[Freeipa-users] SSSD startup failures on ipa clients

Jakub Hrozek jhrozek at redhat.com
Mon Jul 28 07:39:48 UTC 2014 

On Sun, Jul 27, 2014 at 10:42:34PM -0400, Mark Heslin wrote:
> Folks,
> 
> I just stumbled on an odd issue. I have an OpenShift deployment with 2
> brokers, 2 nodes, 1 rhc client
> all running RHEL 6.5. I also have 2 IPA servers (1 server, 1 replica), 1 IPA
> admin (tools) client all running RHEL 7.0.
> All OpenShift hosts, client and IPA client are members of IPA domain
> 'interop.example.com'.
> 
> After creating ssh public keys on the IPA admin client for user 'ose-admin1'
> and uploading them into IPA,
> I am able to ssh with the key to all IPA domain hosts as user 'ose-admin1'
> except the 2 node hosts.
> In looking closer at the 2 node hosts I noticed that SSSD keeps failing on
> start:
> 
> # service sssd restart
> Stopping sssd: cat: /var/run/sssd.pid: No such file or directory
> [FAILED]
> Starting sssd: [FAILED]
> 
> Starting with debug mode shows:
> 
>   [root at node1/2 ~]# sssd -d9
>   (Sun Jul 27 22:12:29:527689 2014) [sssd] [check_file] (0x0400): lstat for
> [/var/run/nscd/socket] failed: [2][No such file or directory].
>   (Sun Jul 27 22:12:29:529293 2014) [sssd] [ldb] (0x0400):
> server_sort:Unable to register control with rootdse!
>   (Sun Jul 27 22:12:29:529596 2014) [sssd] [confdb_get_domain_internal]
> (0x0400): No enumeration for [interop.example.com]!
>   (Sun Jul 27 22:12:29:529646 2014) [sssd] [confdb_get_domain_internal]
> (0x1000): pwd_expiration_warning is -1
>   (Sun Jul 27 22:12:29:529686 2014) [sssd] [server_setup] (0x0040): Becoming
> a daemon.

At this point sssd became a deamon and detached from the terminal, so no
more debug info was printed. Can you run sssd again, adding "-i"
(interactive) this time?

> 
> The logs show show nothing useful but this problem started during the
> ipa-client-install - the log shows:
> 
>   2014-07-23T18:40:22Z DEBUG args=/usr/sbin/authconfig --enablesssdauth
> --enablemkhomedir --update --enablesssd
>   2014-07-23T18:40:22Z DEBUG stdout=Starting oddjobd:        [  OK ]
>   2014-07-23T18:40:22Z DEBUG stderr=
>   2014-07-23T18:40:22Z INFO SSSD enabled
>   2014-07-23T18:40:29Z DEBUG args=/sbin/service sssd restart
>   2014-07-23T18:40:29Z DEBUG stdout=Stopping sssd: [FAILED]
>   Starting sssd:                                [FAILED]
> 
>   2014-07-23T18:40:29Z DEBUG stderr=cat: /var/run/sssd.pid: No such file or
> directory
> 
>   2014-07-23T18:40:29Z WARNING SSSD service restart was unsuccessful.
>   2014-07-23T18:40:29Z DEBUG args=/sbin/chkconfig sssd on
>   2014-07-23T18:40:29Z DEBUG stdout=
> 
> Any ideas? Have we seen this before? I suppose I could uninstall the ipa
> client and re-install but I didn't want
> to touch anything until I hear back.
> 
> Thanks!
> 
> -m
> 
> btw - All systems have been updated as of this evening. Kerberos works fine
> but anything requiring
> lookups is toast.
> 
> 
> 
> 
> 
> -- 
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go To http://freeipa.org for more info on the project

More information about the Freeipa-users mailing list