时间戳

首页 > 解决方案 > docker 容器上的 SSSD (Ubuntu)

ubuntu-16.04 - docker 容器上的 SSSD (Ubuntu)

问题描述

我正在尝试将 ubuntu docker 容器与 FreeIPA 集成,并在安装 FreeIPA-client --install 时遇到错误

Created /etc/ipa/default.conf
New SSSD config will be created
Configured sudoers in /etc/nsswitch.conf
Configured /etc/sssd/sssd.conf
Configured /etc/krb5.conf for IPA realm BLABS.COM
trying https://vilma.com/ipa/json
Forwarding 'ping' to json server 'https://vilma.com/ipa/json'
Forwarding 'ca_is_enabled' to json server 'https://vilma.com/ipa/json'
Systemwide CA database updated.
Adding SSH public key from /etc/ssh/ssh_host_dsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ed25519_key.pub
Adding SSH public key from /etc/ssh/ssh_host_ecdsa_key.pub
Adding SSH public key from /etc/ssh/ssh_host_rsa_key.pub
Forwarding 'host_mod' to json server 'https://vilma/ipa/json'
SSSD enabled
SSSD service restart was unsuccessful.
Configured /etc/openldap/ldap.conf
Unable to find 'admin' user with 'getent passwd admin@vilma.com'!
Unable to reliably detect configuration. Check NSS setup manually.
NTP enabled

我尝试通过键入 sssd 并收到以下消息来手动启动 sssd

 ldb: unable to open modules directory '/usr/lib/x86_64-linux-gnu/ldb/modules/ldb' - Permission denied
 (Sun Oct 14 20:55:17:078716 2018) [sssd] [load_configuration] (0x0010): The confdb initialization failed
(Sun Oct 14 20:55:17:078750 2018) [sssd] [main] (0x0020): SSSD couldn't load the configuration database.

我感谢您的帮助

标签: ubuntu-16.04docker-containerfreeipasssd

解决方案

万一其他人遇到这种情况,问题是overlayfsdocker 使用的 导致正在使用的ldb数据库出现问题sssd

所以你需要:

  1. 移动到Dockerfile 中的/usr/lib/x86_64-linux-gnu/ldb/modules/ldb另一个路径(例如)/usr/lib/x86_64-linux-gnu/ldb/modules/ldb-orig
  2. 然后,sssd在您的容器中开始之前,您必须创建一个空卷并将其挂载到/usr/lib/x86_64-linux-gnu/ldb/modules/ldb
  3. /usr/lib/x86_64-linux-gnu/ldb/modules/ldb然后将from的原始内容复制/usr/lib/x86_64-linux-gnu/ldb/modules/ldb-orig到新卷中
  4. 然后开始sssd

推荐阅读