[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
** Information type changed from Public Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
This bug was fixed in the package realmd - 0.16.3-3ubuntu1 --- realmd (0.16.3-3ubuntu1) groovy; urgency=medium * d/p/0001-LDAP-don-t-close-LDAP-socket-twice.patch: don't close LDAP socket twice. * d/p/0001-Fix-man-page-reference-in-systemd-service-file.patch: the manpage is realm(8), not realmd(8) * d/p/0001-Use-current-idmap-options-for-smb.conf.patch: use the idmap options in smb.conf for modern versions of samba (LP: #1894153) * d/p/0001-Find-NetBIOS-name-in-keytab-while-leaving.patch: find NetBIOS name in keytab while leaving the domain (LP: #1894340) * d/p/0001-Fix-issues-found-by-Coverity.patch: fix issues found by Coverity * d/p/0002-Change-qualified-names-default-for-IPA.patch: change qualified names default for IPA * d/p/0003-discover-try-to-get-domain-name-from-hostname.patch: if there is no domain name returned by DHCP check if the hostname contains a domain part and use this to discover a realm. * d/p/0001-IPA-do-not-call-sssd-enable-logins.patch: IPA: do not call sssd-enable-logins * d/p/0001-Set-NEWEST-flag-when-resolving-packages-with-Package.patch: install the latest version of a package when resolving packages with PackageKit * d/p/0001-doc-make-sure-cross-reference-ids-are-predictable.patch: make sure cross-reference ids are predictable * d/p/0002-tools-remove-duplicated-va_start.patch: remove duplicated va_start() * d/p/0003-service-remove-dead-code.patch: remove unused code * d/p/0004-service-check-return-value-of-fcntl.patch: check return value of fcntl() * d/p/0005-service-avoid-dereference-of-a-null-pointer.patch: avoid dereference of a null pointer * d/p/0006-service-avoid-dereferencing-a-NULL-pointer.patch: avoid dereferencing a NULL pointer * d/p/0001-Add-missing-xsl-file-to-Makefile.am.patch: add missing xsl file to Makefile.am * d/p/0002-configure-do-not-inherit-DISTRO-from-the-environment.patch: do not inherit DISTRO from the environment * d/p/0003-doc-extend-user-principal-section.patch: doc: extend user-principal section * d/p/0004-doc-fix-discover-name-only.patch: doc: fix discover name-only parameter * d/p/0005-doc-add-see-also-to-man-pages.patch: doc: add see also to man pages * d/p/0006-doc-extend-description-of-config-handling.patch: doc: extend description of config handling * d/p/0007-service-use-kerberos-method-secrets-and-keytab.patch: when using Samba with Winbind, set "kerberos method" to "secrets and keytab" * d/p/install-libnss-winbind.patch: install libnss-winbind when needed (LP: #1894150) * d/p/dont-add-services-line.patch: in Ubuntu and Debian, the sssd_* services are socket activated and don't need a "services" line in sssd.conf (LP: #1880157) * d/p/0004-service-use-additional-dns-hostnames-with-net-ads-jo.patch: when using samba to join a domain, and the client is from a different domain, also set "additional dns hostnames" * d/p/0002-Use-startTLS-with-FreeIPA.patch: attempt StartTLS first when talking to FreeIPA * d/p/0003-service-use-net-ads-join-with-k-for-user-join-as-wel.patch: when joining using samba, try kerberos auth first and fallback to ntlm as before -- Andreas Hasenack Tue, 08 Sep 2020 15:15:12 -0300 ** Changed in: realmd (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
** Merge proposal linked: https://code.launchpad.net/~ahasenack/ubuntu/+source/realmd/+git/realmd/+merge/390420 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
** Changed in: realmd (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) ** Changed in: realmd (Ubuntu) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
This is not a fatal error, as the non-socket-activated instances of the service startup. It's incorrect though, as the sssd package defaults to socket-activated and realmd should be in sync with that. Example right after joining the domain: 579 ?Ss 0:00 /usr/sbin/sssd -i --logger=files 580 ?S 0:00 \_ /usr/libexec/sssd/sssd_be --domain ad1.example.com --uid 0 --gid 0 --logger=files 581 ?S 0:00 \_ /usr/libexec/sssd/sssd_nss --uid 0 --gid 0 --logger=files 582 ?S 0:00 \_ /usr/libexec/sssd/sssd_pam --uid 0 --gid 0 --logger=files 618 ?Ss 0:00 /usr/libexec/sssd/sssd_sudo --socket-activated We see that nss and pam started in their non-socket-activated modes, because they are specified in sssd.conf, whereas sudo, which is NOT specified in sssd.conf, started as socket-activated. I'm downgrading the severity, but it's still worth fixing. ** Changed in: realmd (Ubuntu) Importance: High => Low -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
** Also affects: realmd (Ubuntu Groovy) Importance: High Status: New ** Also affects: realmd (Ubuntu Focal) Importance: Undecided Status: New ** No longer affects: realmd (Ubuntu Focal) ** No longer affects: realmd (Ubuntu Groovy) ** Changed in: realmd (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
Yeah, the services don't need to be specified anymore since they are all socket activated. I didn't think that was a fatal error, though. Even with those errors in the logs, sssd was still working. I can check this out in more detail when I'm back from holidays. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
Thank you for taking the time to report this bug and helping to make Ubuntu better. Based on https://ubuntu.com/server/docs/service-sssd it shouldn't be doing that, so I'll this to our backlog. Andreas, you might know what's going on straight away. Could you please take a look? ** Changed in: realmd (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880157] Re: realmd generates wrong 'services' section in sssd.conf during joining to AD
** Tags added: focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880157 Title: realmd generates wrong 'services' section in sssd.conf during joining to AD To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1880157/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
