On 04/24/2013 07:20 PM, Aly Khimji wrote:
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] 
[be_pam_handler_callback] (0x0100): Backend returned: (0, 0, <NULL>) [Success]
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] 
[sss_selinux_extract_user] (0x0040): sysdb_search_user_by_name failed.
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] 
[ipa_selinux_handler] (0x0040): Cannot create op context
(Wed Apr 24 13:07:35 2013) [sssd[be[nix.corpnonprd.xxxx.com]]] 
[be_pam_handler_callback] (0x0100): Backend returned: (3, 4, <NULL>) [Internal 
Error (System error)]

this looks like a selinux problem to me. What happens when you set
selinux to permissive?

Also does this problem occur only with sudo, or other services are affected too (id, authentication, ssh)?

Can you please perform following commands? It will remove cache and logs so do it in a safe non-production environment.

As root:
# service stop sssd
# rm -f /var/lib/sss/db/* /var/lib/sss/mc/* /var/log/sssd/*
# service sssd start

As normal user:
$ su ad-user@trusted-domain
$ sudo -l
$ exit

And send us the sanitized logs (all of them).

Thank you.

Freeipa-users mailing list

Reply via email to