Learn more about these different git repos.
Other Git URLs
https://bugzilla.redhat.com/show_bug.cgi?id=840937 (Red Hat Enterprise Linux 6)
Description of problem: sssd tries to re-connect many times after a GSSAPI connection failure. Version-Release number of selected component (if applicable): 1.8.0-32 How reproducible: Always Steps to Reproduce: 1. Setup sssd for GSSAPI(refer additional info). 2. Configure sssd for the GSSAPI connection to fail(1. Add ldap_sasl_minssf=999 to the domain section. OR 2. Make the hostname unresolvable) Restart sssd. 3. Lookup a user. Actual results: User lookup fails as expected. But from the logs it seems, sssd continuously tries to re-connect to the server. /var/log/messages show: Jul 17 11:27:43 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:52 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:53 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:54 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:55 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:56 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:57 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:58 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:27:59 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:28:00 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:28:01 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:28:02 hp-dc5800-01 sssd_be: No worthy mechs found Jul 17 11:28:03 hp-dc5800-01 sssd_be: No worthy mechs found Expected results: sssd shouldn't keep trying to connect so frequently. Additional info: Domain section of my sssd.conf [domain/LDAP-KRB5] debug_level=0xFFF0 id_provider = ldap ldap_uri = ldap://SERVER ldap_search_base = dc=example,dc=com auth_provider = krb5 krb5_server = SERVER krb5_realm = EXAMPLE.COM ldap_sasl_mech = GSSAPI ldap_sasl_authid = host/CLIENT ldap_sasl_minssf=999
Fields changed
blockedby: => blocking: => coverity: => feature_milestone: => milestone: NEEDS_TRIAGE => SSSD 1.10.0 tests: => 0 testsupdated: => 0 upgrade: => 0
proposed_priority: => Nice to have
Cleaning the 1.10 milestones before putting tickets into it.
milestone: SSSD 1.10.0 => Temp milestone
Moving planned features and bug fixes into the 1.10 bucket.
milestone: Temp milestone => SSSD 1.10.0
Moving all the features planned for 1.10 release into 1.10 beta.
milestone: Temp milestone => SSSD 1.10 beta
priority: major => minor
selected: => Not need
Moving tickets that are not a priority for SSSD 1.10 into the next release.
milestone: SSSD 1.10 beta => SSSD 1.11 beta
mark: => 0
changelog: => design: => design_review: => 0 fedora_test_page: => milestone: SSSD 1.13 beta => SSSD 1.13 backlog priority: minor => trivial review: => 0
Mass-moving tickets not planned for any immediate release and re-setting priority.
milestone: SSSD 1.13 backlog => SSSD Deferred priority: trivial => major
We never saw such error again and since nobody complained about this issue either for several years, I suggest we close this ticket.
review: 0 => 1 sensitive: => 0
resolution: => worksforme status: new => closed
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD Patches welcome
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2467
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.