Issue #3663: dig-like output to syslog with "debug_level = 7" - sssd

SSSD / sssd

#3663 dig-like output to syslog with "debug_level = 7"

Closed: wontfix 4 years ago by pbrezina. Opened 6 years ago by vojamo.

After adding "debug_level = 7" to both main & domain sections in sssd.conf, several lines are seen in syslog (/var/log/messages for example):

Mar 9 17:10:01 serv01 systemd: Starting System Security Services Daemon...
Mar 9 17:10:01 serv01 sssd: Starting up
Mar 9 17:10:01 serv01 sssd[be[example.com]]: Starting up
Mar 9 17:10:01 serv01 sssd[nss]: Starting up
Mar 9 17:10:01 serv01 sssd[pam]: Starting up
Mar 9 17:10:01 serv01 sssd[sudo]: Starting up
Mar 9 17:10:01 serv01 sssd[ssh]: Starting up
Mar 9 17:10:01 serv01 sssd[autofs]: Starting up
Mar 9 17:10:01 serv01 sssd[pac]: Starting up
Mar 9 17:10:01 serv01 systemd: Started System Security Services Daemon.
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28891
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;4079494120.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 4079494120.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 43334
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0110#011ANY#011A
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0113600#011IN#011A#011192.0.2.1
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 4079494120.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 43334 NOERROR 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11097
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;3678625605.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 3678625605.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 23861
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 2, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0110#011ANY#011AAAA
Mar 9 17:10:02 serv01 sssd: serv01.example.com.#0113600#011IN#011AAAA#0112405:aa00:1::12
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 3678625605.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 23861 NOERROR 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18558
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;2916014891.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 2916014891.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 18913
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: 1.2.0.192.in-addr.arpa. 0#011ANY#011PTR
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 2916014891.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 18913 NOERROR 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19251
Mar 9 17:10:02 serv01 sssd: ;; flags:; QUESTION: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; QUESTION SECTION:
Mar 9 17:10:02 serv01 sssd: ;1048196270.sig-dc01.example.com.#011ANY TKEY
Mar 9 17:10:02 serv01 sssd: ;; ADDITIONAL SECTION:
Mar 9 17:10:02 serv01 sssd: 1048196270.sig-dc01.example.com.#0110 ANY TKEY gss-tsig. 1520590202 1520590202 3 NOERROR 1280 YIIE... 0
Mar 9 17:10:02 serv01 sssd: Outgoing update query:
Mar 9 17:10:02 serv01 sssd: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 61211
Mar 9 17:10:02 serv01 sssd: ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
Mar 9 17:10:02 serv01 sssd: ;; UPDATE SECTION:
Mar 9 17:10:02 serv01 sssd: 1.2.0.192.in-addr.arpa. 3600 IN#011PTR#011serv01.example.com.
Mar 9 17:10:02 serv01 sssd: ;; TSIG PSEUDOSECTION:
Mar 9 17:10:02 serv01 sssd: 1048196270.sig-dc01.example.com.#0110 ANY TSIG gss-tsig. 1520590202 300 28 BAQE... 61211 NOERROR 0

sssd.conf(5) does not mention anything about syslog in "debug_level" section, perhaps the "Outgoing update query" lines going to syslog is a bug?

Edit: the loglevel is also "info", it should probably be "debug" instead.

sssd-1.15.2-50.el7_4.8.x86_64

vojamo commented 5 years ago

I could not find the string "Outgoing update query" in tag sssd-1_15_2, so I assume these logs are coming from some other library?

Edit: seems nssupdate is called with option -d (debug) if debuglevel is 7. So we will change the debuglevel to 6 and I hope that is enough for usable logs.

Edited 5 years ago by vojamo

Metadata Update from @pbrezina:
- Issue tagged with: Canditate to close

4 years ago

pbrezina commented 4 years ago

Thank you for taking time to submit this request for SSSD. Unfortunately this issue was not given priority and the team lacks the capacity to work on it at this time.

Given that we are unable to fulfill this request I am closing the issue as wontfix.

If the issue still persist on recent SSSD you can request re-consideration of this decision by reopening this issue. Please provide additional technical details about its importance to you.

Thank you for understanding.

Metadata Update from @pbrezina:
- Issue close_status updated to: wontfix
- Issue status updated to: Closed (was: Open)

4 years ago

pbrezina commented 3 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/4683

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata

Assignee

None

Tags

Blocking

None

Depending on

None

Priority

minor

Milestone

None

type

None

component

None

version

None

selected

None

testsupdated

None

patch

None

rhbz

None

design_review

None

review

None

changelog

None

keywords

None

coverity

None

mark

None

blocking

None

design

None

sensitive

None

blockedby

None

feature_milestone

None

SSSD / sssd

Source Code

Documentation

#3663 dig-like output to syslog with "debug_level = 7" Closed: wontfix 4 years ago by pbrezina. Opened 6 years ago by vojamo.

Metadata

Candidate to close

#3663 dig-like output to syslog with "debug_level = 7"

Closed: wontfix 4 years ago by pbrezina. Opened 6 years ago by vojamo.