No, home PC on Fedora, maybe it was preinstalled or something because I don’t think I ever installed that
Can you create a new user, then add the group to them?
And you did double check you don’t have that group added to your user already?( just in case?)
Uh I feel like something is wrong on my system…
[tarulia@localhost]~% sudo useradd mocktest
[sudo] password for tarulia:
(2021-04-13 18:30:27:935436): [sss_cache] [confdb_get_enabled_domain_list] (0x0040): Failed to get [domains] from [sssd], error [2] (No such file or directory)
(2021-04-13 18:30:27:935483): [sss_cache] [init_domains] (0x0020): Could not initialize domains
(2021-04-13 18:30:27:943353): [sss_cache] [confdb_get_enabled_domain_list] (0x0040): Failed to get [domains] from [sssd], error [2] (No such file or directory)
(2021-04-13 18:30:27:943407): [sss_cache] [init_domains] (0x0020): Could not initialize domains
[tarulia@localhost]~% sudo useradd mocktest
useradd: user 'mocktest' already exists
I actually just noticed that same message on the DNF History entry when I installed mock earlier…
[tarulia@localhost]~% dnf history info 641
Transaction ID : 641
Begin time : Tue 13 Apr 2021 04:00:09 CEST
Begin rpmdb : 3101:72f5f804e81979f91e13078da2b604fc3bff7c0d
End time : Tue 13 Apr 2021 04:00:13 CEST (4 seconds)
End rpmdb : 3110:37685be32032e3bb52bb6f5259e7f1490961407c
User : Tarulia <tarulia>
Return-Code : Success
Releasever : 33
Command Line : install mock
Comment :
Packages Altered:
Install distribution-gpg-keys-1.51-1.fc33.noarch @updates
Install dnf-utils-4.0.18-1.fc33.noarch @updates
Install mock-2.9-1.fc33.noarch @updates
Install mock-core-configs-34.2-1.fc33.noarch @updates
Install mock-filesystem-2.9-1.fc33.noarch @updates
Install python3-babel-2.8.1-1.fc33.noarch @updates
Install python3-jinja2-2.11.3-1.fc33.noarch @updates
Install python3-templated-dictionary-1.1-1.fc33.noarch @updates
Install python3-pyroute2-0.5.6-4.fc33.noarch @fedora
Scriptlet output:
1 (2021-04-13 4:00:10:455592): [sss_cache] [confdb_get_enabled_domain_list] (0x0040): Failed to get [domains] from [sssd], error [2] (No such file or directory)
2 (2021-04-13 4:00:10:455673): [sss_cache] [init_domains] (0x0020): Could not initialize domains
3 (2021-04-13 4:00:10:463313): [sss_cache] [confdb_get_enabled_domain_list] (0x0040): Failed to get [domains] from [sssd], error [2] (No such file or directory)
4 (2021-04-13 4:00:10:463363): [sss_cache] [init_domains] (0x0020): Could not initialize domains
Weird that this didn’t pop up right after installation 
Well that’s where it gets fuzzy…
[tarulia@localhost]~% groups
tarulia wheel
[tarulia@localhost]~% cat /etc/group | grep mock
mock:x:135:tarulia
So uh… ??? This is also after newgrp -, so new groups should have applied already.
But even then it should just not doing anything instead of error out, right?
Either way, adding the group on that… same result:
[tarulia@localhost]~% usermod -aG mock mocktest
usermod: Permission denied.
usermod: cannot lock /etc/group; try again later.
[tarulia@localhost]~% sudo !!
sudo usermod -aG mock mocktest
(2021-04-13 18:33:32:480006): [sss_cache] [confdb_get_enabled_domain_list] (0x0040): Failed to get [domains] from [sssd], error [2] (No such file or directory)
(2021-04-13 18:33:32:480058): [sss_cache] [init_domains] (0x0020): Could not initialize domains
(2021-04-13 18:33:32:486763): [sss_cache] [confdb_get_enabled_domain_list] (0x0040): Failed to get [domains] from [sssd], error [2] (No such file or directory)
(2021-04-13 18:33:32:486810): [sss_cache] [init_domains] (0x0020): Could not initialize domains
Soooo something seems broken
edit:
Actually I do remember I had to install something LDAP related way back… The Blizzard Launcher needed some authentication library that is only provided by OpenLDAP, but I never configured anything on it… I wouldn’t have assumed it does much without configuration
But that was like 2 years ago at this point, never gave me issues but probably just never noticed.
