[Freeipa-users] SSSD startup failures on ipa clients
Jakub Hrozek
jhrozek at redhat.com
Mon Jul 28 07:39:48 UTC 2014
On Sun, Jul 27, 2014 at 10:42:34PM -0400, Mark Heslin wrote:
> Folks,
>
> I just stumbled on an odd issue. I have an OpenShift deployment with 2
> brokers, 2 nodes, 1 rhc client
> all running RHEL 6.5. I also have 2 IPA servers (1 server, 1 replica), 1 IPA
> admin (tools) client all running RHEL 7.0.
> All OpenShift hosts, client and IPA client are members of IPA domain
> 'interop.example.com'.
>
> After creating ssh public keys on the IPA admin client for user 'ose-admin1'
> and uploading them into IPA,
> I am able to ssh with the key to all IPA domain hosts as user 'ose-admin1'
> except the 2 node hosts.
> In looking closer at the 2 node hosts I noticed that SSSD keeps failing on
> start:
>
> # service sssd restart
> Stopping sssd: cat: /var/run/sssd.pid: No such file or directory
> [FAILED]
> Starting sssd: [FAILED]
>
> Starting with debug mode shows:
>
> [root at node1/2 ~]# sssd -d9
> (Sun Jul 27 22:12:29:527689 2014) [sssd] [check_file] (0x0400): lstat for
> [/var/run/nscd/socket] failed: [2][No such file or directory].
> (Sun Jul 27 22:12:29:529293 2014) [sssd] [ldb] (0x0400):
> server_sort:Unable to register control with rootdse!
> (Sun Jul 27 22:12:29:529596 2014) [sssd] [confdb_get_domain_internal]
> (0x0400): No enumeration for [interop.example.com]!
> (Sun Jul 27 22:12:29:529646 2014) [sssd] [confdb_get_domain_internal]
> (0x1000): pwd_expiration_warning is -1
> (Sun Jul 27 22:12:29:529686 2014) [sssd] [server_setup] (0x0040): Becoming
> a daemon.
At this point sssd became a deamon and detached from the terminal, so no
more debug info was printed. Can you run sssd again, adding "-i"
(interactive) this time?
>
> The logs show show nothing useful but this problem started during the
> ipa-client-install - the log shows:
>
> 2014-07-23T18:40:22Z DEBUG args=/usr/sbin/authconfig --enablesssdauth
> --enablemkhomedir --update --enablesssd
> 2014-07-23T18:40:22Z DEBUG stdout=Starting oddjobd: [ OK ]
> 2014-07-23T18:40:22Z DEBUG stderr=
> 2014-07-23T18:40:22Z INFO SSSD enabled
> 2014-07-23T18:40:29Z DEBUG args=/sbin/service sssd restart
> 2014-07-23T18:40:29Z DEBUG stdout=Stopping sssd: [FAILED]
> Starting sssd: [FAILED]
>
> 2014-07-23T18:40:29Z DEBUG stderr=cat: /var/run/sssd.pid: No such file or
> directory
>
> 2014-07-23T18:40:29Z WARNING SSSD service restart was unsuccessful.
> 2014-07-23T18:40:29Z DEBUG args=/sbin/chkconfig sssd on
> 2014-07-23T18:40:29Z DEBUG stdout=
>
> Any ideas? Have we seen this before? I suppose I could uninstall the ipa
> client and re-install but I didn't want
> to touch anything until I hear back.
>
> Thanks!
>
> -m
>
> btw - All systems have been updated as of this evening. Kerberos works fine
> but anything requiring
> lookups is toast.
>
>
>
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go To http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list