#3961 sssd config-check reports an error for a valid configuration option
Closed: Fixed 5 months ago by jhrozek. Opened 5 months ago by jhrozek.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 8): Bug 1677994

Description of problem:
sssctl reports a false-positive error.

# rpm -q sssd
sssd-2.0.0-43.el8.x86_64

# grep ldap_host /etc/sssd/sssd.conf
ldap_host_object_class = ipService

# systemctl restart sssd
# systemctl status sssd > /dev/null && echo $?
0

So the service starts ok, but the config-check fails:

# sssctl config-check
Issues identified by validators: 1
[rule/allowed_domain_options]: Attribute 'ldap_host_object_class' is not
allowed in section 'domain/LDAP'. Check for typos.

There is also an error in sssd.log:
# tail -1 /var/log/sssd/sssd.log
(Sun Feb 17 07:35:23:363299 2019) [sssd] [sss_ini_call_validators] (0x0020):
[rule/allowed_domain_options]: Attribute 'ldap_host_object_class' is not
allowed in section 'domain/LDAP'. Check for typos.

It doesn't matter if the option is used in 'domain' or 'sssd' section. An error
is shown in both cases.

Messages generated during configuration merging: 0

Used configuration snippet files: 0


Version-Release number of selected component (if applicable):
sssd-2.0.0-43.el8.x86_64
I can verify the same issue also on RHEL7 with sssd-1.16.2-13.el7_6.5.x86_64.

How reproducible:
always

Steps to Reproduce:
1.create a sssd ldap domain
2.add any 'ldap_host_*' config directives to the domain
3.

Actual results:
sssctl reports a configuration error

Expected results:
config check passes without an error.

Additional info:

Metadata Update from @jhrozek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1677994

5 months ago

Metadata Update from @jhrozek:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

5 months ago

Metadata Update from @jhrozek:
- Issue set to the milestone: SSSD 2.1

5 months ago

Login to comment on this ticket.

Metadata