#4137 sysdb_getpwnam() got more users than expected.
Closed: cloned-to-github 3 years ago by pbrezina. Opened 4 years ago by orion.

I'm seeing the following in my sssd_DOMAIN.log:

(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [dp_pam_handler] (0x0100): Got request with the following data
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): command: SSS_PAM_SETCRED
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): domain: ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): user: USER@ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): service: gdm-smartcard
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): tty: /dev/tty1
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): ruser:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): rhost:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): authtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): priv: 1
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): cli_pid: 13237
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): logon name: not set
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [dp_pam_handler] (0x0100): Got request with the following data
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): command: SSS_PAM_OPEN_SESSION
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): domain: ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): user: USER@ad.DOMAIN
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): service: gdm-smartcard
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): tty: :0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): ruser:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): rhost:
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): authtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): priv: 1
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): cli_pid: 13237
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [pam_print_data] (0x0100): logon name: not set
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [ipa_pam_session_handler_get_deskprofile_user_info] (0x0020): sysdb_getpwnam() got more users than expected. Expected [1], got [0]
(Mon Jan  6 08:26:14 2020) [sssd[be[DOMAIN]]] [ipa_pam_session_handler_send] (0x0020): ipa_deskprofile_get_user_info() failed [22]: Invalid argument

relevant code seems to be src/providers/ipa/ipa_session.c:671:

    if (res->count != 1) {
        DEBUG(SSSDBG_CRIT_FAILURE,
              "sysdb_getpwnam() got more users than expected. "
              "Expected [%d], got [%d]\n", 1, res->count);
        ret = EINVAL;
        goto done;
    }

First thing that struck me was perhaps a minor one: in this case sysdb_getpwnam() returned fewer users than expected, not more. And then I'm wondering if this is a problem at all or not. It's certainly a valid user.

Code snippet is from master, but I'm running sssd-1.16.4-21.el7_7.1.x86_64. Users are in AD via trust.


Metadata Update from @thalman:
- Issue tagged with: Future milestone

4 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/5098

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @pbrezina:
- Issue close_status updated to: cloned-to-github
- Issue status updated to: Closed (was: Open)

3 years ago

Login to comment on this ticket.

Metadata