SSSD supports two representations for specifying the debug level. The
simplest is to specify a decimal value from 0-9, which represents enabling
that level and all lower-level debug messages. The more comprehensive option
is to specify a hexadecimal bitmask to enable or disable specific levels
(such as if you wish to suppress a level).
Please note that each SSSD service logs into its own log file. Also please
note that enabling debug_level
in the [sssd]
section only enables debugging just for the sssd process itself, not for the
responder or provider processes. The debug_level
parameter
should be added to all sections that you wish to produce debug logs from.
In addition to changing the log level in the config file using the
debug_level
parameter, which is persistent, but requires SSSD
restart, it is also possible to change the debug level on the fly using the
sss_debuglevel
8 tool.
Currently supported debug levels:
0, 0x0010: Fatal
failures. Anything that would prevent SSSD from starting up or causes it to
cease running.
1, 0x0020: Critical failures. An
error that doesn't kill SSSD, but one that indicates that at least one major
feature is not going to work properly.
2, 0x0040: Serious failures. An
error announcing that a particular request or operation has failed.
3, 0x0080: Minor failures. These
are the errors that would percolate down to cause the operation failure of
2.
4, 0x0100: Configuration settings.
5, 0x0200: Function data.
6, 0x0400: Trace messages for
operation functions.
7, 0x1000: Trace messages for
internal control functions.
8, 0x2000: Contents of
function-internal variables that may be interesting.
9, 0x4000: Extremely low-level
tracing information.
9, 0x20000: Performance and
statistical data, please note that due to the way requests are processed
internally the logged execution time of a request might be longer than it
actually was.
10, 0x10000: Even more low-level
libldb tracing information. Almost never really required.
To log required bitmask debug levels, simply add their numbers together as
shown in following examples:
Example: To log fatal failures, critical failures,
serious failures and function data use 0x0270.
Example: To log fatal failures, configuration settings,
function data, trace messages for internal control functions use 0x1310.
Note: The bitmask format of debug levels was introduced
in 1.7.0.
Default: 0x0070 (i.e. fatal, critical and serious
failures; corresponds to setting 2 in decimal notation)