On (05/06/14 16:43), Robert Zmijan wrote: >> On Wed, Jun 04, 2014 at 11:54:39PM +0100, Robert Zmijan wrote: >>>> On 06/04/2014 04:13 PM, Robert Zmijan wrote: >>>>>> On Wed, 2014-06-04 at 18:15 +0100, Robert Zmijan wrote: >>>>>>> Hi >>>>>>> >>>>>>> I want to setup sssd to use ldap_default_bind_dn and >>>>>>> ldap_default_authok. currently I have in my sssd.conf >>>>>>> ldap_default_bind_dn = cn=sssd,ou=services,dc=myhost,dc=net >>>>>>> ldap_default_authok = mypassword I understand that I would >>>>>>> have to put 'mypassword' in ldap under the name of 'sssd' >>>>>>> the problem I'm facing is that when i type: sss_obfuscate I >>>>>>> get this: >>>>>>> >>>>>>> File "/usr/sbin/sss_obfuscate", line 81 print "Cannot read >>>>>>> internal configuration files" >>>>>> >>>>>> chmod 0600 /etc/sssd/sssd.conf >>>>>> >>>> >>>>> Just did that. running sss_obuscate has still the same effect as >>>>> above: >>>> >>>>> File "/usr/sbin/sss_obfuscate", line 81 print "Cannot read >>>>> internal configuration files" >>>> >>>>> Syntax Error: invalid syntax >>>> >>>> "invalid syntax" probably means you have an error in the config >>>> file. Mind including it so we can help you spot the syntax error? >>> >>> Sure, did you mean sssd.conf? >>> >>> here it is >>> >>> [sssd] >>> config_file_version = 2 >>> services = nss, pam >>> domains = LDAP >>> >>> [nss] >>> >>> filter_users = root,ldap,named,avahi,haldaemon,dbus,radiusd,news,nscd >>> >>> >>> [pam] >>> >>> # Example LDAP domain >>> [domain/LDAP] >>> id_provider = ldap >>> >>> ldap_id_use_start_tls = True >>> >>> auth_provider = ldap >>> chpass_provider = ldap >>> access_provider = ldap >>> >>> ldap_access_filter = gidNumber=100 >>> >>> ldap_user_ssh_public_key = sshPublicKey >>> ldap_default_bind_dn=cn=sssd,ou=services,dc=myhost,dc=net >>> >>> ldap_tls_reqcert = never >>> ldap_tls_cacert = /etc/openldap/ssl/ldapscert.crt >>> ldap_uri = ldap://127.0.0.1 >>> ldap_search_base = dc=homelinux,dc=net >>> ldap_user_search_base = ou=People,dc=myhost,dc=net >>> ldap_group_search_base = ou=Group,dc=myhost,dc=net >>> >>> enumerate = true >>> >>> cache_credentials = true >> >> This configuration looks good and is working for me with sss_obfuscate. >> Which platform/distribution do you use? Maybe there are issues with the >> path to the config file? You can use the -f option to explicitly tell >> sss_obfuscate which config file to read. >> >> HTH >> >> bye, >> Sumit > >I'm using Gentoo. No luck so far. I even copied the sssd.conf to my home >directory, gave 666 permissions and did sss_obfuscate -f /root/sssd.conf sssd.conf have to have permissions 0600, otherwise sssd will not start.
> >Again I get > >File "/usr/sbin/sss_obfuscate", line 81 print "Cannot read >internal configuration files" > >SyntaxError: invalid syntax /usr/sbin/sss_obfuscate is python script. You can try debug this script if you have sucxh python skills :-) https://docs.python.org/2/library/pdb.html >I guess the issue is more basic, and broader than just permission to >sssd.conf > >the line "Cannot read internal configuration files" sounds too enigmatic >to me. What configuration files are meant to be read? Dou you run sss_obfuscate as root? LS _______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
