On (26/05/15 06:44), Vaclav Adamec wrote: >With higher debug level I see that sssd sudo trying to resolve local >account (for nagios monitoring) > There was/is a bug which does not respect filter_user in sudo provider https://fedorahosted.org/sssd/ticket/2625. (It's already fixed in fedora >= 22)
It would be a workaround for you. >On Tue, May 26, 2015 at 6:39 AM, Vaclav Adamec ><[email protected]> wrote: >> ps -eo pid,cmd,size,rss | grep sssd_sudo >> 1533 /usr/libexec/sssd/sssd_sudo 4245972 4247700 >> >> and huge amount of this (trying again and again): >> >> (Tue May 26 06:35:47 2015) [sssd[sudo]] >> [sudosrv_check_user_dp_callback] (0x0040): Could not look up the user >> [2]: No such file or directory >> (Tue May 26 06:35:47 2015) [sssd[sudo]] [sudosrv_get_user] (0x0080): >> No results for getpwnam call >> >> but other servers in same datacenter looks ok in the same time, but >> later this error was visible also on others, it's just question of >> time. I assume you have sssd-1.11 because such bug was fixed in sssd-1.12 https://git.fedorahosted.org/cgit/sssd.git/commit/?id=09579ae252c181c7884defc0612c36108f6cf509 You can test with my pre-release of sssd-1.12.5 https://copr.fedoraproject.org/coprs/lslebodn/sssd-1-12-latest/ (It already contains fix for #2625) LS -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
