Hi all. >> While trying to use sudo with sssd I got an error like: >> >> Aug 9 16:20:41 HOST sudo: pam_sss(sudo:auth): received for user USER: >> 9 (Authentication service cannot retrieve authentication info) >> > > During authentication, the sssd Kerberos backend returns > PAM_AUTHINFO_UNAVAIL (which is the error code 9 you are seeing) when the > KDC is unreachable and cached credentials not available. > > Would you mind checking the sssd logs if there is something interesting > either from the backend process or the krb5_child one? If sssd is > running as daemon, that would be in /var/log/sss/sssd_$DOMAIN.log or > /var/log/sss/krb5_child.log.
This is the only output I got during sudo: (Wed Aug 11 13:22:07 2010) [sssd[be[MYDOMAIN]]] [get_server_status] (7): Status of server 'kdc.mydomain' is 'working' (Wed Aug 11 13:22:07 2010) [sssd[be[MYDOMAIN]]] [get_port_status] (7): Port status of port 88 for server 'kdc.mydomain' is 'working' (Wed Aug 11 13:22:07 2010) [sssd[be[MYDOMAIN]]] [resolve_srv_send] (6): The status of SRV lookup is resolved (Wed Aug 11 13:22:07 2010) [sssd[be[MYDOMAIN]]] [get_server_status] (7): Status of server 'kdc.mydomain' is 'working' (Wed Aug 11 13:22:07 2010) [sssd[be[MYDOMAIN]]] [be_resolve_server_done] (4): Found address for server kdc.mydomain: [192.168.1.201] (Wed Aug 11 13:22:07 2010) [sssd[be[MYDOMAIN]]] [be_pam_handler_callback] (4): Backend returned: (1, 9, <NULL>) [Provider is Offline (Bad file descriptor)] Best Regards Marcus _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel