Most probably https://github.com/SSSD/sssd/issues/6951 that needs to be fixed.
That indeed sounds like what I'm experiencing. Thanks for the link .
On 11/7/25 3:11 AM, Alexey Tikhonov wrote:
On Thu, Nov 6, 2025 at 10:29 PM Prentice Bisbal <[email protected]> wrote: On 11/6/25 5:01 AM, Alexey Tikhonov wrote:On Wed, Nov 5, 2025 at 3:53 PM Prentice Bisbal via sssd-users <[email protected]> wrote: Yesterday we upgrade some of our systems to OpenSuSE 15.6. We have sssd configured to to enumate, but when I do 'getent passwd, I get only the contents of /etc/passwd, a hang for 3-5 seconds, and then the command ends w/o any of our user information from LDAP. using strace, I see getent is failing with this error: connect(3, {sa_family=AF_UNIX, sun_path="/var/lib/sss/pipes/nss"}, 110) = -1 ECONNREFUSED (Connection refused) Even with logging turned all the way up, the only message I see in the logs is this: (2025-11-04 16:51:16): [sssd] [svc_child_info] (0x0020): Child [71156] ('nss':'nss') was terminated by own WATCHDOG Look into 'sssd_nss.log' -- what does it hang on - last message before "2025-11-04 16:51:16" But if your directory is big then an attempt to make enumeration work is desperate.Yes, this work may be desperate, especially since future versions of SSSD won't support enumeration at all,Enumeration support was removed for AD and IPA providers, but technically it stays for LDAP (and PROXY).But kind of "use it if it works for you". and we recognize this may not be worth debugging any further, but curiosity has got the better of me. From that particular event, all I see is this: (2025-11-04 16:51:16): [nss] [server_setup] (0x3f7c0): Starting with debug level = 0x0070 Which is consistent with what I think it is happening. The sssd_nss is crashing, and then restarting, and at the active log level at the time, all it shows is the daemon restarting after crashing. Debug_level=9 produces a lot to sift through, so I have it at 7 right now. It still crashes with and the produces a line like above about starting, but these are the 3 lines right before that happens: (2025-11-06 14:15:16): [nss] [cache_req_search_cache] (0x0400): [CID#19] CR #140: Looking up [Users enumeration] in cache (2025-11-06 14:15:16): [nss] [sysdb_enumpwent_filter] (0x1000): [CID#19] Searching timestamp cache with [(objectCategory=user)] (2025-11-06 14:15:16): [nss] [sysdb_enumpwent_filter] (0x1000): [CID#19] Searching timestamp entries with [(|(dn=name=USERNAME@ldap,cn=users,cn=LDAP,cn=sysdb)... That last line is a really, really, really long line that appears to include every username in our directory. I'm mainly pursuing this because this didn't happen with our earlier version of sssd (OpenSuSE 15.4), so I'm wondering/curious if this is a problem with the our directory size, a "new feature" in sssd 2.9.3, or a bug.Most probably https://github.com/SSSD/sssd/issues/6951 that needs to be fixed.Prentice
-- Prentice Bisbal HPC Systems Engineer III Computational & Information Systems Laboratory (CISL) NSF National Center for Atmospheric Research (NSF NCAR) https://www.cisl.ucar.edu https://ncar.ucar.edu
-- _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
