 2017-05-19 at 13:22 +0200, Lukas Slebodnik wrote:
> > > > > > > On (19/05/17 10:37), Joakim Tjernlund wrote:
> > > > > > > > On Thu, 2017-05-18 at 11:40 -0400, Striker
Leggette wrote:
> > > > > > > > > I can understand the first unlock from waking
up from sleep. For the second, bump your debug_level in sssd.conf up to 7 and then check
to see if you have any "Got request" lines in /var/log/sssd/sssd_domain.log for
the second login attempt from the lock screen. You should be able to see if it is using
cached creds or actively trying to parse the domain server.
> > > > > > > > > Can you paste your sssd.conf also?
> > > > >
> > > > > But renew failed and sssd went offline.
> > > > >
> > > > > Could you truncate sssd log file (truncate -s 0 /var/log/sssd/*)
> > > > > Then try to reproduce one more time and provide not only domain
log file but
> > > > > also *child log files.
> > > >
> > > > Did that but I did not get a child log file at all.
> > > >
> > >
> > > If you can see debug messages from following functions
> > > write_pipe_handler
> > > read_pipe_handler
> > > parse_krb5_child_response
> > > Then krb5_child was executed. And there will be non-empty file
> > > /var/log/sssd/krb5_child.log.
> >
> > I can see:
> >
> > se-jocke-lx sssds # grep write_pipe_handler *
> > sssd_infinera.com.log:(Fri May 19 13:45:06 2017) [sssd[be[infinera.com]]]
[write_pipe_handler] (0x0400): All
> > data has been sent!
> > se-jocke-lx sssds # grep read_pipe_handler *
> > sssd_infinera.com.log:(Fri May 19 13:45:06 2017) [sssd[be[infinera.com]]]
[read_pipe_handler] (0x0400): EOF
> > received, client finished
> > se-jocke-lx sssds # grep parse_krb5_child_response *
> > sssd_infinera.com.log:(Fri May 19 13:45:06 2017) [sssd[be[infinera.com]]]
[parse_krb5_child_response]
> > (0x1000): child response [0][3][33].
> >
> > but only these files:
> > ls
> > ./ ../ sssd_infinera.com.log sssd.log sssd_nss.log sssd_pam.log
> >
> >
> > to start debug logging I did a:
> > # > sss_debuglevel 7
> > should I do something more?
> >
>
> That's weird. Is there something in journald from that time
>
> If not then I would recommend to stop sssd; clena log file
> rm -f /var/log/sssd/*
> * set debug_level = 9 in domain section
> * start sssd
> * reproduce bug
>
> And then there should be *child log files
Will do over the week end
>
> Please also provide an output of following command
> rpm -V sssd-common sssd-krb5-common
That is a bit hard as this is Gentoo :)
Ahh sorry;
I cannot see 1.15.2 in portage.
Which arguments did you pass to configure?
LS