On 12/30/22 04:06, Jelle de Jong wrote:
> On 12/27/22 22:55, Gordon Messmer wrote:
>> On 2022-12-25 07:44, Jelle de Jong wrote:
>>> A recent update of the sssd-common-2.8.1-1.el8.x86_64 package is
>>> causing sssd.service systemctl failures all over my CentosOS machines.
>> ...
>>> [sssd] [confdb_expand_app_domains] (0x0010): No domains configured,
>>> fatal error!
>>
>>
>> Were you previously using sssd? Or is the problem merely that it is
>> now reporting an error starting a service that you don't use?
>>
>> Are there any files in /etc/sssd/conf.d, or does /etc/sssd/sssd.conf
>> exist? If so, what are the contents of those files?
>>
>> What are the contents of /usr/lib/systemd/system/sssd.service?
>>
>> If you run "journalctl -u sssd.service", are there any log entries
>> older than the package update?
>
> I got a monitoring system for failing services and I sudenly started
> getting dozens of notifications for all my CentOS systems that sssd was
> failing. This is after the sssd package updates, causing this
> regression. SSSD services where not really in use but some of the common
> libraries are used.
>
> # systemctl status sssd
> ● sssd.service - System Security Services Daemon
> Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled;
> vendor preset: enabled)
> Active: failed (Result: exit-code) since Sat 2022-12-24 06:14:10
> UTC; 6 days ago
> Condition: start condition failed at Fri 2022-12-30 11:02:01 UTC; 4s ago
> ├─ ConditionPathExists=|/etc/sssd/sssd.conf was not met
> └─ ConditionDirectoryNotEmpty=|/etc/sssd/conf.d was not met
> Main PID: 3953157 (code=exited, status=4)
>
> Warning: Journal has been rotated since unit was started. Log output is
> incomplete or unavailable.
> # ls -halt /etc/sssd/conf.d/
> total 8.0K
> drwx--x--x. 2 sssd sssd 4.0K Dec 8 13:08 .
> drwx------. 4 sssd sssd 4.0K Dec 8 13:08 ..
> # ls -halZ /etc/sssd/conf.d/
> total 8.0K
> drwx--x--x. 2 sssd sssd system_u:object_r:sssd_conf_t:s0 4.0K Dec 8
> 13:08 .
> drwx------. 4 sssd sssd system_u:object_r:sssd_conf_t:s0 4.0K Dec 8
> 13:08 ..
> # ls -halZ /etc/sssd/sssd.conf
> ls: cannot access '/etc/sssd/sssd.conf': No such file or directory
>
> # journalctl -u sssd.service --lines 100000
> -- Logs begin at Mon 2022-12-26 22:15:31 UTC, end at Fri 2022-12-30
> 11:05:26 UTC. --
> -- No entries --
>
> Kind regards,
>
> Jelle de Jong
I don't quite understand where this:
Main PID: 3953157 (code=exited, status=4)
came from. As it seems like sssd was started at some point and failed.
But that shouldn't have happened because:
Condition: start condition failed at Fri 2022-12-30 11:02:01 UTC; 4s ago
├─ ConditionPathExists=|/etc/sssd/sssd.conf was not met
└─ ConditionDirectoryNotEmpty=|/etc/sssd/conf.d was not met
It's telling you that because /etc/sssd/sssd.conf does not exist and
/etc/sssd/sssd.conf.d is not empty, the service was not started because
the conditions were not met. This is as expected in your case.
If you don't want it to even check, just disable the service:
systemctl disable sssd.service
I'm not sure which of these or both that your service monitoring is
keying off of. And perhaps by disabling it your monitoring system will
be quiet about it.
--
Orion Poplawski
he/him/his - surely the least important thing about me
IT Systems Manager 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion at nwra.com
Boulder, CO 80301 https://www.nwra.com/