Bug#792519: systemd-logind fails to start on system using LDAP
Lorenz Hübschle-Schneider
debian at 4z2.de
Wed Aug 3 12:26:57 BST 2016
Dear all,
I get similar symptoms (but no boot failures, just unnecessarily slow
boot times) with current unstable (systemd 231-1, dbus 1.10.8-1,
libnss-ldap 265-3+b1) using systemd-networkd instead of NetworkManager.
Loads of
> dbus-daemon[2395]: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP server
in the logs until at some point networkd connects.
I suspect that the network may only be brought up at that point because
of an NFS automount that is triggered:
> systemd[1]: home.automount: Got automount request for /home, triggered by 2458 (mount)
> systemd[1]: Starting Wait for Network to be Configured...
After that request there are some more failures (this time from nscd
instead of dbus) until the network is actually connected.
I have nss_initgroups_ignoreusers set up for all system users and
'bind_policy soft' in /etc/ldap.conf
Anything I can do to help fix this?
Best,
Lorenz
On Sun, 19 Jul 2015 15:03:53 -0300 Felipe Sateler <fsateler at debian.org>
wrote:
> On 17 July 2015 at 18:44, Daniel Schepler <dschepler at gmail.com> wrote:
> > On Wed, Jul 15, 2015 at 12:30 PM, Felipe Sateler <fsateler at debian.org>
> > wrote:
> >>
> >> On 15 July 2015 at 16:09, Daniel Schepler <dschepler at gmail.com> wrote:
> >> > On Wed, Jul 15, 2015 at 11:48 AM, Felipe Sateler <fsateler at debian.org>
> >> > wrote:
> >> >>
> >> >> Hmm. Could you please attach the upgrade logs since some time before
> >> >> the problems occurred? Might network manager have been updated in the
> >> >> meantime?
> >> >
> >> >
> >> > Attaching /var/log/dpkg.log. I think the first failed boot was
> >> > 2015-07-08
> >> > or 2015-07-09. From the previous history, the last upgrade of dbus was:
> >> >
> >> > 2015-05-20 09:46:36 upgrade dbus:amd64 1.8.16-1 1.8.18-1
> >> >
> >> >>
> >> >> Also, how do you manage your connections?
> >> >>
> >> >> I also found this old redhat bug[1]. Could you try adding a conf
> >> >> snippet to order the ldap components before dbus? Use systemctl edit
> >> >> <service> and add Before=dbus.service.
> >> >>
> >> >>
> >> >> [1] https://bugzilla.redhat.com/show_bug.cgi?id=502072
> >> >
> >> >
> >> > OK, it will be a while before I can test it because I'm doing work using
> >> > the
> >> > machine right now.
> >> >
> >> > It would appear to me from the logs that NetworkManager can't
> >> > successfully
> >> > start before dbus is available - and I would probably want to make nslcd
> >> > dependent on networking being up. Would that mean that I'd have to set
> >> > things up so it manually connects eth0 over DHCP, then starts nslcd,
> >> > then
> >> > starts dbus? And then NetworkManager would be left only managing wlan0?
> >> > And if so, where would I look for documentation on setting up the unit
> >> > to
> >> > connect eth0? (Sorry for the last very basic question.)
> >>
> >> I think (but I'm not sure) that nm will still connect without dbus
> >> available yet, but it will of course not answer any dbus requests. So
> >> it should only be necessary to order ldap before dbus.
> >>
> >> However, this solution may prove brittle. Reading the linked redhat
> >> bug there are two promsing suggestions:
> >>
> >> 1. Add 'bind_policy soft' to /etc/ldap.conf.
> >> 2. Set nss_initgroups_ignoreusers to at least
> >> 'root,dirsrv,gdm,rtkit,pulse,haldaemon,polkituser,avahi,dbus'
> >>
> >> It seems the problem is that nss_ldap is trying to query ldap for
> >> system users. That seems wrong to me, as the system should be able to
> >> work without network.
> >
More information about the Pkg-systemd-maintainers
mailing list