On 19.09.22 13:29, Ronald Wimmer via FreeIPA-users wrote:
On 19.09.22 13:26, Ronald Wimmer via FreeIPA-users wrote:
On 19.09.22 12:47, Sumit Bose wrote:
Am Mon, Sep 19, 2022 at 11:23:34AM +0200 schrieb Ronald Wimmer:
On 19.09.22 10:41, Sumit Bose via FreeIPA-users wrote:
Am Mon, Sep 19, 2022 at 08:28:56AM +0200 schrieb Ronald Wimmer via
FreeIPA-users:
On 14.09.22 19:23, Rob Crittenden wrote:
Ronald Wimmer via FreeIPA-users wrote:
Hi,
on one of our ipa servers kinit stopped working. kinit admin
shows an
error:
kinit: Connection reset by peer while getting default ccache
Why? What could possibly be wrong? (the default ccache should be
on the
same machine so why do I get a conn reset here?)
This may provide some additional details:
$ KRB5_TRACE=/dev/stdout kinit admin
KRB5_TRACE=/dev/stdout kinit admin
kinit: Connection refused while getting default ccache
Hi,
I guess this is a default setup where the sssd-kcm package is
installed
and the default credential cache type is set to KCM. It looks like
kinit
has issues connection to the KCM socket. KCM is socket activated, can
you check if systemd is handling the socket with
systemctl status sssd-kcm.socket
Thanks a lot. That hint helped!
After upgrading IPA relevant OS packages I do always get an I/O
error (SSSD
couldn't load the configuration database [5]: Input/output error.) from
SSSD.
"dnf reinstall sssd-common" fixes the problem. But after another
update SSSD
stops working again. (I do fix that with another reinstall...)
Hi,
do you, by chance, still have the SSSD versions before and after the
updates around?
I digged a little deeper. It has nothing todo with the updates but
with rebooting the machine.
After a reboot the directory /var/lib/sss/db is missing. So I do get a
"NOPERMISSION" error upon trying to start sssd. Doing a "dnf reinstall
sssd-common" fixes that.
sssd-common is 2.6.2-4.0.2.el8_6.1.x86_64
So... we get closer. Ages ago we put the following performance tuning
options to /etc/fstab:
#Performancetuning for SSSD/IPA
tmpfs /var/lib/sss/db/ tmpfs size=1024M,mode=0700
It looks like the directory is not created anymore by this entry.
systemctl status var-lib-sss-db.mount
● var-lib-sss-db.mount - /var/lib/sss/db
Loaded: loaded (/etc/fstab; enabled-runtime; vendor preset: disabled)
Active: active (mounted) since Mon 2022-09-19 13:42:02 CEST; 1min
30s ago
Where: /var/lib/sss/db
What: tmpfs
Docs: man:fstab(5)
man:systemd-fstab-generator(8)
Tasks: 0 (limit: 49753)
Memory: 8.0K
CGroup: /system.slice/var-lib-sss-db.mount
Sep 19 13:42:02 pipa01.linux.oebb.at systemd[1]: var-lib-sss-db.mount:
Directory /var/lib/sss/db to mount over is not empty, mounting anyway.
Sep 19 13:42:02 pipa01.linux.oebb.at systemd[1]: Mounting /var/lib/sss/db...
Sep 19 13:42:02 pipa01.linux.oebb.at systemd[1]: Mounted /var/lib/sss/db.
Looks okay but the db directory is NOT present.
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
