#4137 sysdb_getpwnam() got more users than expected.
Opened 2 months ago by orion. Modified 2 months ago

I'm seeing the following in my sssd_DOMAIN.log:

(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [dp_pam_handler] (0x0100): Got request with the following data
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): command: SSS_PAM_SETCRED
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): domain: ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): user: USER@ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): service: gdm-smartcard
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): tty: /dev/tty1
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): ruser:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): rhost:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): authtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): priv: 1
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): cli_pid: 13237
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): logon name: not set
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [dp_pam_handler] (0x0100): Got request with the following data
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): command: SSS_PAM_OPEN_SESSION
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): domain: ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): user: USER@ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): service: gdm-smartcard
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): tty: :0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): ruser:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): rhost:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): authtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): priv: 1
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): cli_pid: 13237
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): logon name: not set
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [ipa_pam_session_handler_get_deskprofile_user_info] (0x0020): sysdb_getpwnam() got more users than expected. Expected [1], got [0]
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [ipa_pam_session_handler_send] (0x0020): ipa_deskprofile_get_user_info() failed [22]: Invalid argument

relevant code seems to be src/providers/ipa/ipa_session.c:671:

    if (res->count != 1) {
        DEBUG(SSSDBG_CRIT_FAILURE,
              "sysdb_getpwnam() got more users than expected. "
              "Expected [%d], got [%d]\n", 1, res->count);
        ret = EINVAL;
        goto done;
    }

First thing that struck me was perhaps a minor one: in this case sysdb_getpwnam() returned fewer users than expected, not more. And then I'm wondering if this is a problem at all or not. It's certainly a valid user.

Code snippet is from master, but I'm running sssd-1.16.4-21.el7_7.1.x86_64. Users are in AD via trust.


Login to comment on this ticket.

Metadata