Hi all
I updated my RHEL 8 test box today and got sssd-2.3.0-9.el8.x86_64 as an update
from sssd-2.2.3-20.el8.x86_64. Prior to the upgrade everything worked fine.
Immediately after upgrade sssd fails to restart the critical service [sudo],
and fails to start sssd at all, as noted in journalctl -xe.
Are there things that needs to be done to affect a successful upgrade from
2.2.3 to 2.3.0? a conf file change perhaps? I saw mentions of "required conf
file changes" in other issues reported in github.
Downgrading back to 2.2.3 and removing the database returns sssd to starting
and working.
Removing "sudo" as a service from sssd.conf allows sssd to start with 2.3.0-9
installed.
I attempted to use "systemctl enable sssd-sudo" like the man page suggests and
the result in the journal is "Dependency failed for SSSD Sudo Service responder
socket."
I also noted this in the sssd-sudo man page: "It's important to note that on
platforms where systemd is supported there's no need to add the "sudo" provider
to the list of services, as it became optional. However,
sssd-sudo.socket must be enabled instead."
having enabled the sockect and removed "sudo" from the list of services, it
does seem to work and retrieve rules from AD for the user.
Is all of this correct? Is removing "sudo" as a service the answer to this or
is it just a workaround? If it is the solution, is there any documentation
about changes to configurations from version to version like sudo no longer
allowing the service to start if it's explicitly listed as a service?
Just trying to figure out the scope of what will need to change on my fleet.
The evidence so far seems to point to just removing "sudo" as a service in
sssd.conf. Is that enough? Should "systemctl enable sssd-sudo" be run as well?
Thanks in advance for your insights.
Todd
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
