[Freeipa-users] SSSD Crash Causing Inaccessibility
Jeff Hallyburton
jeff.hallyburton at bloomip.com
Thu Jan 28 21:25:51 UTC 2016
We saw the following happen on a system today, and wanted to follow up:
System became unresponsive to ssh logins with the error:
ssh -v incentives01
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 4: Applying options for *
debug1: Connecting to incentives01 [172.31.9.16] port 22.
debug1: Connection established.
debug1: identity file /home/jeff.hallyburton/.ssh/id_rsa type -1
debug1: identity file /home/jeff.hallyburton/.ssh/id_rsa-cert type -1
debug1: identity file /home/jeff.hallyburton/.ssh/id_dsa type -1
debug1: identity file /home/jeff.hallyburton/.ssh/id_dsa-cert type -1
debug1: identity file /home/jeff.hallyburton/.ssh/id_ecdsa type -1
debug1: identity file /home/jeff.hallyburton/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/jeff.hallyburton/.ssh/id_ed25519 type -1
debug1: identity file /home/jeff.hallyburton/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm at openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm at openssh.com none
debug1: kex: curve25519-sha256 at libssh.org need=16 dh_need=16
debug1: kex: curve25519-sha256 at libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA
89:e0:f8:25:21:db:c9:46:67:14:38:0c:c1:f4:f7:51
debug1: Host 'incentives01' is known and matches the ECDSA host key.
debug1: Found key in /home/jeff.hallyburton/.ssh/known_hosts:7
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
This is a private computer system which is restricted to authorized
individuals.
Actual or attempted unauthorized use of this computer system will result in
criminal and/or civil prosecution.
We reserve the right to view, monitor and record activity on the system
without
notice or permission. Any information obtained by monitoring, reviewing or
recording is subject to review by law enforcement organizations in
connection
with the investigation or prosecution of possible criminal activity on this
system.
If you are not an authorized user of this system or do not consent to
continued
monitoring, disconnect at this time.
debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic
debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic
debug1: Authentications that can continue:
publickey,gssapi-keyex,gssapi-with-mic
Received disconnect from 172.31.9.16: 2: Too many authentication failures
for jeff.hallyburton
Ultimately we rebooted the node to restore connectivity. After we were
back in, we're seeing that sssd crashed due what looks like a memory
allocation error:
/var/log/sssd/sssd.log
# cat /var/log/sssd/sssd.log
(Thu Jan 28 20:15:56 2016) [sssd] [mt_svc_sigkill] (0x0010): [enervee.com][620]
is not responding to SIGTERM. Sending SIGKILL.
(Thu Jan 28 20:16:27 2016) [sssd] [talloc_log_fn] (0x0010): talloc: access
after free error - first free may be at src/monitor/monitor.c:2760
(Thu Jan 28 20:16:27 2016) [sssd] [talloc_log_fn] (0x0010): Bad talloc
magic value - access after free
/var/log/secure
Jan 28 20:05:48 incentives01 sshd[26145]: Timeout, client not responding.
Jan 28 20:05:48 incentives01 sshd[26142]: pam_unix(sshd:session): session
closed for user
Jan 28 20:16:28 incentives01 sshd[14504]: Timeout, client not responding.
Jan 28 20:16:28 incentives01 sshd[14501]: pam_systemd(sshd:session): Failed
to release session: Connection timed out
Jan 28 20:16:28 incentives01 sshd[14501]: pam_unix(sshd:session): session
closed for user
Jan 28 20:16:28 incentives01 sshd[14501]: pam_sss(sshd:session): Request to
sssd failed. Bad address
Jan 28 20:16:29 incentives01 sshd[14501]: fatal: login_init_entry: Cannot
find user
Jan 28 20:21:40 incentives01 sshd[26882]: Invalid user from 172.31.8.34
The system may have simply run out of ram, but wanted to check to see if
there were any known or contributing issues.
Thanks,
Jeff
Jeff Hallyburton
Strategic Systems Engineer
Bloomip Inc.
Web: http://www.bloomip.com
Engineering Support: support at bloomip.com
Billing Support: billing at bloomip.com
Customer Support Portal: https://my.bloomip.com <http://my.bloomip.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160128/76c3acc1/attachment.htm>
More information about the Freeipa-users
mailing list