[Pkg-sssd-devel] Bug#859445: sssd: Offline authentication : Access denied for user <username>: 4 (System error)

Thomas Sillard thomas.sillard at gmail.com
Mon Apr 3 15:23:03 UTC 2017


Package: sssd
Version: 1.15.0-3
Severity: important

Dear Maintainer,

We are testing SSO with Debian 9 / sssd / realmd to authenticate users on Active directory from Linux laptops.
All works fine when the computer is connected to the network, but not in offline mode.

Here is what we do : 

apt-get install -y krb5-user adcli packagekit realmd libpam-sss libnss-sss sssd sssd-tools samba-common-bin

realm join --verbose my.local.domain

-> Edit /etc/sssd/sssd.conf

[sssd]
domains = mydomain.local.lan
config_file_version = 2
services = nss, pam

[domain/mydomain.local.lan]
ad_domain = mydomain.local.lan
krb5_realm = MYDOMAIN.LOCAL.LAN
realmd_tags = manages-system joined-with-adcli 
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = false
fallback_homedir = /home/%d/%u
access_provider = ad
enumerate = true

-> Restarting sssd

service sssd restart

-> Creating file /usr/share/pam-configs/mkhomedir :

echo "Name: Create home directory during login" > /usr/share/pam-configs/mkhomedir
echo "Default: yes" >> /usr/share/pam-configs/mkhomedir
echo "Priority: 900" >> /usr/share/pam-configs/mkhomedir
echo "Session-Type: Additional" >> /usr/share/pam-configs/mkhomedir
echo "Session: required pam_mkhomedir.so umask=0022 skel=/etc/skel" >> /usr/share/pam-configs/mkhomedir

-> Updating pam config with all options checked

pam-auth-update -> "check all"

-> Adding sudo and polkit permissions for the "Domain admins" AD group

echo "%domain\ admins ALL=(ALL:ALL) ALL" > /etc/sudoers.d/domain_admins

echo "[Configuration]" > /etc/polkit-1/localauthority.conf.d/52-realmd-admin.conf
echo "AdminIdentities=unix-group:sudo;unix-group:admin;unix-group:domain admins" >> /etc/polkit-1/localauthority.conf.d/52-realmd-admin.conf

-> Reboot

With this setup, we are able to open a session on the computer with an AD user account with no problems, /var/log/auth.log looks like :

Apr  3 14:58:44 pc-tsillard-2 login[6775]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty2 ruser= rhost=  user=tsillard
Apr  3 14:58:45 pc-tsillard-2 login[6775]: pam_sss(login:auth): authentication success; logname=LOGIN uid=0 euid=0 tty=/dev/tty2 ruser= rhost= user=tsillard
Apr  3 14:58:45 pc-tsillard-2 login[6775]: pam_unix(login:session): session opened for user tsillard by LOGIN(uid=0)
Apr  3 14:58:45 pc-tsillard-2 systemd-logind[744]: New session 18 of user tsillard.

If we go in "offline" mode (i.e With network cable unplugged), authentication fails with :

Apr  3 14:59:54 pc-tsillard-2 login[7036]: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=/dev/tty2 ruser= rhost=  user=tsillard
Apr  3 15:00:00 pc-tsillard-2 login[7036]: pam_sss(login:auth): authentication success; logname=LOGIN uid=0 euid=0 tty=/dev/tty2 ruser= rhost= user=tsillard
Apr  3 15:00:00 pc-tsillard-2 login[7036]: pam_sss(login:account): Access denied for user tsillard: 4 (System error)
Apr  3 15:00:00 pc-tsillard-2 login[7036]: System error

I have reproduced on different 2 computers.
The same setup works fine with stable Debian 8.