I was actually thinking about a full re-install when F34 comes out (specially with them changing default filesystem too), so that might be one more reason to do it… I’m just worried it will mess up some things even more then they are (looking at my broken audio setup).
2 Likes
[tarulia@localhost]~% cat /etc/sssd/sssd.conf
cat: /etc/sssd/sssd.conf: Permission denied
[tarulia@localhost]~% sudo !!
sudo cat /etc/sssd/sssd.conf
[sudo] password for tarulia:
cat: /etc/sssd/sssd.conf: No such file or directory
why is it permission denied when the file doesn’t even exist 
Anyway, thinking it might just have a different name, I also took a look:
[tarulia@localhost]~% sudo ls -la /etc/sssd
total 24
drwx------. 4 root root 4096 Feb 19 18:43 .
drwxr-xr-x. 181 root root 12288 Apr 13 18:33 ..
drwx--x--x. 2 root root 4096 Feb 19 18:43 conf.d
drwx--x--x. 2 root root 4096 Feb 19 18:43 pki
[tarulia@localhost]~% sudo ls -la /etc/sssd/conf.d
total 8
drwx--x--x. 2 root root 4096 Feb 19 18:43 .
drwx------. 4 root root 4096 Feb 19 18:43 ..
[tarulia@localhost]~% sudo ls -la /etc/sssd/pki
total 8
drwx--x--x. 2 root root 4096 Feb 19 18:43 .
drwx------. 4 root root 4096 Feb 19 18:43 ..
Aaanndd nothing.
Try this and reboot.
# Authentication
# install `sssd`
sudo dnf -yq install sssd
sudo systemctl enable sssd
# configure sssd for local authentication
sudo touch /etc/sssd/sssd.conf
sudo chmod 600 /etc/sssd/sssd.conf
echo "[domain/local]
id_provider = files
[sssd]
domains = local
services = nss, pam, ssh, sudo" |
sudo tee /etc/sssd/sssd.conf >/dev/null
# start `sssd`
sudo systemctl start sssd
# enable `sssd` `authselect` profile
sudo authselect select sssd \
--force \
without-nullok #\
# with-faillock #faillock optional, cockpit has a tendency to lock you out
It should restore normal local user functionality (assuming either sssd/authselect is the culprit). Also, I have gpasswd -a $user $group in my rhel scripts for adding groups. I don’t remember why, but maybe try that instead of usermod if you still have problems.
2 Likes
Looks good so far:
[tarulia@localhost]~% sudo dnf install sssd
Last metadata expiration check: 0:21:00 ago on Tue 13 Apr 2021 18:59:47 CEST.
Package sssd-2.4.2-2.fc33.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[tarulia@localhost]~% sudo systemctl enable sssd
[tarulia@localhost]~% sudo touch /etc/sssd/sssd.conf
[tarulia@localhost]~% sudo chmod 600 /etc/sssd/sssd.conf
[tarulia@localhost]~% echo "[domain/local]
id_provider = files
[sssd]
domains = local
services = nss, pam, ssh, sudo" |
sudo tee /etc/sssd/sssd.conf >/dev/null
[tarulia@localhost]~% sudo systemctl start sssd
[tarulia@localhost]~% sudo authselect select sssd \
--force \
without-nullok
Backup stored at /var/lib/authselect/backups/2021-04-13-17-22-18.E5N17z
Profile "sssd" was selected.
The following nsswitch maps are overwritten by the profile:
- passwd
- group
- netgroup
- automount
- services
Make sure that SSSD service is configured and enabled. See SSSD documentation for more information.
rebooting now…
Back after reboot… aaaannd:
[tarulia@localhost]~% groups
tarulia wheel mock
I didn’t even use the usermod or gpasswd yet… so I guess it was writing to the file correctly, but not applying it with the newgrp -? Weird… altho I did use the gpasswd before that sssd fix just to see if it would work, but it looked no different from the usermod.
edit:
Tried just removing the mock group and newgrp - doesn’t seem to reload my groups like it’s supposed to (unless I’m misinterpreting what the man page says)… but at least I’m not getting that SSSD error anymore, so that’s a start!
