Thanks for the response! Commenting out "udp_preference_limit" doesn't change anything unfortunately... I will rebuild sssd from source, so I can get more meaningful logs.
----- Pawel wt., 16 lut 2021 o 17:20 Sumit Bose <[email protected]> napisał(a): > On Tue, Feb 16, 2021 at 03:46:38PM +0100, Paweł Szafer wrote: > > Hi again, > > I installed Centos 8 to test if warning is working and on Centos it is > > working properly. > > > > In Arch I never get line with check "sss_krb5_expire_callback_func" > > > > Here are logs and config compared: > > https://gist.github.com/pszafer/7ab47cd7d4de05f965f4c8e9985af8fa (can't > > attach it to email, too big). > > Maybe you can find out if it's something with config or maybe Arch > > compilation of krb5 or sssd. > > Hi, > > this might be possible. If seen in > > https://github.com/archlinux/svntogit-community/blob/packages/sssd/trunk/PKGBUILD > the HAVE_KRB5_SET_TRACE_CALLBACK is removed from config.h which would > explain the missing krb5 trace messages in the logs. > > The expiration callback is used conditionally, but the related call is > available since MIT Kerberos version 1.9. Can you check the configure > output > > ...... > checking for krb5_get_error_message... yes > checking for krb5_free_unparsed_name... yes > checking for krb5_get_init_creds_opt_set_expire_callback... yes > <<<---- > checking for krb5_get_init_creds_opt_set_fast_ccache_name... yes > checking for krb5_get_init_creds_opt_set_fast_flags... yes > checking for krb5_get_init_creds_opt_set_canonicalize... yes > ...... > > But even if krb5_get_init_creds_opt_set_expire_callback is not available > I would expect a message in the debug logs. > > > In krb5.conf on Arch there is > > [libdefaults] > udp_preference_limit = 0 > > which is not present on Centos. I wonder if you can comment out those > two lines for testing. I would be surprised if this would change > anything but it is the only difference which might be related. > > bye, > Sumit > > > > > ----- > > Pawel > > > > > > > > pon., 15 lut 2021 o 11:13 Paweł Szafer <[email protected]> napisał(a): > > > > > yes, typo, sorry. It's valid till 20.02.2021. > > > Unfortunately I cannot find anything about password expiration in the > sssd > > > logs. > > > > > > Pawel > > > > > > pon., 15 lut 2021, 11:08 użytkownik Tomas Halman <[email protected]> > > > napisał: > > > > > >> > > >> > > >> On Sat, Feb 13, 2021 at 6:22 PM Paweł Szafer <[email protected]> > wrote: > > >> > > >>> > > >>> > User has password valid till 20.02.2020 and yet I don't have any > > >>>> warning. > > >>>> > > >>> > > >> Is that just a typo? 20.02.2020 is a year ago... > > >> > > >> Tomas > > >> _______________________________________________ > > >> sssd-users mailing list -- [email protected] > > >> To unsubscribe send an email to > [email protected] > > >> Fedora Code of Conduct: > > >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > >> List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > > >> List Archives: > > >> > https://lists.fedorahosted.org/archives/list/[email protected] > > >> Do not reply to spam on the list, report it: > > >> https://pagure.io/fedora-infrastructure > > >> > > > > > > _______________________________________________ > > sssd-users mailing list -- [email protected] > > To unsubscribe send an email to [email protected] > > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