/var/log/sssd/sssd_pam.log with debug_level = 8 in [pam] section : 

(Fri Mar 31 18:09:03 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:09:42 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:13:25 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:14:14 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:14:54 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:33:29 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:48:44 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:53:54 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Fri Mar 31 18:56:53 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Mon Apr  3 12:35:18 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Mon Apr  3 14:53:26 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [server_setup] (0x0400): CONFDB: /var/lib/sss/db/config.ldb
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [confdb_get_domain_internal] (0x1000): pwd_expiration_warning is -1
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_init_connection] (0x0400): Adding connection 0x55a8b4bdd210
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_add_watch] (0x2000): 0x55a8b4bdeb70/0x55a8b4bd7160 (13), -/W (enabled)
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_opath_hash_add_iface] (0x0400): Registering interface org.freedesktop.sssd.service with path /org/freedesktop/sssd/service
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_conn_register_path] (0x0400): Registering object path /org/freedesktop/sssd/service with D-Bus connection
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_opath_hash_add_iface] (0x0400): Registering interface org.freedesktop.DBus.Properties with path /org/freedesktop/sssd/service
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_opath_hash_add_iface] (0x0400): Registering interface org.freedesktop.DBus.Introspectable with path /org/freedesktop/sssd/service
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [monitor_common_send_id] (0x0100): Sending ID: (pam,1)
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4bdbac0
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_names_init_from_args] (0x0100): Using re [(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_init_connection] (0x0400): Adding connection 0x55a8b4be0220
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_add_watch] (0x2000): 0x55a8b4be10e0/0x55a8b4bdfdd0 (14), -/W (enabled)
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [rdp_message_send_internal] (0x0400): DP Request: /org/freedesktop/sssd/dataprovider org.freedesktop.sssd.DataProvider.Client.Register
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be18d0
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sysdb_domain_init_internal] (0x0200): DB File for mydomain.local.lan: /var/lib/sss/db/cache_mydomain.local.lan.ldb
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sysdb_domain_init_internal] (0x0200): Timestamp file for mydomain.local.lan: /var/lib/sss/db/timestamps_mydomain.local.lan.ldb
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [ldb] (0x0400): asq: Unable to register control with rootdse!
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_names_init_from_args] (0x0100): Using re [(((?P<domain>[^\\]+)\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\]+)$))].
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_fqnames_init] (0x0100): Using fq format [%1$s@%2$s].
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_process_init] (0x0400): Responder initialization complete (explicitly configured)
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [get_trusted_uids] (0x0400): All UIDs are allowed.
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'root' matched without domain, user is root
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_ncache_set_str] (0x0400): Adding [NCE/USER/mydomain.local.lan/root at mydomain.local.lan] to negative cache permanently
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'root' matched without domain, user is root
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_ncache_set_str] (0x0400): Adding [NCE/GROUP/mydomain.local.lan/root at mydomain.local.lan] to negative cache permanently
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [responder_set_fd_limit] (0x0100): Maximum file descriptors set to [8192]
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_dp_issue_request] (0x0400): Issuing request for [0x55a8b36623b0:domains at mydomain.local.lan]
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_dp_get_domains_msg] (0x0400): Sending get domains request for [mydomain.local.lan][]
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4bdb1b0
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sss_dp_internal_get_send] (0x0400): Entering request [0x55a8b36623b0:domains at mydomain.local.lan]
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4bdbac0
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [id_callback] (0x0100): Got id ack and version (1) from Monitor
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be18d0
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [rdp_process_pending_call] (0x0400): DP Success
(Mon Apr  3 14:58:02 2017) [sssd[pam]] [rdp_register_client_done] (0x0400): Client is registered with DP
(Mon Apr  3 14:58:03 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4bdb1b0
(Mon Apr  3 14:58:03 2017) [sssd[pam]] [sss_dp_get_reply] (0x1000): Got reply from Data Provider - DP error code: 0 errno: 0 error message: Success
(Mon Apr  3 14:58:03 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'root' matched without domain, user is root
(Mon Apr  3 14:58:03 2017) [sssd[pam]] [sss_ncache_set_str] (0x0400): Adding [NCE/USER/mydomain.local.lan/root at mydomain.local.lan] to negative cache permanently
(Mon Apr  3 14:58:03 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'root' matched without domain, user is root
(Mon Apr  3 14:58:03 2017) [sssd[pam]] [sss_ncache_set_str] (0x0400): Adding [NCE/GROUP/mydomain.local.lan/root at mydomain.local.lan] to negative cache permanently
(Mon Apr  3 14:58:03 2017) [sssd[pam]] [sss_dp_req_destructor] (0x0400): Deleting request: [0x55a8b36623b0:domains at mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [get_client_cred] (0x0080): The following failure is expected to happen in case SELinux is disabled:
