On (19/05/17 12:50), Joakim Tjernlund wrote: >On Fri, 2017-05-19 at 14:14 +0200, Lukas Slebodnik wrote: >> On (19/05/17 12:07), Joakim Tjernlund wrote: >> > On Fri, 2017-05-19 at 13:43 +0200, Lukas Slebodnik wrote: >> > > On (19/05/17 11:31), Joakim Tjernlund wrote: >> > > > On Fri, 2017-05-19 at 13:22 +0200, Lukas Slebodnik wrote: >> > > > > On (19/05/17 10:37), Joakim Tjernlund wrote: >> > > > > > On Thu, 2017-05-18 at 11:40 -0400, Striker Leggette wrote: >> > > > > > > I can understand the first unlock from waking up from sleep. >> > > > > > > For the second, bump your debug_level in sssd.conf up to 7 and >> > > > > > > then check to see if you have any "Got request" lines in >> > > > > > > /var/log/sssd/sssd_domain.log for the second login attempt from >> > > > > > > the lock screen. You should be able to see if it is using >> > > > > > > cached creds or actively trying to parse the domain server. >> > > > > > > Can you paste your sssd.conf also? >> > > > > > >> > > >> > > But renew failed and sssd went offline. >> > > >> > > Could you truncate sssd log file (truncate -s 0 /var/log/sssd/*) >> > > Then try to reproduce one more time and provide not only domain log file >> > > but >> > > also *child log files. >> > >> > Did that but I did not get a child log file at all. >> > >> >> If you can see debug messages from following functions >> write_pipe_handler >> read_pipe_handler >> parse_krb5_child_response >> Then krb5_child was executed. And there will be non-empty file >> /var/log/sssd/krb5_child.log. > >I can see: > >se-jocke-lx sssds # grep write_pipe_handler * >sssd_infinera.com.log:(Fri May 19 13:45:06 2017) [sssd[be[infinera.com]]] >[write_pipe_handler] (0x0400): All >data has been sent! >se-jocke-lx sssds # grep read_pipe_handler * >sssd_infinera.com.log:(Fri May 19 13:45:06 2017) [sssd[be[infinera.com]]] >[read_pipe_handler] (0x0400): EOF >received, client finished >se-jocke-lx sssds # grep parse_krb5_child_response * >sssd_infinera.com.log:(Fri May 19 13:45:06 2017) [sssd[be[infinera.com]]] >[parse_krb5_child_response] >(0x1000): child response [0][3][33]. > >but only these files: >ls >./ ../ sssd_infinera.com.log sssd.log sssd_nss.log sssd_pam.log > > >to start debug logging I did a: ># > sss_debuglevel 7 >should I do something more? >
That's weird. Is there something in journald from that time If not then I would recommend to stop sssd; clena log file rm -f /var/log/sssd/* * set debug_level = 9 in domain section * start sssd * reproduce bug And then there should be *child log files Please also provide an output of following command rpm -V sssd-common sssd-krb5-common LS _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org