Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#1037930: sssd-pac.service fails to start after Debian 12 upgrade (fatal error setting up backend connector)
607 views
Skip to first unread message
Adam Cecile
Jun 14, 2023, 9:40:05 AM6/14/23
to
Package: sssd
Version: 2.8.2-4
Severity: normal
Dear Maintainer,
I am not sure to understand what is going on but all my servers being upgraded
from Debian 11 to Debian 12 with MS Active Directory integration using SSSD
starts reporting systemctl issues with sssd-pac service/socket failing to
start.
When being started manually with "/usr/libexec/sssd/sssd_pac --logger=stderr
--socket-activated --debug-level=8":
[pac] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
(2023-06-14 15:21:20): [pac] [server_setup] (0x3f7c0): Starting with debug
level = 0x37f0
(2023-06-14 15:21:20): [pac] [server_setup] (0x0400): CONFDB:
/var/lib/sss/db/config.ldb
(2023-06-14 15:21:20): [pac] [schedule_responder_idle_timer] (0x2000): Re-
scheduling the idle timeout [responder_idle_timeout] for the responder
[0x55892f921550]
(2023-06-14 15:21:20): [pac] [setup_responder_idle_timer] (0x2000): Setting up
the idle timeout [responder_idle_timeout] for the responder [0x55892f921550]
(2023-06-14 15:21:20): [pac] [confdb_init_domain_provider_and_enum] (0x0400):
No enumeration for [ad.domain.com]!
(2023-06-14 15:21:20): [pac] [confdb_init_domain_provider_and_enum] (0x0400):
Please note that when enumeration is disabled `getent passwd` does not return
all users by design. See sssd.conf man page for more detailed information
(2023-06-14 15:21:20): [pac] [confdb_init_domain_pwd_expire] (0x1000):
pwd_expiration_warning is 21
(2023-06-14 15:21:20): [pac] [confdb_init_domain_pwd_expire] (0x0100): Setting
domain password expiration warning to 21 days
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell /bin/sh
in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/bin/bash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/bash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/bin/rbash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/rbash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/bin/dash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/dash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/screen in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/sh in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_names_init_from_args] (0x0100): Using re
[(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>.+)@(?P<domain>[^@]+$))|(^(?P<name>[^@\\]+)$))].
(2023-06-14 15:21:20): [pac] [sss_fqnames_init] (0x0100): Using fq format
[%1$s@%2$s].
(2023-06-14 15:21:20): [pac] [sbus_dbus_request_name] (0x0020): Unable to
request name on the system bus [3]
(2023-06-14 15:21:20): [pac] [sss_dp_init] (0x0010): Failed to connect to
backend server.
(2023-06-14 15:21:20): [pac] [sss_process_init] (0x0010): fatal error setting
up backend connector
(2023-06-14 15:21:20): [pac] [sss_responder_ctx_destructor] (0x0400): Responder
is being shut down
(2023-06-14 15:21:20): [pac] [pac_process_init] (0x0010): sss_process_init()
failed
Such error does not occurs on Debian 11.
Sadly Internet is not really helping on this one so I have no idea of what to
look for. Everything seems to be working correctly despite the failing service.
Any idea ?
Best regards, Adam.
Version: 2.8.2-4
Severity: normal
Dear Maintainer,
I am not sure to understand what is going on but all my servers being upgraded
from Debian 11 to Debian 12 with MS Active Directory integration using SSSD
starts reporting systemctl issues with sssd-pac service/socket failing to
start.
When being started manually with "/usr/libexec/sssd/sssd_pac --logger=stderr
--socket-activated --debug-level=8":
[pac] [ldb] (0x0400): server_sort:Unable to register control with rootdse!
(2023-06-14 15:21:20): [pac] [server_setup] (0x3f7c0): Starting with debug
level = 0x37f0
(2023-06-14 15:21:20): [pac] [server_setup] (0x0400): CONFDB:
/var/lib/sss/db/config.ldb
(2023-06-14 15:21:20): [pac] [schedule_responder_idle_timer] (0x2000): Re-
scheduling the idle timeout [responder_idle_timeout] for the responder
[0x55892f921550]
(2023-06-14 15:21:20): [pac] [setup_responder_idle_timer] (0x2000): Setting up
the idle timeout [responder_idle_timeout] for the responder [0x55892f921550]
(2023-06-14 15:21:20): [pac] [confdb_init_domain_provider_and_enum] (0x0400):
No enumeration for [ad.domain.com]!
(2023-06-14 15:21:20): [pac] [confdb_init_domain_provider_and_enum] (0x0400):
Please note that when enumeration is disabled `getent passwd` does not return
all users by design. See sssd.conf man page for more detailed information
(2023-06-14 15:21:20): [pac] [confdb_init_domain_pwd_expire] (0x1000):
pwd_expiration_warning is 21
(2023-06-14 15:21:20): [pac] [confdb_init_domain_pwd_expire] (0x0100): Setting
domain password expiration warning to 21 days
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell /bin/sh
in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/bin/bash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/bash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/bin/rbash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/rbash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/bin/dash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/dash in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/screen in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_get_etc_shells] (0x0400): Found shell
/usr/bin/sh in /etc/shells
(2023-06-14 15:21:20): [pac] [sss_names_init_from_args] (0x0100): Using re
[(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>.+)@(?P<domain>[^@]+$))|(^(?P<name>[^@\\]+)$))].
(2023-06-14 15:21:20): [pac] [sss_fqnames_init] (0x0100): Using fq format
[%1$s@%2$s].
(2023-06-14 15:21:20): [pac] [sbus_dbus_request_name] (0x0020): Unable to
request name on the system bus [3]
(2023-06-14 15:21:20): [pac] [sss_dp_init] (0x0010): Failed to connect to
backend server.
(2023-06-14 15:21:20): [pac] [sss_process_init] (0x0010): fatal error setting
up backend connector
(2023-06-14 15:21:20): [pac] [sss_responder_ctx_destructor] (0x0400): Responder
is being shut down
(2023-06-14 15:21:20): [pac] [pac_process_init] (0x0010): sss_process_init()
failed
Such error does not occurs on Debian 11.
Sadly Internet is not really helping on this one so I have no idea of what to
look for. Everything seems to be working correctly despite the failing service.
Any idea ?
Best regards, Adam.
Adam Cecile
Aug 28, 2023, 11:30:06 AM8/28/23
to
Hello,
Upstream provided a fix after contacting them using mailing list:
They suggest default Debian configuration is incorrect and sssd section should have "implicit_pac_responder = false".
Best regards, Adam.
0 new messages