1211438 – sssd fails to authenticate after first boot

Bug 1211438 - sssd fails to authenticate after first boot

Summary: sssd fails to authenticate after first boot

Status:	NEW

Alias:	None

Product:	openSUSE Tumbleweed
Classification:	openSUSE
Component:	Basesystem (show other bugs)
Version:	Current
Hardware:	Other Other

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	Samuel Cabrero
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-05-16 19:30 UTC by Luiz Angelo Daros de Luca
Modified:	2023-08-03 15:03 UTC (History)
CC List:	0 users

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Luiz Angelo Daros de Luca 2023-05-16 19:30:52 UTC

Hello,

After a clean installation that joins and enables sssd, a domain user cannot log because all sssd backends are in offline mode.

It looks like the issue is with DNS. If fails to resolve the dns entries with "Could not contact DNS servers" at resolv_discover_srv_done. After that, nothing more works.

The workaround from Bug 1136139 (service sssd-reload-after-network.service) does not seem to be effective anymore. Calling:

 /usr/bin/pkill --signal USR2 --pidfile /var/run/sssd.pid

does trigger some process but it does not reload the resolv content.

Using strace, it looks like it is sending the query to a DNS server at 127.0.0.1, which does not exists. If I restart the sssd service, everything works as 
expected.

This might be a regression from version 2.9.0. Old users might not detect this because their user info might be cached.