URL: https://github.com/SSSD/sssd/pull/5683 Author: alexey-tikhonov Title: #5683: Fix log levels Action: synchronized
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5683/head:pr5683 git checkout pr5683
From 303e1cd9d15c3eb0efad76dd9e37109362f42150 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 21:25:23 +0200 Subject: [PATCH 1/4] krb5_child: reduce log severity in sss_send_pac() in case PAC responder isn't running. --- src/providers/krb5/krb5_child.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c index 713e90f833..4e55d9a374 100644 --- a/src/providers/krb5/krb5_child.c +++ b/src/providers/krb5/krb5_child.c @@ -223,7 +223,10 @@ static errno_t sss_send_pac(krb5_authdata **pac_authdata) ret = sss_pac_make_request(SSS_PAC_ADD_PAC_USER, &sss_data, NULL, NULL, &errnop); - if (ret != NSS_STATUS_SUCCESS || errnop != 0) { + if (ret == NSS_STATUS_UNAVAIL) { + DEBUG(SSSDBG_MINOR_FAILURE, "failed to contact PAC responder\n"); + return EIO; + } else if (ret != NSS_STATUS_SUCCESS || errnop != 0) { DEBUG(SSSDBG_OP_FAILURE, "sss_pac_make_request failed [%d][%d].\n", ret, errnop); return EIO; From 19b40ed2aa88578433d43d8ec3135e3d2cf7e918 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 21:47:52 +0200 Subject: [PATCH 2/4] secrets: reduce log severity in local_db_create() in case entry already exists since this is expected during normal oprations. --- src/util/secrets/secrets.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/secrets/secrets.c b/src/util/secrets/secrets.c index 6e99e291dd..f12b615f8a 100644 --- a/src/util/secrets/secrets.c +++ b/src/util/secrets/secrets.c @@ -476,7 +476,7 @@ static int local_db_create(struct sss_sec_req *req) ret = ldb_add(req->sctx->ldb, msg); if (ret != LDB_SUCCESS) { if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) { - DEBUG(SSSDBG_OP_FAILURE, + DEBUG(SSSDBG_FUNC_DATA, "Secret %s already exists\n", ldb_dn_get_linearized(msg->dn)); } else { DEBUG(SSSDBG_CRIT_FAILURE, From 7a9dab33545f4e29c032a26e3512202fbd7c4fda Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 21:56:16 +0200 Subject: [PATCH 3/4] KCM: use SSSDBG_IMPORTANT_INFO for ERR_KCM_OP_NOT_IMPLEMENTED --- src/responder/kcm/kcmsrv_cmd.c | 13 +++++++++---- src/responder/kcm/kcmsrv_ops.c | 2 +- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/src/responder/kcm/kcmsrv_cmd.c b/src/responder/kcm/kcmsrv_cmd.c index 3ad17ef431..79b0114d71 100644 --- a/src/responder/kcm/kcmsrv_cmd.c +++ b/src/responder/kcm/kcmsrv_cmd.c @@ -195,7 +195,7 @@ static errno_t kcm_input_parse(struct kcm_reqbuf *reqbuf, op_io->op = kcm_get_opt(be16toh(opcode_be)); if (op_io->op == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, + DEBUG(SSSDBG_IMPORTANT_INFO, "Did not find a KCM operation handler for the requested opcode\n"); return ERR_KCM_OP_NOT_IMPLEMENTED; } @@ -312,7 +312,8 @@ static void kcm_reply_error(struct cli_ctx *cctx, errno_t ret; krb5_error_code kerr; - DEBUG(SSSDBG_OP_FAILURE, + DEBUG(retcode == ERR_KCM_OP_NOT_IMPLEMENTED ? + SSSDBG_IMPORTANT_INFO : SSSDBG_OP_FAILURE, "KCM operation returns failure [%d]: %s\n", retcode, sss_strerror(retcode)); kerr = sss2krb5_error(retcode); @@ -405,8 +406,12 @@ static void kcm_cmd_request_done(struct tevent_req *req) &req_ctx->op_io.reply); talloc_free(req); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, - "KCM operation failed [%d]: %s\n", ret, sss_strerror(ret)); + if (ret == ERR_KCM_OP_NOT_IMPLEMENTED) { + DEBUG(SSSDBG_IMPORTANT_INFO, "%s\n", sss_strerror(ret)); + } else { + DEBUG(SSSDBG_OP_FAILURE, + "KCM operation failed [%d]: %s\n", ret, sss_strerror(ret)); + } kcm_reply_error(req_ctx->cctx, ret, &req_ctx->repbuf); return; } diff --git a/src/responder/kcm/kcmsrv_ops.c b/src/responder/kcm/kcmsrv_ops.c index a8f49cedb0..18c1b4cbc1 100644 --- a/src/responder/kcm/kcmsrv_ops.c +++ b/src/responder/kcm/kcmsrv_ops.c @@ -122,7 +122,7 @@ struct tevent_req *kcm_cmd_send(TALLOC_CTX *mem_ctx, } if (op->fn_send == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, + DEBUG(SSSDBG_IMPORTANT_INFO, "KCM op %s has no handler\n", kcm_opt_name(op)); ret = ERR_KCM_OP_NOT_IMPLEMENTED; goto immediate; From 5987195096506d4a04b0b106d72a9f1acb835af2 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov <[email protected]> Date: Mon, 14 Jun 2021 22:04:21 +0200 Subject: [PATCH 4/4] KCM: reduce log severity in sec_get() in case entry not found --- src/responder/kcm/kcmsrv_ccache_secdb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/responder/kcm/kcmsrv_ccache_secdb.c b/src/responder/kcm/kcmsrv_ccache_secdb.c index 6c8c35b865..4631bfea09 100644 --- a/src/responder/kcm/kcmsrv_ccache_secdb.c +++ b/src/responder/kcm/kcmsrv_ccache_secdb.c @@ -58,7 +58,7 @@ static errno_t sec_get(TALLOC_CTX *mem_ctx, ret = sss_sec_get(tmp_ctx, req, &data, &len, &datatype); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, + DEBUG(SSSDBG_MINOR_FAILURE, "Cannot retrieve the secret [%d]: %s\n", ret, sss_strerror(ret)); goto done; }
_______________________________________________ sssd-devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
