On (20/08/19 14:01), cedric hottier wrote: >Dear SSSD users, > >I would like to share with you few issues I faced during the move from >1.16.3 to 2.2.0 sssd release. >I am a Debian user and I did this move because Debian pushed the 2.2.0 >release in the testing branch. > >My configuration may seem exotic as I use 'files' as id_provider and 'krb5' >as auth_provider. > >Initially with the 1.16 version I faced the following issue : >https://pagure.io/SSSD/sssd/issue/3591 > >Thanks to Jakub Hrozek ><https://lists.fedorahosted.org/archives/users/5980502310531547029931685919681184321/>, >I was able to make it working with the following workaround : >id_provider=proxy proxy_lib_name=files >For those interested, the discussion thread is here : >https://lists.fedorahosted.org/archives/list/[email protected]/thread/5BHXWYHNA7PT5V76CXCALZ4LVPOTRFVY/ > > >With the move to 2.2.0, I faced several issues... >First, I had to remove the line services = nss, pam, ifp from sssd.conf >because I use systemd.
Debian enabled socket activated responders by default. You needn't remove line with services. You can disable/mask related sssd sockets if you do not like such behaviour Or if you do not want ot have failed services. (sssd-nss.socket, sssd-pam-priv.socket, sssd-pam.socket) But everything will work as expected with 2.2.1 and "services = nss, pam, ifp" Removing the line will not be problem with socket activated responders. It is up to you whether you want to use them or no. So this issue is unrelated to the segfault. And check my other email :-) LS _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
