Ubuntu
sssd package

sssd can't resolve hostname in config with dns

Bug #1735115 reported by Sven Sternberger
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sssd (Ubuntu)
New
Undecided
Unassigned

Bug Description

~ $ lsb_release -rd
Description: Ubuntu 17.10
Release: 17.10

~ $ apt-cache policy sssd
sssd:
  Installed: 1.15.3-2ubuntu1
  Candidate: 1.15.3-2ubuntu1
  Version table:
 *** 1.15.3-2ubuntu1 500
        500 http://de.archive.ubuntu.com/ubuntu artful/main amd64 Packages
        100 /var/lib/dpkg/status

What I expect: Login in with my ldap/kerberos credentials

What happened:
After boot my host from time to time my kerberos/ldap login don't work.
In the log (/var/log/sssd/sssd_LDAP.log) I can see
sssd has a problem to resolve the kerberos and ldap server from the config in DNS.
At the same time "getent hosts" or "host" works without problem.
After restart of the sssd service everything is ok.

In the log when it don't work:
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'KERBEROS'
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'foo.x.x' in files
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [set_server_common_status] (0x0100): Marking server 'foo.x.x' as 'resolving name'
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'foo.x.x' in files
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'foo.x.x' in DNS
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [resolv_gethostbyname_done] (0x0040): querying hosts database failed [5]: Input/output error
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [fo_resolve_service_done] (0x0020): Failed to resolve server 'foo.x.x': Could not contact DNS servers
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [set_server_common_status] (0x0100): Marking server 'foo.x.x' as 'not working'
(Wed Nov 29 09:26:24 2017) [sssd[be[LDAP]]] [be_resolve_server_process] (0x0080): Couldn't resolve server (foo.x.x), resolver returned [5]: Input/output error

When it works (after restart of sssd):
(Wed Nov 29 09:30:30 2017) [sssd[be[LDAP]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'KERBEROS'
(Wed Nov 29 09:30:30 2017) [sssd[be[LDAP]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'foo.x.x' in files
(Wed Nov 29 09:30:30 2017) [sssd[be[LDAP]]] [set_server_common_status] (0x0100): Marking server 'foo.x.x' as 'resolving name'
(Wed Nov 29 09:30:30 2017) [sssd[be[LDAP]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of 'foo.x.x' in files
(Wed Nov 29 09:30:30 2017) [sssd[be[LDAP]]] [resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of 'foo.x.x' in DNS
(Wed Nov 29 09:30:30 2017) [sssd[be[LDAP]]] [set_server_common_status] (0x0100): Marking server 'foo.x.x' as 'name resolved'

regards

Revision history for this message
Sven Sternberger (sven-sternberger) wrote :

Hmm could it be a timing dependency problem between systemd-resolve and sssd

(Wed Nov 29 09:21:28 2017) [sssd[be[LDAP]]] [fo_resolve_service_done] (0x0020): Failed to resolve server 'foo.x.x': Could not contact DNS servers

Nov 29 09:21:27 my.x.x systemd[1]: Starting Network Name Resolution...

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.