#3663 dig-like output to syslog with "debug_level = 7"

Created 4 months ago by vojamo
Modified 2 months ago

After adding "debug_level = 7" to both main & domain sections in sssd.conf, several lines are seen in syslog (/var/log/messages for example):

Mar 9 17:10:01 serv01 systemd: Starting System Security Services Daemon...
Mar 9 17:10:01 serv01 sssd: Starting up
Mar 9 17:10:01 serv01 sssd[be[example.com]]: Starting up
Mar 9 17:10:01 serv01 sssd[nss]: Starting up
Mar 9 17:10:01 serv01 sssd[pam]: Starting up
Mar 9 17:10:01 serv01 sssd[sudo]: Starting up
Mar 9 17:10:01 serv01 sssd[ssh]: Starting up
Mar 9 17:10:01 serv01 sssd[autofs]: Starting up
Mar 9 17:10:01 serv01 sssd[pac]: Starting up
Mar 9 17:10:01 serv01 systemd: Started System Security Services Daemon.
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28891
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;4079494120.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 4079494120.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 43334
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0110#011ANY#011A
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0113600#011IN#011A#011192.0.2.1
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 4079494120.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 43334 NOERROR 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11097
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;3678625605.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 3678625605.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 23861
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0110#011ANY#011AAAA
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0113600#011IN#011AAAA#0112405:aa00:1::12
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 3678625605.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 23861 NOERROR 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18558
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;2916014891.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 2916014891.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 18913
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: 1.2.0.192.in-addr.arpa. 0#011ANY#011PTR
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 2916014891.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 18913 NOERROR 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19251
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;1048196270.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 1048196270.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 61211
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: 1.2.0.192.in-addr.arpa. 3600 IN#011PTR#011serv01.example.com.
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 1048196270.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 61211 NOERROR 0

sssd.conf(5) does not mention anything about syslog in "debug_level" section, perhaps the "Outgoing update query" lines going to syslog is a bug?

Edit: the loglevel is also "info", it should probably be "debug" instead.

sssd-1.15.2-50.el7_4.8.x86_64

I could not find the string "Outgoing update query" in tag sssd-1_15_2, so I assume these logs are coming from some other library?

Edit: seems nssupdate is called with option -d (debug) if debuglevel is 7. So we will change the debuglevel to 6 and I hope that is enough for usable logs.

Edited 2 months ago by vojamo

Login to comment on this ticket.

cancel