#3120 SSSD fails to start when ldap_user_extra_attrs contains mail
Closed: Fixed None Opened 5 years ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1362023

Description of problem:

For a long time, we've recommended adding mail to ldap_user_extra_attrs when it
should be made available via ifp, for example at

   http://www.freeipa.org/page/Web_App_Authentication/Example_setup

Now that change causes SSSD to fail to start.

Version-Release number of selected component (if applicable):

sssd-1.14.0-14.el7.x86_64

How reproducible:

Deterministic.

Steps to Reproduce:
1. Put line ldap_user_extra_attrs = mail, firstname:givenname, lastname:sn to
[domain/*] section of sssd.conf on IPA-enrolled machine.
2. Run systemctl restart sssd

Actual results:

Job for sssd.service failed because the control process exited with error code.
See "systemctl status sssd.service" and "journalctl -xe" for details.

Aug 01 04:02:09 client.example.test sssd[be[example.test]][5624]: Starting up
Aug 01 04:02:10 client.example.test sssd[be[example.test]][5625]: Starting up
Aug 01 04:02:12 client.example.test sssd[be[example.test]][5626]: Starting up
Aug 01 04:02:15 client.example.test sssd[pam][5637]: Starting up
Aug 01 04:02:16 client.example.test sssd[be[example.test]][5639]: Starting up
Aug 01 04:02:16 client.example.test sssd[5623]: Exiting the SSSD. Could not
restart critical service [example.test].
Aug 01 04:02:16 client.example.test systemd[1]: sssd.service: control process
exited, code=exited status=1
Aug 01 04:02:16 client.example.test systemd[1]: Failed to start System Security
Services Daemon.
Aug 01 04:02:16 client.example.test systemd[1]: Unit sssd.service entered
failed state.
Aug 01 04:02:16 client.example.test systemd[1]: sssd.service failed.

/var/log/sssd/sssd_example.test.log contains

(Mon Aug  1 03:58:40 2016) [sssd[be[example.test]]] [sdap_extend_map] (0x0010):
Attribute mail (mail in LDAP) is already used by SSSD, please choose a
different cache name
(Mon Aug  1 03:58:40 2016) [sssd[be[example.test]]] [dp_module_run_constructor]
(0x0010): Module [ipa] constructor failed [1432158247]: Extra attribute is a
duplicate
(Mon Aug  1 03:58:40 2016) [sssd[be[example.test]]] [dp_target_init] (0x0010):
Unable to load module ipa
(Mon Aug  1 03:58:40 2016) [sssd[be[example.test]]] [be_process_init] (0x0010):
Unable to setup data provider [1432158209]: Internal Error
(Mon Aug  1 03:58:40 2016) [sssd[be[example.test]]] [main] (0x0010): Could not
initialize backend [1432158209]

Expected results:

No error, SSSD starts just fine.

Additional info:

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
mark: no => 0
milestone: NEEDS_TRIAGE => SSSD 1.14.1
owner: somebody => mzidek
review: True => 0
selected: =>
testsupdated: => 0

Fields changed

status: new => assigned

Fields changed

patch: 0 => 1

resolution: => fixed
status: assigned => closed

Metadata Update from @jhrozek:
- Issue assigned to mzidek
- Issue set to the milestone: SSSD 1.14.1

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4153

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata