Minor problem or bug: A few days ago I created a new OpenID realm with only the options listed below, no comments, and got an undefined value error for the comment section in domains.cfg
The OIDC client was added to pve on Aug 09 22:40 and there was a login on Aug 09 22:43 and Aug 10 21:33
The domains.cfg was created by PVE, I haven't edited it either, has a statement 'comment ' (trailing space), to my knowledge I did not even click the input bar on the creation form. The authentik realm was added ~2 years ago and has no empty comment section.
I haven't seen the log again after adding an actual comment about 40 minutes ago (Aug 13 17:00) and haven't tried removing the 'comment' block from the config.
It is really minor and easy to solve but wanted to document it in case it happens more often,
- Issuer URL: url-of-pocketID.domain.com
- Realm: pocketID
- Client ID: my-client-ID
- Client Key: my-client-key
- Username Claim: username
The OIDC client was added to pve on Aug 09 22:40 and there was a login on Aug 09 22:43 and Aug 10 21:33
Code:
journalctl -xe | grep domains.cfg
Aug 09 22:40:29 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 09 22:40:40 pve1 pvedaemon: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 09 22:41:47 pve1 pvedaemon: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 09 22:42:02 pve1 pvedaemon: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 09 22:42:56 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 09 22:43:18 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 09 22:43:18 pve1 pvedaemon: <root@pam> successful openid auth for user '<user>@pocketID'
... ... ...
Aug 09 23:11, 23:14, 23:25 same error repeating
Aug 10 21:33, 21:48, 22:18, 22:33 same error repeating
... ... ...
Aug 10 22:48 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 10 22:51 pve1 pvedaemon: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 10 22:57 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 12:35 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 12:35 pve1 pvedaemon: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 12:35 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 13:05 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 14:19 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 14:49 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 16:04 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 16:19 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined value
Aug 13 16:46 pve1 pveproxy: file /etc/pve/domains.cfg line 15 (section 'pocketID') - unable to parse value of 'comment': got undefined valueThe domains.cfg was created by PVE, I haven't edited it either, has a statement 'comment ' (trailing space), to my knowledge I did not even click the input bar on the creation form. The authentik realm was added ~2 years ago and has no empty comment section.
Code:
/etc/pve/domains.cfg
pam: pam
comment Linux PAM standard authentication
pve: pve
comment Proxmox VE authentication server
openid: authentik
client-id <>
issuer-url <>
client-key <>
default 0
username-claim username
openid: pocketID
comment
client-id <>
issuer-url <>
client-key <>
default 0
query-userinfo 1
username-claim usernameI haven't seen the log again after adding an actual comment about 40 minutes ago (Aug 13 17:00) and haven't tried removing the 'comment' block from the config.
It is really minor and easy to solve but wanted to document it in case it happens more often,