Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1661182
+++ This bug was initially created as a clone of Bug #1659656 +++ Description of problem: When I upgraded the clamav 0.101.0-1 packages from Koji using dnf, I saw the following errors in the clamav-filesystem, clamd, and clamav-milter pre-install scriplets: [sss_cache] [confdb_get_domains] (0x0010): No domains configured, fatal error! Could not open available domains usermod: sss_cache exited with status 2 usermod: Failed to flush the sssd cache. The error appears to involve no domains being configured for the sss cache of sssd. The upgrade completed as shown in the full output I put in the additional infomation part. Version-Release number of selected component (if applicable): clamav-0.101.0-1.fc29.i686 How reproducible: I ran the update once. Steps to Reproduce: 1. sudo dnf upgrade https://kojipkgs.fedoraproject.org//packages/clamav/0.101.0 /1.fc29/i686/clamav-0.101.0-1.fc29.i686.rpm https://kojipkgs.fedoraproject.org/ /packages/clamav/0.101.0/1.fc29/i686/clamav-lib-0.101.0-1.fc29.i686.rpm https:/ /kojipkgs.fedoraproject.org//packages/clamav/0.101.0/1.fc29/i686/clamav-milter- 0.101.0-1.fc29.i686.rpm https://kojipkgs.fedoraproject.org//packages/clamav/0.1 01.0/1.fc29/i686/clamav-update-0.101.0-1.fc29.i686.rpm https://kojipkgs.fedorap roject.org//packages/clamav/0.101.0/1.fc29/noarch/clamav-data-0.101.0-1.fc29.no arch.rpm https://kojipkgs.fedoraproject.org//packages/clamav/0.101.0/1.fc29/noa rch/clamav-filesystem-0.101.0-1.fc29.noarch.rpm https://kojipkgs.fedoraproject. org//packages/clamav/0.101.0/1.fc29/i686/clamd-0.101.0-1.fc29.i686.rpm 2. 3. Actual results: I saw errors in the clamav-filesystem, clamd, and clamav-milter pre-install scriplets during the clamav 0.101.0-1 upgrade from Koji. Expected results: No errors in the clamav upgrade Additional info: The full output of the upgrade was the following: sudo dnf upgrade https://kojipkgs.fedoraproject.org//packages/clamav/0.101.0/1. fc29/i686/clamav-0.101.0-1.fc29.i686.rpm https://kojipkgs.fedoraproject.org//pa ckages/clamav/0.101.0/1.fc29/i686/clamav-lib-0.101.0-1.fc29.i686.rpm https://ko jipkgs.fedoraproject.org//packages/clamav/0.101.0/1.fc29/i686/clamav-milter-0.1 01.0-1.fc29.i686.rpm https://kojipkgs.fedoraproject.org//packages/clamav/0.101. 0/1.fc29/i686/clamav-update-0.101.0-1.fc29.i686.rpm https://kojipkgs.fedoraproj ect.org//packages/clamav/0.101.0/1.fc29/noarch/clamav-data-0.101.0-1.fc29.noarc h.rpm https://kojipkgs.fedoraproject.org//packages/clamav/0.101.0/1.fc29/noarch /clamav-filesystem-0.101.0-1.fc29.noarch.rpm https://kojipkgs.fedoraproject.org //packages/clamav/0.101.0/1.fc29/i686/clamd-0.101.0-1.fc29.i686.rpm Last metadata expiration check: 18:35:08 ago on Thu 13 Dec 2018 10:39:02 PM EST. clamav-0.101.0-1.fc29.i686.rpm 254 kB/s | 360 kB 00:01 clamav-lib-0.101.0-1.fc29.i686.rpm 641 kB/s | 831 kB 00:01 clamav-milter-0.101.0-1.fc29.i686.rpm 56 kB/s | 98 kB 00:01 clamav-update-0.101.0-1.fc29.i686.rpm 112 kB/s | 89 kB 00:00 clamav-data-0.101.0-1.fc29.noarch.rpm 1.4 MB/s | 163 MB 01:55 clamav-filesystem-0.101.0-1.fc29.noarch.rpm 24 kB/s | 14 kB 00:00 clamd-0.101.0-1.fc29.i686.rpm 61 kB/s | 105 kB 00:01 Dependencies resolved. =============================================================================== ==== Package Arch Version Repository Size =============================================================================== ==== Upgrading: clamav i686 0.101.0-1.fc29 @commandline 360 k clamav-lib i686 0.101.0-1.fc29 @commandline 831 k clamav-milter i686 0.101.0-1.fc29 @commandline 98 k clamav-update i686 0.101.0-1.fc29 @commandline 89 k clamav-data noarch 0.101.0-1.fc29 @commandline 