[Freeipa-users] cron reports "ORPHAN (no passwd entry)" for the @reboot jobs
Harald Dunkel
harald.dunkel at aixigo.de
Tue May 3 05:35:15 UTC 2016
Hi Lukas,
On 05/02/16 17:59, Lukas Slebodnik wrote:
> Could you provide output of "systemctl cat sssd.service"?
> In my case, it should be started before nss-user-lookup.target
>
> # /usr/lib/systemd/system/sssd.service
> [Unit]
> Description=System Security Services Daemon
> # SSSD must be running before we permit user sessions
> Before=systemd-user-sessions.service nss-user-lookup.target
> Wants=nss-user-lookup.target
>
> [Service]
> EnvironmentFile=-/etc/sysconfig/sssd
> ExecStart=/usr/sbin/sssd -D -f
> # These two should be used with traditional UNIX forking daemons
> # consult systemd.service(5) for more details
> Type=forking
> PIDFile=/var/run/sssd.pid
>
> [Install]
> WantedBy=multi-user.target
I got
# /lib/systemd/system/sssd.service
[Unit]
Description=System Security Services Daemon
# SSSD must be running before we permit user sessions
Before=systemd-user-sessions.service nss-user-lookup.target
Wants=nss-user-lookup.target
[Service]
EnvironmentFile=-/etc/sysconfig/sssd
ExecStart=/usr/sbin/sssd -D -f
# These two should be used with traditional UNIX forking daemons
# consult systemd.service(5) for more details
Type=forking
PIDFile=/var/run/sssd.pid
[Install]
WantedBy=multi-user.target
Except for the first comment line diff doesn't show a
difference.
Maybe there is a misunderstanding: IMHO its not sufficient to start
sssd before systemd-user-sessions.service and nss-user-lookup.target.
sssd and all its internal sssd_something services must have
completed their initialization (including the user database) before
these services can be started.
Here is the output of "ps -ef", created by the "@reboot" crontab
entry:
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 14:27 ? 00:00:00 /sbin/init
root 23 1 0 14:27 ? 00:00:00 /lib/systemd/systemd-journald
root 159 1 0 14:28 ? 00:00:00 dhclient -v -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases eth0
daemon 193 1 0 14:28 ? 00:00:00 /usr/sbin/atd -f
root 194 1 0 14:28 ? 00:00:00 /usr/sbin/cron -f
root 195 1 0 14:28 ? 00:00:00 /usr/sbin/ModemManager
root 198 1 0 14:28 ? 00:00:00 /usr/sbin/inetd -i
root 199 1 0 14:28 ? 00:00:00 /usr/sbin/sshd -D
root 200 1 0 14:28 ? 00:00:00 lldpd: monitor
root 201 1 0 14:28 ? 00:00:00 /usr/sbin/sssd -D -f
message+ 206 1 0 14:28 ? 00:00:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
lp 218 1 0 14:28 ? 00:00:00 /usr/sbin/lpd -s
root 220 1 0 14:28 ? 00:00:00 /usr/sbin/ntpd -p /var/run/ntpd.pid -c /var/lib/ntp/ntp.conf.dhcp -u 112:121
root 226 1 0 14:28 ? 00:00:00 /usr/sbin/certmonger -S -p /var/run/certmonger.pid -n
root 227 1 0 14:28 ? 00:00:00 /usr/sbin/rsyslogd -n
_lldpd 229 200 0 14:28 ? 00:00:00 lldpd: no neighbor
root 262 1 0 14:28 ? 00:00:00 /usr/lib/policykit-1/polkitd --no-debug
root 263 194 0 14:28 ? 00:00:00 /usr/sbin/CRON -f
zabbix 271 1 0 14:28 ? 00:00:00 /usr/sbin/zabbix_agentd
zabbix 274 271 0 14:28 ? 00:00:00 /usr/sbin/zabbix_agentd: collector [idle 1 sec]
zabbix 275 271 0 14:28 ? 00:00:00 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection]
zabbix 276 271 0 14:28 ? 00:00:00 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection]
zabbix 277 271 0 14:28 ? 00:00:00 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection]
zabbix 278 271 0 14:28 ? 00:00:00 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec]
root 492 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/ipa-submit
root 502 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/ipa-submit
Debian-+ 504 1 0 14:28 ? 00:00:00 /usr/sbin/exim4 -bd -q30m
root 505 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/ipa-submit
root 506 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/ipa-submit
root 507 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/ipa-submit
root 508 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/ipa-submit
root 509 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/certmaster-submit
root 510 263 0 14:28 ? 00:00:00 /bin/sh -c ( ps -ef; ls -al /home ) >/var/tmp/ls.log
root 511 510 0 14:28 ? 00:00:00 /bin/sh -c ( ps -ef; ls -al /home ) >/var/tmp/ls.log
root 512 201 0 14:28 ? 00:00:00 /usr/sbin/sssd -D -f
root 515 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/certmaster-submit
root 516 511 0 14:28 ? 00:00:00 ps -ef
root 517 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/certmaster-submit
root 518 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/certmaster-submit
root 519 512 0 14:28 ? 00:00:00 /usr/sbin/sssd -D -f
root 520 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/certmaster-submit
root 521 226 0 14:28 ? 00:00:00 /usr/lib/x86_64-linux-gnu/certmonger/certmaster-submit
Please note that the sssd_* jobs are missing, and yet the
cron service has been started to run this cron job.
Regards
Harri
More information about the Freeipa-users
mailing list