On (26/05/15 06:44), Vaclav Adamec wrote:
>With higher debug level I see that sssd sudo trying to resolve local
>account (for nagios monitoring)
>
There was/is a bug which does not respect filter_user in sudo provider
https://fedorahosted.org/sssd/ticket/2625. (It's already fixed in fedora >= 22)

It would be a workaround for you.

>On Tue, May 26, 2015 at 6:39 AM, Vaclav Adamec
><vaclav.ada...@suchy-zleb.cz> wrote:
>> ps -eo pid,cmd,size,rss | grep sssd_sudo
>> 1533 /usr/libexec/sssd/sssd_sudo 4245972 4247700
>>
>> and huge amount of this (trying again and again):
>>
>> (Tue May 26 06:35:47 2015) [sssd[sudo]]
>> [sudosrv_check_user_dp_callback] (0x0040): Could not look up the user
>> [2]: No such file or directory
>> (Tue May 26 06:35:47 2015) [sssd[sudo]] [sudosrv_get_user] (0x0080):
>> No results for getpwnam call
>>
>> but other servers in same datacenter looks ok in the same time, but
>> later this error was visible also on others, it's just question of
>> time.
I assume you have sssd-1.11 because such bug was fixed in sssd-1.12
https://git.fedorahosted.org/cgit/sssd.git/commit/?id=09579ae252c181c7884defc0612c36108f6cf509

You can test with my pre-release of sssd-1.12.5
https://copr.fedoraproject.org/coprs/lslebodn/sssd-1-12-latest/
(It already contains fix for #2625)

LS

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to