Appendix A. Collecting Information for Troubleshooting IdM and SSSD Running in a Container
This appendix describes procedures that help you to troubleshoot IdM and SSSD running in a container, as well as collecting important configuration and log files that you can attach to Red Hat support tickets.
A.1. Creating an sosreport on Atomic Host
This section describes how to install and start the
rhel7/rhel-tools container, as well as creating an
rhel7/rhel-tools container uses privileged security switches that enables processes running in this container:
- To interact with all semaphores and shared memory segments on the host
- To listen to ports and raw IP traffic on the host’s network
- Interact with all processes on the host
rhel7/rhel-tools runs without any separation from the host. Using the utilities provided by this container is similar as running them as the
root user directly on the system.
# docker pull rhel7/rhel-tools
# atomic run rhel7/rhel-tools
The utility stores the archive of the collected information in the
exitto leave the container.
sosreportarchive to a support request.
A.2. Displaying the versions of IdM and SSSD containers
This section describes how to display the version of installed IdM and SSSD containers. For example, use this information to search the Red Hat Enterprise Linux Release Notes if a problem has been fixed in a newer version.
Display the version of the
# atomic images version rhel7/ipa-server IMAGE NAME VERSION IMAGE ID registry.access.redhat.com/rhel7/ipa-server:latest 4.6.5-29 9d500a8e4296
Display the version of the
# atomic images version rhel7/sssd IMAGE NAME VERSION IMAGE ID registry.access.redhat.com/rhel7/sssd:latest 7.7-12 19e5cab1c905
A.3. Creating debug logs for SSSD running in a container
This section describes how to create an archive with important SSSD configuration and log files.
# docker stop sssd
Remove the contents of the SSSD cache and log directories:
# rm -rf /var/lib/sss/db/* /var/lib/sss/mc/* /var/log/sssd/*
/etc/sssd/sssd.conffile, and set the
[domain/dockerlab.local] ... debug_level = 9 [nss] debug_level = 9
docker start sssd
/tmp/sssd-debug.tar.gzarchive that contains the relevant SSSD configuration and log files:
# tar czvf /tmp/sssd-debug.tar.gz /etc/sssd/sssd.conf /etc/nsswitch.conf /etc/krb5.conf /etc/pam.d /etc/samba/smb.conf /var/log/secure /var/log/messages /var/log/sssd
/tmp/sssd-debug.tar.gzfile to the support case.
A.4. Displaying the IdM client installation log
This section describes how you display the IdM client installation log. The log files help you to debug the problem if the client installation fails.
To display the IdM client installation log:
# cat /var/log/sssd/install/ipaclient-install.log