Public bug reported: Suppose sssd has a valid sssd.conf file but no /etc/krb5.keytab (maybe the keytab disappeared or got corrupted; or maybe ipa-client-install encountered an error and didn't create one, but nevertheless your custom installer put the sssd.conf in place - note that ipa-client-install leaves the sssd service enabled even if the enrollment failed, although it does try to delete sssd.conf).
If I do 'sudo systemctl start sssd' then it will quite reasonably tell me there was a startup error: Job for sssd.service failed because the control process exited with error code. See "systemctl status sssd.service" and "journalctl -xe" for details. But for some reason it enters a cycle of starting and stopping in the background. $ systemctl status sssd ● sssd.service - System Security Services Daemon Loaded: loaded (/lib/systemd/system/sssd.service; enabled; vendor preset: enabled) Active: activating (start) since Tue 2020-07-28 09:58:43 UTC; 199ms ago Main PID: 7956 (sssd) $ systemctl status sssd ● sssd.service - System Security Services Daemon Loaded: loaded (/lib/systemd/system/sssd.service; enabled; vendor preset: enabled) Active: activating (start) since Tue 2020-07-28 09:59:09 UTC; 5s ago Main PID: 8080 (sssd) $ systemctl status sssd ● sssd.service - System Security Services Daemon Loaded: loaded (/lib/systemd/system/sssd.service; enabled; vendor preset: enabled) Active: activating (start) since Tue 2020-07-28 09:59:54 UTC; 1s ago Main PID: 8276 (sssd) This is a problem because if sssd is enabled in systemd and I reboot the machine, the system will fail to finish booting because it is waiting for infinite retries of the sssd service. [FAILED] Failed to start System Security Services Daemon. See 'systemctl status sssd.service' for details. [DEPEND] Dependency failed for SSSD PAM Service responder socket. [DEPEND] Dependency failed for SSSD PAM Service responder private socket. [DEPEND] Dependency failed for SSSD NSS Service responder socket. [DEPEND] Dependency failed for SSSD SSH Service responder socket. [DEPEND] Dependency failed for SSSD AutoFS Service responder socket. [DEPEND] Dependency failed for SSSD Sudo Service responder socket. [DEPEND] Dependency failed for SSSD PAC Service responder socket. [ OK ] Stopped System Security Services Daemon. Starting System Security Services Daemon... [*** ] A start job is running for System Security Services Daemon (4s / 1min 30s) [FAILED] Failed to start System Security Services Daemon. See 'systemctl status sssd.service' for details. [DEPEND] Dependency failed for SSSD PAM Service responder socket. [DEPEND] Dependency failed for SSSD PAM Service responder private socket. [DEPEND] Dependency failed for SSSD NSS Service responder socket. [DEPEND] Dependency failed for SSSD SSH Service responder socket. [DEPEND] Dependency failed for SSSD AutoFS Service responder socket. [DEPEND] Dependency failed for SSSD Sudo Service responder socket. [DEPEND] Dependency failed for SSSD PAC Service responder socket. [ OK ] Stopped System Security Services Daemon. Starting System Security Services Daemon... [*** ] A start job is running for System Security Services Daemon (4s / 1min 30s) ...ad infinitum... So in summary: I acknowledge that this was misconfigured because of user error, but my contention is that that shouldn't make the system unbootable. Version tested: sssd 2.2.3-3 under systemd 245.4-4ubuntu3.2 in Ubuntu 20.04. ** Affects: sssd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1889196 Title: infinite loop on start if misconfigured To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1889196/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs