On Thu, Nov 6, 2025 at 10:29 PM Prentice Bisbal <[email protected]> wrote:
> On 11/6/25 5:01 AM, Alexey Tikhonov wrote: > > > > On Wed, Nov 5, 2025 at 3:53 PM Prentice Bisbal via sssd-users < > [email protected]> wrote: > >> Yesterday we upgrade some of our systems to OpenSuSE 15.6. We have sssd >> configured to to enumate, but when I do 'getent passwd, I get only the >> contents of /etc/passwd, a hang for 3-5 seconds, and then the command ends >> w/o any of our user information from LDAP. using strace, I see getent is >> failing with this error: >> >> connect(3, {sa_family=AF_UNIX, sun_path="/var/lib/sss/pipes/nss"}, 110) = >> -1 ECONNREFUSED (Connection refused) >> Even with logging turned all the way up, the only message I see in the >> logs is this: >> >> (2025-11-04 16:51:16): [sssd] [svc_child_info] (0x0020): Child [71156] >> ('nss':'nss') was terminated by own WATCHDOG >> > > Look into 'sssd_nss.log' -- what does it hang on - last message before > "2025-11-04 16:51:16" > But if your directory is big then an attempt to make enumeration work is > desperate. > > > Yes, this work may be desperate, especially since future versions of SSSD > won't support enumeration at all, > Enumeration support was removed for AD and IPA providers, but technically it stays for LDAP (and PROXY). But kind of "use it if it works for you". > and we recognize this may not be worth debugging any further, but > curiosity has got the better of me. > > From that particular event, all I see is this: > > (2025-11-04 16:51:16): [nss] [server_setup] (0x3f7c0): Starting with debug > level = 0x0070 > > Which is consistent with what I think it is happening. The sssd_nss is > crashing, and then restarting, and at the active log level at the time, all > it shows is the daemon restarting after crashing. Debug_level=9 produces a > lot to sift through, so I have it at 7 right now. It still crashes with and > the produces a line like above about starting, but these are the 3 lines > right before that happens: > > (2025-11-06 14:15:16): [nss] [cache_req_search_cache] (0x0400): [CID#19] > CR #140: Looking up [Users enumeration] in cache > (2025-11-06 14:15:16): [nss] [sysdb_enumpwent_filter] (0x1000): [CID#19] > Searching timestamp cache with [(objectCategory=user)] > (2025-11-06 14:15:16): [nss] [sysdb_enumpwent_filter] (0x1000): [CID#19] > Searching timestamp entries with [(|(dn=name=USERNAME@ldap > ,cn=users,cn=LDAP,cn=sysdb)... > > That last line is a really, really, really long line that appears to > include every username in our directory. I'm mainly pursuing this because > this didn't happen with our earlier version of sssd (OpenSuSE 15.4), so I'm > wondering/curious if this is a problem with the our directory size, a "new > feature" in sssd 2.9.3, or a bug. > Most probably https://github.com/SSSD/sssd/issues/6951 that needs to be fixed. > > Prentice >
-- _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