SELINUX_getpeercon failed [92][Protocole non disponible].
Please, consider enabling SELinux in your system.
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [accept_fd_handler] (0x0400): Client connected to privileged pipe!
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_cmd_get_version] (0x0200): Received client version [3].
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_cmd_get_version] (0x0200): Offered version [3].
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_cmd_authenticate] (0x0100): entering pam_cmd_authenticate
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'tsillard' matched without domain, user is tsillard
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: not set
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 1
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/mydomain.local.lan/tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_dp_issue_request] (0x0400): Issuing request for [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_dp_get_account_msg] (0x0400): Creating request for [mydomain.local.lan][0x3][BE_REQ_INITGROUPS][name=tsillard at mydomain.local.lan:-]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be21a0
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_dp_internal_get_send] (0x0400): Entering request [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be21a0
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_dp_get_reply] (0x1000): Got reply from Data Provider - DP error code: 0 errno: 0 error message: Success
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_check_user_search] (0x0100): Requesting info for [tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for user [tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pd_set_primary_name] (0x0400): User's primary name is tsillard at mydomain.local.lan
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_initgr_cache_set] (0x2000): [tsillard] added to PAM initgroup cache
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending request with the following data:
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: mydomain.local.lan
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard at mydomain.local.lan
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 1
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sss_dp_req_destructor] (0x0400): Deleting request: [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_dp_process_reply] (0x0200): received: [0 (Succès)][mydomain.local.lan]
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [0]: Succès.
(Mon Apr  3 14:58:44 2017) [sssd[pam]] [sysdb_ldb_msg_difference] (0x2000): Replaced/extended attr [lastOnlineAuth] of entry [name=tsillard at mydomain.local.lan,cn=users,cn=mydomain.local.lan,cn=sysdb]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sysdb_set_entry_attr] (0x0200): Entry [name=tsillard at mydomain.local.lan,cn=users,cn=mydomain.local.lan,cn=sysdb] has set [cache, ts_cache] attrs.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [0]: Succès.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [filter_responses] (0x0100): [pam_response_filter] not available, not fatal.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): blen: 83
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_cmd_acct_mgmt] (0x0100): entering pam_cmd_acct_mgmt
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'tsillard' matched without domain, user is tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/mydomain.local.lan/tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_initgr_check_timeout] (0x2000): User [tsillard] found in PAM cache.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_check_user_search] (0x0100): Requesting info for [tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for user [tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pd_set_primary_name] (0x0400): User's primary name is tsillard at mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending request with the following data:
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard at mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dp_process_reply] (0x0200): received: [0 (Succès)][mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [0]: Succès.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [filter_responses] (0x0100): [pam_response_filter] not available, not fatal.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): blen: 30
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_cmd_open_session] (0x0100): entering pam_cmd_open_session
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'tsillard' matched without domain, user is tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_OPEN_SESSION
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/mydomain.local.lan/tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_initgr_check_timeout] (0x2000): User [tsillard] found in PAM cache.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_check_user_search] (0x0100): Requesting info for [tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for user [tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pd_set_primary_name] (0x0400): User's primary name is tsillard at mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending request with the following data:
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_OPEN_SESSION
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard at mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dp_process_reply] (0x0200): received: [0 (Succès)][mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [0]: Succès.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [filter_responses] (0x0100): [pam_response_filter] not available, not fatal.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): blen: 30
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_cmd_setcred] (0x0100): entering pam_cmd_setcred
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'tsillard' matched without domain, user is tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_SETCRED
