Pb sudo - Lenteur sudo

Voir

La machine doit pouvoir pinguer son hostname
- ping $(hostname -s)
- ping $(hostname -f)
- UseDNS no dans /etc/ssh/sshd_config
- GSSAPIAuthentication no dans /etc/ssh/sshd_config
Connexion LDAP / Service sssd - Si sssd stop est-ce OK ?
- systemctl stop sssd
- ps -ef | grep sssd
Les commandes suivantes fonctionnent-elles ? Si non voir Err timeout org.freedesktop.login1
- hostnamectl
- timedatectl

Lenteur sudo - Err timeout org.freedesktop.login1

Failed to activate service 'org.freedesktop.login1': timed out

# strace -f sudo su -c ls
recvmsg(4, {msg_namelen=0}, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) = -1 EAGAIN (Resource temporarily unavailable)
ppoll([{fd=4, events=POLLIN}], 1, {tv_sec=24, tv_nsec=999821000}, NULL, 8) = 1 ([{fd=4, revents=POLLIN}], left {tv_sec=24, tv_nsec=999682934})
recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\2\1\1\n\0\0\0\1\0\0\0=\0\0\0\6\1s\0\5\0\0\0", iov_len=24}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) = 24
recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=":1.10\0\0\0\5\1u\0\1\0\0\0\10\1g\0\1s\0\0\7\1s\0\24\0\0\0"..., iov_len=66}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) = 66
sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\1\0\1p\0\0\0\2\0\0\0\230\0\0\0\1\1o\0\27\0\0\0/org/fre"..., iov_len=168}, {iov_base="\0\0\0\0\2373\0\0\4\0\0\0sudo\0\0\0\0\3\0\0\0tty\0\4\0\0\0"..., iov_len=112}], msg_iovlen=2, msg_controllen=0, msg_flags=0}, MSG_DONTWAIT|MSG_NOSIGNAL) = 280
recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="l\4\1\1\n\0\0\0\2\0\0\0\215\0\0\0\1\1o\0\25\0\0\0", iov_len=24}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) = 24
recvmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="/org/freedesktop/DBus\0\0\0\2\1s\0\24\0\0\0"..., iov_len=146}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) = 146
recvmsg(4, {msg_namelen=0}, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC) = -1 EAGAIN (Resource temporarily unavailable)
ppoll([{fd=4, events=POLLIN}], 1, {tv_sec=24, tv_nsec=999873000}, NULL, 8

^Cstrace: Process 13215 detached
 <detached ...>

# journalctl -f
Jan 16 10:56:42 SRV_01 dbus[7464]: [system] Failed to activate service 'org.freedesktop.login1': timed out
Jan 16 10:56:42 SRV_01 sudo[10716]: pam_systemd(sudo:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out
Jan 16 10:56:42 SRV_01 sudo[10716]: pam_unix(sudo:session): session opened for user root by admin(uid=0)
Jan 16 10:56:42 SRV_01 su[12341]: (to root) admin on none
Jan 16 10:56:42 SRV_01 dbus[7464]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service'
Jan 16 10:57:07 SRV_01 dbus[7464]: [system] Failed to activate service 'org.freedesktop.login1': timed out
Jan 16 10:57:07 SRV_01 su[12341]: pam_systemd(su:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out
Jan 16 10:57:07 SRV_01 su[12341]: pam_unix(su:session): session opened for user root by admin(uid=0)
Jan 16 10:57:07 SRV_01 su[12341]: pam_unix(su:session): session closed for user root
Jan 16 10:57:07 SRV_01 sudo[10716]: pam_unix(sudo:session): session closed for user root

Solution

# systemctl daemon-reexec
systemctl restart systemd-logind

Cleanup abandoned sessions from systemd

A tester

Source https://github.com/systemd/systemd/issues/1961

Delete session files

find /run/systemd/system -name "session-*.scope" -delete

Delete session directories

rm -rf /run/systemd/system/session*scope*

Remove the abandoned sessions

systemctl | grep "abandoned" | grep -e "-[[:digit:]]" | sed "s/\.scope.*/.scope/" | xargs systemctl stop

Autre

systemctl list-units --state=abandoned -t scope --no-legend