OK so no idea what that did but it worked, so thanks for that 
2 Likes
Some parts of this might be outdated on Fedora, but here’s where that came from:
Some useful config in there. Took a decent amount of time to work it all out.
1 Like
Damn that is a lot of config 
Although I’m more curious about is how it broke in the first place If it was already there when I installed OpenLDAP and I just never noticed or what…
Afaik, that sssd config should completely divorce your user/group config from any external directories like ldap.
What are you trying to accomplish with newgrp -? Was the mock group successfully deleted?
Well if I understand the mock user documentation and the man-page for newgrp - right it should reload the current environment and with it all new groups.
It was when I logged out and back in (and also added again after usermodding again)
Ah I see. If you log out and back in does the group membership work as expected? Seems like newgrp is just a convenience, so if it’s not behaving, you can just not use it, right?
Yes that worked as expected. Not sure why newgrp wouldn’t but oh well 
1 Like
Anyone an idea, how to resolve this?
::1 is an ipv6 local host address.
try setting your programs local host to 127.0.0.1
its likely set to 0.0.0.0 or some other value that isnt ::1
so the program can assign the address to it.
as to how and where you find the setting for it? i have no idea.
maybe an option in a script or webui you can change.
or as a hail Mary
redirect your hosts file 127.0.0.1 0.0.0.0
^^ no idea if this will work.
1 Like
Thank you, very helpful! I went through the code until I found a config file that sets a variable referencing the hostname to localhost. I changed that to 127.0.0.1 and the program successfully started.
The docker base image for Ubuntu is very sparse and misses everything that is not totally necessary. Do you know of anything that could be missing that could lead to localhost not being resolved to 127.0.0.1?
1 Like
sorry mate.
im new to all this linux ip routing stuff myself.
and pretty much learning as im answering
1 Like
What is in /etc/hosts?
It should resolve to both.
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.17.0.2 80692ff4e537
This is/etc/hosts.
edit:
Forget the below, I somehow managed, I don’t know why it works and at this point I don’t much care. Just leaving it for reference -__-
TLDR (you really don’t need to): Working with ` in a string is a bitch.
Solution was throwing the client ID into a new (bash) variable using twitch_cid='%{_twitch_cid}' and then using that, instead of using the macro/value directly.
Well… I say solution… it’s compiling, who knows if it’ll actually work
OK I need help…
I’ve been banging my head against the wall for like 2 hours now trying to properly escape a goddamn string.
The situation:
- I have a string (client-identifier), that has multiple
`in it, meaning I need to escape it one way or another - I pass that string to
mockusing--rpmbuild-opts(have to escape the`there already), which in turn passes it on torpmbuildas--define - I got to the point where I can echo a test-string (without
`) in the spec file, but it fails when - I need to pass on that string to the
%cmake3macro in the RPM, and need to escape it there too (because of the`).
Here is where it gets hairy. I cannot get it to pass on my test string in quoted form. No matter what I do, it seems to remove the quotes… just now I also found the %{quote:...} macro that should do what I need:
%{quote:…} quote a parametric macro argument, needed to pass
empty strings or strings with whitespace (in >= 4.14.0)
But that’s not working either:
From what I gathered $' ...' in bash (which mock uses), means that it simply expands escape sequences. And in theory that would be cool, except when I test this in bash:
echo $'-DTWITCH_CLIENTID=\037twitch_cid\037'
>>> -DTWITCH_CLIENTID=twitch_cid
echo $'-DTWITCH_CLIENTID=\037abc\`def\037'
>>> -DTWITCH_CLIENTID=abc\`def
echo $'-DTWITCH_CLIENTID=\037abc`def\037'
>>> -DTWITCH_CLIENTID=abc`def
i.e., the thing I wanted to escape is not.
I also tried countless combinations of ' and ", trying to echo them alongside the variable, using echo and quote in various combinations and I’m just stuck.
I also went back to the very base, just bash…
echo '\'abc\`def\''
> ^C
echo '\'abc\`def\'';
> ^C
echo 'abc'
abc
echo 'abc\`def'
abc\`def
echo '\'abc\`def\''
> ^C
… it just enters a prompt, no wonder this isn’t working. Can anyone tell me why? 