URL: https://github.com/SSSD/sssd/pull/5683 Author: alexey-tikhonov Title: #5683: Fix log levels Action: opened
PR body: """ """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5683/head:pr5683 git checkout pr5683
From 303e1cd9d15c3eb0efad76dd9e37109362f42150 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 21:25:23 +0200 Subject: [PATCH 1/4] krb5_child: reduce log severity in sss_send_pac() in case PAC responder isn't running. --- src/providers/krb5/krb5_child.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 713e90f833..4e55d9a374 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -223,7 +223,10 @@ static errno_t sss_send_pac(krb5_authdata **pac_authdata) ret = sss_pac_make_request(SSS_PAC_ADD_PAC_USER, &sss_data, NULL, NULL, &errnop); - if (ret != NSS_STATUS_SUCCESS || errnop != 0) { + if (ret == NSS_STATUS_UNAVAIL) { + DEBUG(SSSDBG_MINOR_FAILURE, "failed to contact PAC responder\n"); + return EIO; + } else if (ret != NSS_STATUS_SUCCESS || errnop != 0) { DEBUG(SSSDBG_OP_FAILURE, "sss_pac_make_request failed [%d][%d].\n", ret, errnop); return EIO; From 19b40ed2aa88578433d43d8ec3135e3d2cf7e918 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 21:47:52 +0200 Subject: [PATCH 2/4] secrets: reduce log severity in local_db_create() in case entry already exists since this is expected during normal oprations. --- src/util/secrets/secrets.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/secrets/secrets.c b/src/util/secrets/secrets.c index 6e99e291dd..f12b615f8a 100644 --- a/src/util/secrets/secrets.c +++ b/src/util/secrets/secrets.c @@ -476,7 +476,7 @@ static int local_db_create(struct sss_sec_req *req) ret = ldb_add(req->sctx->ldb, msg); if (ret != LDB_SUCCESS) { if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) { - DEBUG(SSSDBG_OP_FAILURE, + DEBUG(SSSDBG_FUNC_DATA, "Secret %s already exists\n", ldb_dn_get_linearized(msg->dn)); } else { DEBUG(SSSDBG_CRIT_FAILURE, From 4a76ad46dc0219c3e43d962057e7695625cd2c6f Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 21:56:16 +0200 Subject: [PATCH 3/4] KCM: reduce log level of ERR_KCM_OP_NOT_IMPLEMENTED --- src/responder/kcm/kcmsrv_cmd.c | 14 +++++++++++--- src/responder/kcm/kcmsrv_ops.c | 2 +- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/responder/kcm/kcmsrv_cmd.c b/src/responder/kcm/kcmsrv_cmd.c index 3ad17ef431..2cb2329008 100644 --- a/src/responder/kcm/kcmsrv_cmd.c +++ b/src/responder/kcm/kcmsrv_cmd.c @@ -311,8 +311,12 @@ static void kcm_reply_error(struct cli_ctx *cctx, { errno_t ret; krb5_error_code kerr; + int level = SSSDBG_OP_FAILURE; - DEBUG(SSSDBG_OP_FAILURE, + if (retcode == ERR_KCM_OP_NOT_IMPLEMENTED) { + level = SSSDBG_MINOR_FAILURE; + } + DEBUG(level, "KCM operation returns failure [%d]: %s\n", retcode, sss_strerror(retcode)); kerr = sss2krb5_error(retcode); @@ -405,8 +409,12 @@ static void kcm_cmd_request_done(struct tevent_req *req) &req_ctx->op_io.reply); talloc_free(req); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, - "KCM operation failed [%d]: %s\n", ret, sss_strerror(ret)); + if (ret == ERR_KCM_OP_NOT_IMPLEMENTED) { + DEBUG(SSSDBG_MINOR_FAILURE, "%s\n", sss_strerror(ret)); + } else { + DEBUG(SSSDBG_OP_FAILURE, + "KCM operation failed [%d]: %s\n", ret, sss_strerror(ret)); + } kcm_reply_error(req_ctx->cctx, ret, &req_ctx->repbuf); return; } diff --git a/src/responder/kcm/kcmsrv_ops.c b/src/responder/kcm/kcmsrv_ops.c index a8f49cedb0..f7f80d8502 100644 --- a/src/responder/kcm/kcmsrv_ops.c +++ b/src/responder/kcm/kcmsrv_ops.c @@ -122,7 +122,7 @@ struct tevent_req *kcm_cmd_send(TALLOC_CTX *mem_ctx, } if (op->fn_send == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, + DEBUG(SSSDBG_MINOR_FAILURE, "KCM op %s has no handler\n", kcm_opt_name(op)); ret = ERR_KCM_OP_NOT_IMPLEMENTED; goto immediate; From 651caff1bd7675385552971d3ea546f23246b96c Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 22:04:21 +0200 Subject: [PATCH 4/4] KCM: reduce log severity in sec_get() in case entry not found --- src/responder/kcm/kcmsrv_ccache_secdb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/responder/kcm/kcmsrv_ccache_secdb.c b/src/responder/kcm/kcmsrv_ccache_secdb.c index 6c8c35b865..4631bfea09 100644 --- a/src/responder/kcm/kcmsrv_ccache_secdb.c +++ b/src/responder/kcm/kcmsrv_ccache_secdb.c @@ -58,7 +58,7 @@ static errno_t sec_get(TALLOC_CTX *mem_ctx, ret = sss_sec_get(tmp_ctx, req, &data, &len, &datatype); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, + DEBUG(SSSDBG_MINOR_FAILURE, "Cannot retrieve the secret [%d]: %s\n", ret, sss_strerror(ret)); goto done; }
_______________________________________________ sssd-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
