On Tue, Feb 07, 2012 at 11:04:53AM +0100, Marco Pizzoli wrote:
> Hi Jakub,
>
> On Tue, Feb 7, 2012 at 10:58 AM, Jakub Hrozek <[email protected]> wrote:
>
> On Tue, Feb 07, 2012 at 10:48:59AM +0100, Marco Pizzoli wrote:
> > Hi John,
> >
> > On Tue, Feb 7, 2012 at 10:42 AM, John Hodrien
> <[email protected]>
> > wrote:
> >
> > On Tue, 7 Feb 2012, Marco Pizzoli wrote:
> >
> > Hi,
> > I'm using sssd-1.7.0-5.fc16.x86_64 and during my sssd startup I
> see
> > this output:
> >
> > [cut]
> > (Tue Feb 7 10:25:16 2012) [sssd] [mark_service_as_started]
> (0x0100):
> > Now starting services!
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Queueing
> > service nss for startup
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Queueing
> > service pam for startup
> > (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]]
> [sbus_toggle_watch]
> > (0x4000): 0x7f0043097590/0x7f004309c2a0 (17), -/W (disabled)
> > (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]]
> [sbus_remove_timeout]
> > (0x2000): 0x7f004309a510
> > (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [sbus_dispatch]
> > (0x4000): dbus conn: 7F0043099BF0
> > (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [sbus_dispatch]
> > (0x4000): Dispatching.
> > (Tue Feb 7 10:25:16 2012) [sssd[be[my_ldap]]] [id_callback]
> (0x0100):
> > Got id ack and version (1) from Monitor
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > Could not exec sssd_nss, reason: No such file or directory
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Child [nss] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Could not
> > exec sssd_pam, reason: No such file or directory
> > Queueing service nss for startup
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Child [pam] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Could not
> > exec sssd_nss, reason: No such file or directory
> > Queueing service pam for startup
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Child [nss] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Queueing
> > service nss for startup
> > Could not exec sssd_pam, reason: No such file or directory
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Could not exec sssd_nss, reason: No such file or directory
> > Child [pam] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Queueing
> > service pam for startup
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Child [nss] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Queueing
> > service nss for startup
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > Could not exec sssd_pam, reason: No such file or directory
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Child [pam] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [start_service] (0x0100):
> Queueing
> > service pam for startup
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > Could not exec sssd_nss, reason: No such file or directory
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Child [nss] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0010):
> > Process [nss], definitely stopped!
> > (Tue Feb 7 10:25:16 2012) [sssd] [service_startup_handler]
> (0x0010):
> > Could not exec sssd_pam, reason: No such file or directory
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0040):
> > Child [pam] exited with code [1]
> > (Tue Feb 7 10:25:16 2012) [sssd] [mt_svc_exit_handler]
> (0x0010):
> > Process [pam], definitely stopped!
> > [cut]
> >
> > [root@fedora16 sssd]# locate sssd_pam
> > /usr/lib/debug/usr/libexec/sssd/sssd_pam.debug
> > /usr/libexec/sssd/sssd_pam
> >
> > [root@fedora16 sssd]# locate sssd_nss
> > /usr/lib/debug/usr/libexec/sssd/sssd_nss.debug
> > /usr/libexec/sssd/sssd_nss
> >
> > Could you help me in finding the problem?
> >
> > AVC denials listed in /var/log/audit/audit.log? SELinux was my
> first
> > thought
> > looking at this.
> >
> > If you do:
> >
> > setenforce 0
> > service sssd restart
> >
> > Does it work then? If not, it's something else ;)
> >
> > [root@fedora16 sssd]# getenforce
> > Disabled
> >
> >
> >
> > stracing the sssd process could give you a pointer as to exactly
> what
> > it's
> > trying to do that's failing, in case it's looking in the wrong
> place or
> > something.
> >
> > Thanks to pointing me to this. Found the problem.
> > [pid 1853] execve("/usr/local/bin/sssd_pam", ["sssd_pam"], [/* 26
> vars
> > */]) = -1 ENOENT (No such file or directory)
>
> This ^^ is wrong. Did you build the package yourself or is this an
> offictial one? Does your sssd.conf use the "command" parameter?
>
> This is the rpm Stephen asked me to try last week.
>
> Yes, I used the command parameter on both cases. It has been a fault? I
> was only trying expliciting default parameters.
This is a manpage bug.
The manpage says the default is sssd_${service}, but it's in fact
${libexec}/sssd_${service} which expands to absolute path pointing to
/usr/libexec/sssd/sssd_${service} by default.
When you specified a relative command name, execvp() probably tried to
execute the command somewhere in $PATH and failed.
We should either remove the command parameter altogether or at least fix
the default.
Thanks, this is tracked in https://fedorahosted.org/sssd/ticket/1174
now.
Removing the command parameter will make the sssd work.
>
> [nss]
> description = NSS Responder Configuration
> enum_cache_timeout = 120
> entry_cache_nowait_percentage = 50
> entry_negative_timeout = 15
> filter_groups = root
> filter_users = root
> filter_users_in_groups = true
> #override_homedir = /home/%u
> #allowed_shells = bash
> #vetoed_shells = csh
> #shell_fallback = /bin/sh
>
> debug-level = 0x03B0
> debug_timestamps = true
> debug_microseconds = true
> reconnection_retries = 3
> command = sssd_nss
>
> [pam]
> description = PAM Responder Configuration
> offline_credentials_expiration = 0
> offline_failed_login_attempts = 0
> offline_failed_login_delay = 5
> pam_verbosity = 1
> pam_id_timeout = 5
> pam_pwd_expiration_warning = 7
>
> debug-level = 0x03B0
> debug_timestamps = true
> debug_microseconds = true
> reconnection_retries = 3
> command = sssd_pam
_______________________________________________
sssd-devel mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/sssd-devel