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/mydomain.local.lan/tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_initgr_check_timeout] (0x2000): User [tsillard] found in PAM cache.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_check_user_search] (0x0100): Requesting info for [tsillard at mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for user [tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pd_set_primary_name] (0x0400): User's primary name is tsillard at mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending request with the following data:
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_SETCRED
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard at mydomain.local.lan
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_dp_process_reply] (0x0200): received: [0 (Succès)][mydomain.local.lan]
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [0]: Succès.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [filter_responses] (0x0100): [pam_response_filter] not available, not fatal.
(Mon Apr  3 14:58:45 2017) [sssd[pam]] [pam_reply] (0x0200): blen: 30
(Mon Apr  3 14:58:49 2017) [sssd[pam]] [pam_initgr_cache_remove] (0x2000): [tsillard] removed from PAM initgroup cache
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_cmd_close_session] (0x0100): entering pam_cmd_close_session
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'tsillard' matched without domain, user is tsillard
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_CLOSE_SESSION
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: not set
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/mydomain.local.lan/tsillard at mydomain.local.lan]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sss_dp_issue_request] (0x0400): Issuing request for [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sss_dp_get_account_msg] (0x0400): Creating request for [mydomain.local.lan][0x3][BE_REQ_INITGROUPS][name=tsillard at mydomain.local.lan:-]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sss_dp_internal_get_send] (0x0400): Entering request [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sss_dp_get_reply] (0x1000): Got reply from Data Provider - DP error code: 0 errno: 0 error message: Success
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_check_user_search] (0x0100): Requesting info for [tsillard at mydomain.local.lan]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for user [tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pd_set_primary_name] (0x0400): User's primary name is tsillard at mydomain.local.lan
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_initgr_cache_set] (0x2000): [tsillard] added to PAM initgroup cache
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending request with the following data:
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_CLOSE_SESSION
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: mydomain.local.lan
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard at mydomain.local.lan
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 6775
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be1b00
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sss_dp_req_destructor] (0x0400): Deleting request: [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be1b00
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_dp_process_reply] (0x0200): received: [0 (Succès)][mydomain.local.lan]
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [0]: Succès.
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [filter_responses] (0x0100): [pam_response_filter] not available, not fatal.
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [pam_reply] (0x0200): blen: 30
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [client_recv] (0x0200): Client disconnected!
(Mon Apr  3 14:59:35 2017) [sssd[pam]] [client_close_fn] (0x2000): Terminated client [0x55a8b4be5c40][19]
(Mon Apr  3 14:59:40 2017) [sssd[pam]] [pam_initgr_cache_remove] (0x2000): [tsillard] removed from PAM initgroup cache
(Mon Apr  3 14:59:49 2017) [sssd[pam]] [sbus_message_handler] (0x2000): Received SBUS method org.freedesktop.sssd.service.resInit on path /org/freedesktop/sssd/service
(Mon Apr  3 14:59:49 2017) [sssd[pam]] [sbus_get_sender_id_send] (0x2000): Not a sysbus message, quit
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [get_client_cred] (0x0080): The following failure is expected to happen in case SELinux is disabled:
SELINUX_getpeercon failed [92][Protocole non disponible].
Please, consider enabling SELinux in your system.
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [accept_fd_handler] (0x0400): Client connected to privileged pipe!
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sss_cmd_get_version] (0x0200): Received client version [3].
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sss_cmd_get_version] (0x0200): Offered version [3].
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_cmd_authenticate] (0x0100): entering pam_cmd_authenticate
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'tsillard' matched without domain, user is tsillard
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: not set
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 1
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 7036
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/mydomain.local.lan/tsillard at mydomain.local.lan]
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sss_dp_issue_request] (0x0400): Issuing request for [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sss_dp_get_account_msg] (0x0400): Creating request for [mydomain.local.lan][0x3][BE_REQ_INITGROUPS][name=tsillard at mydomain.local.lan:-]
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 14:59:54 2017) [sssd[pam]] [sss_dp_internal_get_send] (0x0400): Entering request [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be41b0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sss_dp_get_reply] (0x1000): Got reply from Data Provider - DP error code: 1 errno: 11 error message: Init group lookup failed
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_check_user_dp_callback] (0x0040): Unable to get information from Data Provider
Error: 1, 11, Init group lookup failed
