[Freeipa-users] be_pam_handler_callback Backend returned: (3, 4, <NULL>) [Internal Error (System error)]
Harald Dunkel
harald.dunkel at aixigo.de
Tue Jan 17 09:44:14 UTC 2017
It seems something got corrupted in my ipa setup. I found this in the
sssd log file on Wheezy:
(Tue Jan 17 10:19:02 2017) [hbac_shost_attrs_to_rule] (0x0400): Processing source hosts for rule [allow_all]
(Tue Jan 17 10:19:02 2017) [hbac_eval_user_element] (0x0080): Parse error on [cn=System: Manage Host Principals+nsuniqueid=109be36e-ccd911e6-a5b3d0c8-d8da17db,cn=permissions,cn=pbac,dc=example,dc=de]
(Tue Jan 17 10:19:02 2017) [hbac_ctx_to_rules] (0x0020): Could not construct eval request
(Tue Jan 17 10:19:02 2017) [ipa_hbac_evaluate_rules] (0x0020): Could not construct HBAC rules
(Tue Jan 17 10:19:02 2017) [be_pam_handler_callback] (0x0100): Backend returned: (3, 4, <NULL>) [Internal Error (System error)]
(Tue Jan 17 10:19:02 2017) [be_pam_handler_callback] (0x0100): Sending result [4][example.de]
(Tue Jan 17 10:19:02 2017) [be_pam_handler_callback] (0x0100): Sent result [4][example.de]
This happens on a login via ssh, or if I run "su - username" as
root. The su session gives just a warning, but for sshd I have to
disable pam to allow remote logins.
Complete log is attached, of course.
Every helpful comment is highly appreciated.
Harri
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sssd_example.de.log
Type: text/x-log
Size: 10757 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170117/3f39286d/attachment.bin>
More information about the Freeipa-users
mailing list