Hi, As discussed on irc, the fallback config enables 'services=nss', and check_socket_activated_responder() bails out if there's no conffile.
So both should be fixed to allow sssd to start without extra noise when socket activation is enabled and no conffile around (the default case when the package is installed). On 1.8.2019 16.56, Andreas Hasenack wrote: > Hi there, > > I'm trying to update the sssd package in ubuntu to 2.2.0, and while > the upstream tests pass, and our integration tests pass too, I get > this warning (error?) with the socket services right after > installation: > > (https://pastebin.ubuntu.com/p/ZzW8BG2fpm/) > > root@eoan-sssd2:~# systemctl status sssd-autofs.service > ● sssd-autofs.service - SSSD AutoFS Service responder > Loaded: loaded (/lib/systemd/system/sssd-autofs.service; indirect; > vendor preset: enabled) > Active: inactive (dead) > Docs: man:sssd.conf(5) > > root@eoan-sssd2:~# systemctl status sssd-nss.socket > ● sssd-nss.socket - SSSD NSS Service responder socket > Loaded: loaded (/lib/systemd/system/sssd-nss.socket; enabled; > vendor preset: enabled) > Active: failed (Result: exit-code) since Thu 2019-08-01 12:49:07 > UTC; 16min ago > Docs: man:sssd.conf(5) > Listen: /var/lib/sss/pipes/nss (Stream) > > Aug 01 12:49:07 eoan-sssd2 systemd[1]: Starting SSSD NSS Service > responder socket. > Aug 01 12:49:07 eoan-sssd2 > sssd_check_socket_activated_responders[3012]: (Thu Aug 1 > 12:49:07:354960 2019) [sssd] [check_socket_activated_responder] > (0x0020): ini_config_file_open() failed [2][No such file or directory] > Aug 01 12:49:07 eoan-sssd2 > sssd_check_socket_activated_responders[3012]: (Thu Aug 1 > 12:49:07:355071 2019) [sssd] [main] (0x0010): Misconfiguration found > for the nss responder. > Aug 01 12:49:07 eoan-sssd2 > sssd_check_socket_activated_responders[3012]: The nss responder has > been configured to be socket-activated but it's still mentioned in the > services' line in /etc/sssd/sssd.conf. > Aug 01 12:49:07 eoan-sssd2 > sssd_check_socket_activated_responders[3012]: Please, consider either > adjusting your services' line in /etc/sssd/sssd.conf or disabling the > nss's socket by calling: > Aug 01 12:49:07 eoan-sssd2 > sssd_check_socket_activated_responders[3012]: "systemctl disable > sssd-nss.socket" > Aug 01 12:49:07 eoan-sssd2 systemd[1]: sssd-nss.socket: Control > process exited, code=exited, status=2/INVALIDARGUMENT > Aug 01 12:49:07 eoan-sssd2 systemd[1]: sssd-nss.socket: Failed with > result 'exit-code'. > Aug 01 12:49:07 eoan-sssd2 systemd[1]: Failed to listen on SSSD NSS > Service responder socket. > > There is no /etc/sssd/sssd.conf file present, so I think it assumes > some defaults. What are these? > > After install I get these services running: > 1871 ? Ss 0:00 /usr/sbin/sssd -i --logger=files > 1872 ? S 0:00 \_ /usr/libexec/sssd/sssd_be --domain > implicit_files --uid 0 --gid 0 --logger=files > 1873 ? S 0:00 \_ /usr/libexec/sssd/sssd_nss --uid 0 > --gid 0 --logger=files > > So here is my assumption: there is an implicit sssd.conf configuration > that is taken in since there is no actual sssd.conf file, and that > just starts sssd_nss, and at the *same* *time* we are trying to use > socket activation, which then says "why are you starting the socket > listener, since you are already starting nss?" I'm guessing only > debian-based systems see this, because we start the services right > after installation, and don't have a default sssd.conf file shipped > with the package. > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > -- t _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