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_check_user_search] (0x0100): Requesting info for [tsillard at mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for user [tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pd_set_primary_name] (0x0400): User's primary name is tsillard at mydomain.local.lan
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_initgr_cache_set] (0x2000): [tsillard] added to PAM initgroup cache
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending request with the following data:
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_AUTHENTICATE
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: mydomain.local.lan
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard at mydomain.local.lan
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 1
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 7036
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be3640
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sss_dp_req_destructor] (0x0400): Deleting request: [0x55a8b3660aa0:3:tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be3640
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_dp_process_reply] (0x0200): received: [9 (Le service d'authentification n'a pas pu récupérer les informations d'authentification)][mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [9]: Le service d'authentification n'a pas pu récupérer les informations d'authentification.
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sysdb_cache_auth] (0x0100): Hashes do match!
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sysdb_ldb_msg_difference] (0x2000): Replaced/extended attr [lastLogin] of entry [name=tsillard at mydomain.local.lan,cn=users,cn=mydomain.local.lan,cn=sysdb]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sysdb_set_entry_attr] (0x0200): Entry [name=tsillard at mydomain.local.lan,cn=users,cn=mydomain.local.lan,cn=sysdb] has set [cache, ts_cache] attrs.
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [0]: Succès.
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [filter_responses] (0x0100): [pam_response_filter] not available, not fatal.
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_reply] (0x0200): blen: 83
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_cmd_acct_mgmt] (0x0100): entering pam_cmd_acct_mgmt
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sss_parse_name_for_domains] (0x0200): name 'tsillard' matched without domain, user is tsillard
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: not set
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 7036
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sss_ncache_check_str] (0x2000): Checking negative cache for [NCE/USER/mydomain.local.lan/tsillard at mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_initgr_check_timeout] (0x2000): User [tsillard] found in PAM cache.
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_check_user_search] (0x0100): Requesting info for [tsillard at mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_check_user_search] (0x0400): Returning info for user [tsillard at mydomain.local.lan@mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pd_set_primary_name] (0x0400): User's primary name is tsillard at mydomain.local.lan
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_dp_send_req] (0x0100): Sending request with the following data:
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): command: SSS_PAM_ACCT_MGMT
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): domain: mydomain.local.lan
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): user: tsillard at mydomain.local.lan
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): service: login
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): tty: /dev/tty2
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): ruser: not set
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): rhost: not set
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): authtok type: 0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): newauthtok type: 0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): priv: 1
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): cli_pid: 7036
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_print_data] (0x0100): logon name: tsillard
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sbus_add_timeout] (0x2000): 0x55a8b4be1b00
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_dom_forwarder] (0x0100): pam_dp_send_req returned 0
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [sbus_remove_timeout] (0x2000): 0x55a8b4be1b00
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_dp_process_reply] (0x0200): received: [4 (Erreur système)][mydomain.local.lan]
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_reply] (0x0200): pam_reply called with result [4]: Erreur système.
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [filter_responses] (0x0100): [pam_response_filter] not available, not fatal.
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [pam_reply] (0x0200): blen: 30
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [client_recv] (0x0200): Client disconnected!
(Mon Apr  3 15:00:00 2017) [sssd[pam]] [client_close_fn] (0x2000): Terminated client [0x55a8b4be5c40][19]
(Mon Apr  3 15:00:05 2017) [sssd[pam]] [pam_initgr_cache_remove] (0x2000): [tsillard] removed from PAM initgroup cache
(Mon Apr  3 15:00:35 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Mon Apr  3 15:00:35 2017) [sssd[pam]] [sss_responder_ctx_destructor] (0x0400): Responder is being shut down
(Mon Apr  3 15:12:31 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children
(Mon Apr  3 15:14:16 2017) [sssd[pam]] [orderly_shutdown] (0x0010): SIGTERM: killing children


Regards, 

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages sssd depends on:
ii  python-sss   1.15.0-3
ii  sssd-ad      1.15.0-3
ii  sssd-common  1.15.0-3
ii  sssd-ipa     1.15.0-3
ii  sssd-krb5    1.15.0-3
ii  sssd-ldap    1.15.0-3
ii  sssd-proxy   1.15.0-3

sssd recommends no packages.

sssd suggests no packages.

-- no debconf information


More information about the Pkg-sssd-devel mailing list