http://bugzilla.suse.com/show_bug.cgi?id=1141925
http://bugzilla.suse.com/show_bug.cgi?id=1141925#c5
--- Comment #5 from Trevor McLeod ---
Samuel,
After using your repo to install the updated sssd, I did some testing. The
bottom line is that the problem is not resolved.
First, as to what I installed:
lin50:~ # rpm -qa | grep -i sssd
sssd-krb5-common-1.16.1-lp151.7.8.1.x86_64
sssd-32bit-1.16.1-lp151.7.3.1.x86_64
sssd-ldap-1.16.1-lp151.7.8.1.x86_64
sssd-1.16.1-lp151.7.8.1.x86_64
lin50:~ #
sssd-krb5, sssd-ldap and sssd are all from your repo.
Second, as to the testing methodology, I removed my custom sssd.service file
from /etc/systemd/system. Then, I rebooted the system.
Once the reboot was complete, I could not log in using my LDAP user account. I
could log in from the console as root. I found the same problem as before:
sssd ldap be was in the offline state. If I restarted the sssd service, the
ability to use an LDAP id to login was restored.
Upon checking /var/log/messages, I see the same problem as before: sssd comes
up first, then goes into the offline state, then DHCP sets the IP address but
sssd stays in the offline state. A snippet from /var/log messages:
25964 Jul 24 13:39:06 lin50 sssd[be[LDAP]]: Starting up
25965 Jul 24 13:39:06 lin50 systemd[1]: Started wicked network management
service daemon.
25966 Jul 24 13:39:06 lin50 systemd[1]: Starting wicked network nanny
service...
25967 Jul 24 13:39:06 lin50 polkitd[1186]: Started polkitd version 0.114
25968 Jul 24 13:39:06 lin50 systemd[1]: Started wicked network nanny service.
25969 Jul 24 13:39:06 lin50 systemd[1]: Starting wicked managed network
interfaces...
25970 Jul 24 13:39:06 lin50 sssd[nss]: Starting up
25971 Jul 24 13:39:06 lin50 kernel: [ 21.062917] No iBFT detected.
25972 Jul 24 13:39:06 lin50 sssd[pam]: Starting up
25973 Jul 24 13:39:06 lin50 systemd[1]: Started System Security Services
Daemon.
25974 Jul 24 13:39:06 lin50 systemd[1]: Reached target User and Group Name
Lookups.
25975 Jul 24 13:39:07 lin50 polkitd[1186]: Loading rules from directory
/etc/polkit-1/rules.d
25976 Jul 24 13:39:07 lin50 polkitd[1186]: Loading rules from directory
/usr/share/polkit-1/rules.d
25977 Jul 24 13:39:07 lin50 polkitd[1186]: Finished loading, compiling and
executing 7 rules
25978 Jul 24 13:39:07 lin50 dbus-daemon[1042]: [system] Successfully activated
service 'org.freedesktop.PolicyKit1'
25979 Jul 24 13:39:07 lin50 systemd[1]: Started Authorization Manager.
25980 Jul 24 13:39:07 lin50 polkitd[1186]: Acquired the name
org.freedesktop.PolicyKit1 on the system bus
25981 Jul 24 13:39:07 lin50 systemd[1]: Started Modem Manager.
25982 Jul 24 13:39:08 lin50 sssd[be[LDAP]]: Backend is offline
25983 Jul 24 13:39:09 lin50 ModemManager[1160]: <info> Couldn't check support
for device at '/sys/devices/pci0000:00/0000:00:19.0': not supported by any
plugin
25984 Jul 24 13:39:29 lin50 kernel: [ 43.273937] e1000e: eth0 NIC Link is Up
100 Mbps Full Duplex, Flow Control: None
25985 Jul 24 13:39:29 lin50 kernel: [ 43.273942] e1000e 0000:00:19.0 eth0:
10/100 speed: disabling TSO
25986 Jul 24 13:39:29 lin50 wickedd-dhcp4[1077]: eth0: Request to acquire
DHCPv4 lease with UUID ebc1385d-ea95-0b00-d404-000004000000
25987 Jul 24 13:39:29 lin50 kernel: [ 43.537559] NET: Registered protocol
family 17
25988 Jul 24 13:39:33 lin50 wickedd-dhcp4[1077]: eth0: Committed DHCPv4 lease
with address 142.103.13.127 (lease time 43200 sec, renew in 21600 sec, rebind
in 37800 sec)
25989 Jul 24 13:39:34 lin50 wicked[1260]: lo up
25990 Jul 24 13:39:34 lin50 wicked[1260]: eth0 up
25991 Jul 24 13:39:34 lin50 systemd[1]: Started wicked managed network
interfaces.
25992 Jul 24 13:39:34 lin50 systemd[1]: Starting Load kdump kernel and
initrd...
25993 Jul 24 13:39:34 lin50 systemd[1]: Reached target Network.
25994 Jul 24 13:39:34 lin50 systemd[1]: Starting Notify NFS peers of a
restart...
25995 Jul 24 13:39:34 lin50 systemd[1]: Starting CFEngine 3 deamons...
25996 Jul 24 13:39:34 lin50 systemd[1]: Reached target Network is Online.
You can see various sssd components (LDAP, nss, pam) starting up at lines
25964, 25970 and 25972. At line 25982 (13:39:08) sssd be LDAP goes into state
"Backend is offline", presumably because there is no DNS defined, yet. Twenty
seconds later, around line 25984, the network interface comes up, but sssd be
LDAP stays in state "Backend is offline".
This concludes testing of the first use case.
There is a second use case, which I don't believe I put in the ticket at the
start. We use Autoyast to install the operating system. Towards the end of
the installation, Autoyast brings the network interface down and then up (I
determined this by inspecting the logs). Shortly thereafter, the installation
is completed and the machine is available to the user. However, we've found
the same problem because of the network interface going down then up: sssd be
LDAP is in state "Backend is offline" and never goes into an online state. The
machine has to be either rebooted (assuming my custom sssd.service file has
been installed) or you have to login at the console and restart sssd. I had no
way to test this use case because I don't know how to configure Autoyast to
install sssd from your repo.
Trevor
--
You are receiving this mail because:
You are on the CC list for the bug.