163 M clamav-filesystem noarch 0.101.0-1.fc29 @commandline 14 k clamd i686 0.101.0-1.fc29 @commandline 105 k Transaction Summary =============================================================================== ==== Upgrade 7 Packages Total size: 165 M Is this ok [y/N]: y Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: clamav-filesystem-0.101.0-1.fc29.noarch 1/1 Running scriptlet: clamav-filesystem-0.101.0-1.fc29.noarch 1/14 (Fri Dec 14 17:17:58:926064 2018) [sss_cache] [confdb_get_domains] (0x0010): No domains configured, fatal error! Could not open available domains usermod: sss_cache exited with status 2 usermod: Failed to flush the sssd cache. Upgrading : clamav-filesystem-0.101.0-1.fc29.noarch 1/14 Upgrading : clamav-data-0.101.0-1.fc29.noarch 2/14 Upgrading : clamav-update-0.101.0-1.fc29.i686 3/14 Running scriptlet: clamav-update-0.101.0-1.fc29.i686 3/14 warning: /etc/freshclam.conf created as /etc/freshclam.conf.rpmnew Upgrading : clamav-lib-0.101.0-1.fc29.i686 4/14 Running scriptlet: clamav-lib-0.101.0-1.fc29.i686 4/14 Upgrading : clamav-0.101.0-1.fc29.i686 5/14 Running scriptlet: clamd-0.101.0-1.fc29.i686 6/14 (Fri Dec 14 17:18:58:840220 2018) [sss_cache] [confdb_get_domains] (0x0010): No domains configured, fatal error! Could not open available domains usermod: sss_cache exited with status 2 usermod: Failed to flush the sssd cache. Upgrading : clamd-0.101.0-1.fc29.i686 6/14 Running scriptlet: clamd-0.101.0-1.fc29.i686 6/14 Running scriptlet: clamav-milter-0.101.0-1.fc29.i686 7/14 (Fri Dec 14 17:19:00:767503 2018) [sss_cache] [confdb_get_domains] (0x0010): No domains configured, fatal error! Could not open available domains usermod: sss_cache exited with status 2 usermod: Failed to flush the sssd cache. Upgrading : clamav-milter-0.101.0-1.fc29.i686 7/14 Running scriptlet: clamav-milter-0.101.0-1.fc29.i686 7/14 Running scriptlet: clamd-0.100.2-2.fc29.i686 8/14 Cleanup : clamd-0.100.2-2.fc29.i686 8/14 Running scriptlet: clamd-0.100.2-2.fc29.i686 8/14 Cleanup : clamav-0.100.2-2.fc29.i686 9/14 Cleanup : clamav-lib-0.100.2-2.fc29.i686 10/14 Running scriptlet: clamav-lib-0.100.2-2.fc29.i686 10/14 Cleanup : clamav-update-0.100.2-2.fc29.i686 11/14 Cleanup : clamav-data-0.100.2-2.fc29.noarch 12/14 Running scriptlet: clamav-milter-0.100.2-2.fc29.i686 13/14 Cleanup : clamav-milter-0.100.2-2.fc29.i686 13/14 Running scriptlet: clamav-milter-0.100.2-2.fc29.i686 13/14 Cleanup : clamav-filesystem-0.100.2-2.fc29.noarch 14/14 Running scriptlet: clamav-filesystem-0.100.2-2.fc29.noarch 14/14 Verifying : clamav-0.101.0-1.fc29.i686 1/14 Verifying : clamav-0.100.2-2.fc29.i686 2/14 Verifying : clamav-lib-0.101.0-1.fc29.i686 3/14 Verifying : clamav-lib-0.100.2-2.fc29.i686 4/14 Verifying : clamav-milter-0.101.0-1.fc29.i686 5/14 Verifying : clamav-milter-0.100.2-2.fc29.i686 6/14 Verifying : clamav-update-0.101.0-1.fc29.i686 7/14 Verifying : clamav-update-0.100.2-2.fc29.i686 8/14 Verifying : clamav-data-0.101.0-1.fc29.noarch 9/14 Verifying : clamav-data-0.100.2-2.fc29.noarch 10/14 Verifying : clamav-filesystem-0.101.0-1.fc29.noarch 11/14 Verifying : clamav-filesystem-0.100.2-2.fc29.noarch 12/14 Verifying : clamd-0.101.0-1.fc29.i686 13/14 Verifying : clamd-0.100.2-2.fc29.i686 14/14 Upgraded: clamav-0.101.0-1.fc29.i686 clamav-lib-0.101.0-1.fc29.i686 clamav-milter-0.101.0-1.fc29.i686 clamav-update-0.101.0-1.fc29.i686 clamav-data-0.101.0-1.fc29.noarch clamav-filesystem-0.101.0-1.fc29.noarch clamd-0.101.0-1.fc29.i686 Complete! --- Additional comment from Orion Poplawski on 2018-12-15 00:02:28 UTC --- The scriptlet is running: usermod %{updateuser} -a -G virusgroup The guidelines for users and groups (https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/) does not directly address calling usermod, but the useradd examples do not redirect stderr - presumably because it is useful at times. I'm guessing that usermod is calling sss_cache. I'm not really sure what should be done here. Let's see if the SSSD folks have an opinion about whether generating this error output is useful. It's also possible that usermod should be ignoring this error. --- Additional comment from Miro Hrončok on 2018-12-19 11:09:42 UTC --- One of our students was just hit by this at a Fedora 29 workstation. He run: $ sudo usermod -a -G dialout username And got: (Wed Dec 19 11:58:00:558187 2018) [sss_cache] [confdb_get_domains] (0x0010): No domains configured, fatal error! Could not open available domains usermod: sss_cache exited with status 2 usermod: Failed to flush the sssd cache. I cannot reproduce it on my own machine or a virtual one. I've changed the component to shadow-utils, so the maintainers are aware as well. --- Additional comment from Jakub Hrozek on 2018-12-19 11:15:56 UTC --- (In reply to Miro Hrončok from comment #2) > One of our students was just hit by this at a Fedora 29 workstation. > > He run: > > $ sudo usermod -a -G dialout username > > And got: > > (Wed Dec 19 11:58:00:558187 2018) [sss_cache] [confdb_get_domains] (0x0010): > No domains configured, fatal error! > > Could not open available domains > > usermod: sss_cache exited with status 2 > > usermod: Failed to flush the sssd cache. > > > I cannot reproduce it on my own machine or a virtual one. > > I've changed the component to shadow-utils, so the maintainers are aware as > well. shadow-utils only execs sss_cache, so sssd is the proper component. But for some reason (BZ upgrade?) I can't reassign the bug back. --- Additional comment from Sumit Bose on 2018-12-19 11:43:15 UTC --- Here you are, clicking the Component and hitting backspace worked for me. --- Additional comment from Tomas Mraz on 2018-12-19 13:00:50 UTC --- Perhaps the sss_cache should be silent by default on such errors? --- Additional comment from Jakub Hrozek on 2018-12-19 13:27:10 UTC --- (In reply to Tomas Mraz from comment #5) > Perhaps the sss_cache should be silent by default on such errors? Yes and the errors should not be produced IMO (IOW, no domains should be just a no-op). Also, I'm not sure how a no-domains error happens, there should always be at least the implicit files domain.
Metadata Update from @thalman: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1661182
Metadata Update from @lslebodn: - Issue assigned to lslebodn
https://pagure.io/SSSD/sssd/pull-request/3926
Metadata Update from @lslebodn: - Issue tagged with: PR
Metadata Update from @jhrozek: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1661182, https://bugzilla.redhat.com/show_bug.cgi?id=1653759 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1661182)
Issue linked to Bugzilla: Bug 1653759
Metadata Update from @jhrozek: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Metadata Update from @lslebodn: - Custom field design_review adjusted to on - Custom field mark adjusted to on - Custom field patch adjusted to on - Custom field review adjusted to on - Custom field sensitive adjusted to on - Custom field testsupdated adjusted to on - Issue status updated to: Open (was: Closed)
https://pagure.io/SSSD/sssd/pull-request/3940
Additional fixes: * master: * 159a231 * 2de3c5f * sssd-1-16: * 6c80847 * 3ec716b
Metadata Update from @jhrozek: - Issue set to the milestone: SSSD 2.1
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4904
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Log in to comment on this ticket.