> On 3 Apr 2018, at 02:24, Lachlan Musicman wrote:
>
> On 3 April 2018 at 08:23, Lachlan Musicman wrote:
> On 29 March 2018 at 20:23, Valentin Fischer wrote:
> Permission issue.
>
> Reinstall sssd-common
>
>
>
> I tried this on two different machines an it didn't work on either. Am
> getting identical output.
>
>
> I found this old thread
>
> https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org/message/IMP4NFXOW6RPKB2GIU4WXKLY54CTJG6A/
>
> I tried running
>
> sssd -i -d9
>
> and it works fine, the /var/lib/sss/pipes have returned (I deleted them,
> reinstalled sssd-common, they weren't replaced), and I can login successfully.
>
> So it's just running
>
> systemctl start sssd
> or
> systemctl restart sssd
>
> fails with the same errors as reported initially. So running manually in
> interactive mode works, but starting via systemctl doesn’t
One difference I can think of between running the deamon on the foreground
versus running as a service is SELinux context. Did you check if maybe there
are some AVC denials if you run sssd as a service?
> .
>
> I can't apply the update to production in that state, but if you want any
> more logs or testing done, let me know.
>
> Here are the permissions on the file system (I've not changed them by hand),
> but they look the same as a working 1.16.0_4 sssd installation.
>
> [root@vmts-linuxclient1 sssd]# ls -la /var/lib/sss/pipes/
> total 8
> drwxr-xr-x. 3 sssd sssd 71 Apr 3 10:11 .
> drwxr-xr-x. 10 root root 4096 Mar 29 03:01 ..
> srw-rw-rw- 1 root root0 Apr 3 10:11 nss
> srw-rw-rw- 1 root root0 Apr 3 10:11 pac
> srw-rw-rw- 1 root root0 Apr 3 10:11 pam
> drwxr-x---. 2 sssd root 4096 Apr 3 10:11 private
> srw-rw-rw- 1 root root0 Apr 3 10:11 ssh
> srw-rw-rw- 1 root root0 Apr 3 10:11 sudo
> [root@vmts-linuxclient1 sssd]# ls -la /var/lib/sss/pipes/private/
> total 4
> drwxr-x---. 2 sssd root 4096 Apr 3 10:11 .
> drwxr-xr-x. 3 sssd sssd 71 Apr 3 10:11 ..
> srw--- 1 root root0 Apr 3 10:11 pam
> lrwxrwxrwx 1 root root 63 Apr 3 10:11 sbus-dp_mycompany.com ->
> /var/lib/sss/pipes/private/sbus-dp_mycompany.com.3913
> srw--- 1 root root0 Apr 3 10:11 sbus-dp_mycompany.com.3913
> srw--- 1 root root0 Apr 3 10:11 sbus-monitor
>
>
> Cheers
> L.
>
>
>
>
>
> On Thu 29. Mar 2018 at 00:20, Lachlan Musicman wrote:
> Using the newly minted SSSD 1.16.1 from COPR, the sssd service doesn't
> restart.
>
> ( https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-16/)
>
> The journalctl -xe shows:
>
> -- Unit sssd.service has begun starting up.
> Mar 29 09:05:55 linuxclient1.unixdev.company.com sssd[1477]: Starting up
> Mar 29 09:05:55 linuxclient1.unixdev.company.com systemd[1]: sssd.service:
> main process exited, code=exited, status=3/NOTIMPLEMENTED
> Mar 29 09:05:55 linuxclient1.unixdev.company.com systemd[1]: Failed to start
> System Security Services Daemon.
> -- Subject: Unit sssd.service has failed
> -- Defined-By: systemd
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
>
> The /var/log/sssd/sssd.log shows
>
>
> (Thu Mar 29 09:03:44 2018) [sssd] [server_setup] (0x0400): CONFDB:
> /var/lib/sss/db/config.ldb
> (Thu Mar 29 09:03:44 2018) [sssd] [_snotify_create] (0x0400): Added a watch
> for /etc/resolv.conf with inotify flags 0x8D88 internal flags 0x1 using
> function resolv_conf_inotify_cb after delay 1.0
> (Thu Mar 29 09:03:44 2018) [sssd] [sss_names_init_from_args] (0x0100): Using
> re
> [(((?P[^\\]+)\\(?P.+$))|((?P[^@]+)@(?P.+$))|(^(?P[^@\\]+)$))].
> (Thu Mar 29 09:03:44 2018) [sssd] [sss_fqnames_init] (0x0100): Using fq
> format [%1$s].
> (Thu Mar 29 09:03:44 2018) [sssd] [sysdb_domain_init_internal] (0x0200): DB
> File for unixdev.company.com: /var/lib/sss/db/cache_unixdev.company.com.ldb
> (Thu Mar 29 09:03:44 2018) [sssd] [sysdb_domain_init_internal] (0x0200):
> Timestamp file for unixdev.company.com:
> /var/lib/sss/db/timestamps_unixdev.company.com.ldb
> (Thu Mar 29 09:03:44 2018) [sssd] [ldb] (0x0400): asq: Unable to register
> control with rootdse!
> (Thu Mar 29 09:03:44 2018) [sssd] [sbus_new_server] (0x0020):
> dbus_server_listen failed! (name=org.freedesktop.DBus.Error.AccessDenied,
> message=Failed to bind socket "/var/lib/sss/pipes/private/sbus-monitor":
> Permission denied)
> (Thu Mar 29 09:05:55 2018) [sssd] [server_setup] (0x0400): CONFDB:
> /var/lib/sss/db/config.ldb
> (Thu Mar 29 09:05:55 2018) [sssd] [_snotify_create] (0x0400): Added a watch
> for /etc/resolv.conf with inotify flags 0x8D88 internal flags 0x1 using
> function resolv_conf_inotify_cb after delay 1.0
> (Thu Mar 29 09:05:55 2018) [sssd] [sss_names_init_from_args] (0x0100): Using
> re
> [(((?P[^\\]+)\\(?P.+$))|((?P[^@]+)@(?P.+$))|(^(?P[^@\\]+)$))].
> (Thu Mar 29 09:05:55 2018) [sssd] [sss_fqnames_init] (0x0100): Using fq
> format [%1$s].
> (Thu Mar 29 09:05:55 2018) [sssd] [sysdb_domain_init_internal] (0x0