[Pkg-sssd-devel] Bug#949001: sssd.service will not launch with installed config file permissions/ownership

Michael Prokop mika at debian.org
Mon Aug 11 07:49:28 BST 2025 

Hi,

* Malmberg, Breen E [Wed Jan 15, 2020 at 07:16:41PM +0000]:
> 
> Package: sssd
> Version: 1.15.0-3
> 
> user at host-debian9:~$ sudo apt install sssd
[...]
> Creating SSSD system user & group...
> adduser: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating.
> Created symlink /etc/systemd/system/sockets.target.wants/sssd-secrets.socket → /lib/systemd/system/sssd-secrets.socket.
> Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /lib/systemd/system/sssd.service.
> Job for sssd.service failed because the control process exited with error code.
> See "systemctl status sssd.service" and "journalctl -xe" for details.
> invoke-rc.d: initscript sssd, action "start" failed.
> ● sssd.service - System Security Services Daemon
>    Loaded: loaded (/lib/systemd/system/sssd.service; enabled; vendor preset: enabled)
>    Active: failed (Result: exit-code) since Fri 2019-03-29 11:07:38 MDT; 28ms ago
>   Process: 3253 ExecStart=/usr/sbin/sssd -i -f (code=exited, status=4)
>  Main PID: 3253 (code=exited, status=4)
> 
> Mar 29 11:07:38 host-debian9 systemd[1]: Starting System Security Services Daemon...
> Mar 29 11:07:38 host-debian9 sssd[3253]: Configuration file: /etc/sssd/sssd.conf does not exist.
> Mar 29 11:07:38 host-debian9 systemd[1]: sssd.service: Main process exited, code=exited, status=4/NOP…ISSION
> Mar 29 11:07:38 host-debian9 systemd[1]: Failed to start System Security Services Daemon.
> Mar 29 11:07:38 host-debian9 systemd[1]: sssd.service: Unit entered failed state.
> Mar 29 11:07:38 host-debian9 systemd[1]: sssd.service: Failed with result 'exit-code'.
[...]

> I have tried several different combinations of permissions and
> ownership (between sssd and root users) for the sssd.conf config
> file and the service still will not start, giving the same
> status=4/permission error each time, saying the sssd.conf file
> cannot be read.

I stumbled upon your bug report while checking for something else
being related.

FYI: file /etc/sssd/sssd.conf with root:root ownership and
permissions 0600 is known to be working fine (I can confirm this for
at least Debian buster, bullseye, bookworm and also trixie from
production usage).

Given that this bug report dates back to 2020 and was reported
against stretch (which is EOL also since 2020-07-18), this bug
report could probably get closed?

regards
-mika-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-sssd-devel/attachments/20250811/5047c952/attachment.sig>

More information about the Pkg-sssd-devel mailing list