Public bug reported:
Suppose sssd has a valid sssd.conf file but no /etc/krb5.keytab (maybe the
keytab disappeared or got corrupted; or maybe ipa-client-install encountered
an error and didn't create one, but nevertheless your custom installer put
the sssd.conf in place - note that ipa-client-install leaves the sssd service
enabled even if the enrollment failed, although it does try to delete
sssd.conf).
If I do 'sudo systemctl start sssd' then it will quite reasonably tell me
there was a startup error:
Job for sssd.service failed because the control process exited with error code.
See "systemctl status sssd.service" and "journalctl -xe" for details.
But for some reason it enters a cycle of starting and stopping in the
background.
$ systemctl status sssd
● sssd.service - System Security Services Daemon
Loaded: loaded (/lib/systemd/system/sssd.service; enabled; vendor preset:
enabled)
Active: activating (start) since Tue 2020-07-28 09:58:43 UTC; 199ms ago
Main PID: 7956 (sssd)
$ systemctl status sssd
● sssd.service - System Security Services Daemon
Loaded: loaded (/lib/systemd/system/sssd.service; enabled; vendor preset:
enabled)
Active: activating (start) since Tue 2020-07-28 09:59:09 UTC; 5s ago
Main PID: 8080 (sssd)
$ systemctl status sssd
● sssd.service - System Security Services Daemon
Loaded: loaded (/lib/systemd/system/sssd.service; enabled; vendor preset:
enabled)
Active: activating (start) since Tue 2020-07-28 09:59:54 UTC; 1s ago
Main PID: 8276 (sssd)
This is a problem because if sssd is enabled in systemd and I reboot the
machine,
the system will fail to finish booting because it is waiting for infinite
retries of the sssd service.
[FAILED] Failed to start System Security Services Daemon.
See 'systemctl status sssd.service' for details.
[DEPEND] Dependency failed for SSSD PAM Service responder socket.
[DEPEND] Dependency failed for SSSD PAM Service responder private socket.
[DEPEND] Dependency failed for SSSD NSS Service responder socket.
[DEPEND] Dependency failed for SSSD SSH Service responder socket.
[DEPEND] Dependency failed for SSSD AutoFS Service responder socket.
[DEPEND] Dependency failed for SSSD Sudo Service responder socket.
[DEPEND] Dependency failed for SSSD PAC Service responder socket.
[ OK ] Stopped System Security Services Daemon.
Starting System Security Services Daemon...
[*** ] A start job is running for System Security Services Daemon (4s / 1min
30s)
[FAILED] Failed to start System Security Services Daemon.
See 'systemctl status sssd.service' for details.
[DEPEND] Dependency failed for SSSD PAM Service responder socket.
[DEPEND] Dependency failed for SSSD PAM Service responder private socket.
[DEPEND] Dependency failed for SSSD NSS Service responder socket.
[DEPEND] Dependency failed for SSSD SSH Service responder socket.
[DEPEND] Dependency failed for SSSD AutoFS Service responder socket.
[DEPEND] Dependency failed for SSSD Sudo Service responder socket.
[DEPEND] Dependency failed for SSSD PAC Service responder socket.
[ OK ] Stopped System Security Services Daemon.
Starting System Security Services Daemon...
[*** ] A start job is running for System Security Services Daemon (4s / 1min
30s)
...ad infinitum...
So in summary: I acknowledge that this was misconfigured because of user error,
but my contention is that that shouldn't make the system unbootable.
Version tested: sssd 2.2.3-3 under systemd 245.4-4ubuntu3.2 in Ubuntu
20.04.
** Affects: sssd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1889196
Title:
infinite loop on start if misconfigured
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1889196/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
