[Bug 803471] New: network not always ready when desktop logon apears for network based authentication
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c0 Summary: network not always ready when desktop logon apears for network based authentication Classification: openSUSE Product: openSUSE 12.3 Version: RC 1 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Usability AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: rob.verduijn@gmail.com QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0 it might be an idea when switching to network based logons (winbind/samba/ldap/nis/whatever) to add the network.service requirement to the systemd runlevel5.target ie change the wants line in /usr/lib/systemd/system/runlevel5.target to Wants=xdm.service network.service Because the network is not always ready by the time the login appears when using hotplug ethernet devices (thunderbolt/usb) , wireless devices and sometimes wired devices. Since a network based authentication is a bit difficult when there is no network available. workaround : grab a cup of coffee/thea/milk and drink it slowly before logging in to give the system time to establish the network connection Regards Rob Reproducible: Always Steps to Reproduce: 1. use a hotplug network device 2. configure network based logon (ie samba/winbind/ldap/nis) 3. reboot and try to logon as soon as the logon appears 4. see message about network unavailable or using cached credentials etc Actual Results: message stating that the domain is unavailable and that cached credentials will be used Expected Results: network based authentication -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c Michal Hrusecky <mhrusecky@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |yast2-maintainers@suse.de |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c Andreas Jaeger <aj@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |fcrozat@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c2 Frederic Crozat <fcrozat@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|fcrozat@suse.com |bnc-team-screening@forge.pr | |ovo.novell.com --- Comment #2 from Frederic Crozat <fcrozat@suse.com> 2013-02-25 15:53:01 UTC --- There is already a target for that, called nss-user-lookup.target It is up to services like winbind, samba, ldap, nis, whatever to be fixed to be a dependency on it and enable it. Once it is done, systemd-logind.service will automatically pulls it. So, not a systemd bug. Please reassign to whoever maitains those packages (or duplicate this bug for each package). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c3 Andreas Jaeger <aj@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |fcrozat@suse.com AssignedTo|bnc-team-screening@forge.pr |aj@suse.com |ovo.novell.com | --- Comment #3 from Andreas Jaeger <aj@suse.com> 2013-03-05 17:48:28 UTC --- Frederic, what exactly should get fixed here: $ less /usr/lib/systemd/system/ypbind.service [Unit] Description=NIS/YP (Network Information Service) Clients to NIS Domain Binder Requires=rpcbind.service After=network.target rpcbind.service ypserv.service Before=systemd-user-sessions.service [Service] Type=simple EnvironmentFile=-/etc/sysconfig/ypbind # Do not call ypbind-systemd-pre from ExecStartPre to keep the # keep OTHER_YPBIND_OPTS options which have to be passed as options # suggested by fcrozat@suse.com ExecStart=/bin/sh -c "/usr/share/ypbind/ypbind-systemd-pre; exec /usr/sbin/ypbind -n $OTHER_YPBIND_OPTS" ExecStartPost=/usr/share/ypbind/ypbind-systemd-post ExecStopPost=/bin/sh -c "/bin/rm -f /var/yp/binding/* /var/run/ypbind.pid" [Install] WantedBy=multi-user.target -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c4 --- Comment #4 from Rob Verduijn <rob.verduijn@gmail.com> 2013-03-05 21:06:26 UTC --- I tested it on a system with AD domain logins. So when using winbind to authenticate against a domain the network is not always ready when the login screen appears. I obvisously incorrectly asumed this was the case for all network related authentication. Rob -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c5 Frederic Crozat <fcrozat@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |fcrozat@suse.com InfoProvider|fcrozat@suse.com | --- Comment #5 from Frederic Crozat <fcrozat@suse.com> 2013-03-06 09:24:08 UTC --- ok, I misread the original bug report. I think when "hotplug" network is configured with network auth, the check enforcing network being present should be enabled. Currently, it is only when using ifup/sysconfig but not when using NetworkManager (/etc/sysconfig/network/config NM_ONLINE_TIMEOUT should be set to non 0 value). This should probably be done by YaST when configuring network auth. I'm discussing with upstream regarding nss-user-lookup.target if it should be pulled by some specific "user lookup" services (like winbind, ypbind, ..) when installed or if it should be the job of YaST, when configuring auth for such services. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c6 Andreas Jaeger <aj@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aj@suse.com AssignedTo|aj@suse.com |fcrozat@suse.com --- Comment #6 from Andreas Jaeger <aj@suse.com> 2013-03-06 09:39:51 UTC --- I'm using ifup and NIS and also had the problem that after bootup, NIS/autofs was not ready. This looked like some timing issue. Frederic, I'll assign this to you for now. Remember that YaST will not help with updates. My system runs ypbind and when updating via e.g. zypper dup, YaST will not touch the setup at all. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c7 --- Comment #7 from Frederic Crozat <fcrozat@suse.com> 2013-03-06 09:45:29 UTC --- this(In reply to comment #6)
I'm using ifup and NIS and also had the problem that after bootup, NIS/autofs was not ready. This looked like some timing issue.
This looks similar to bnc#806725 (but reporter was initially having NM running instead of NM). Please attach dmesg after booting with systemd.log_level=debug systemd.log_target=kmsg -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c8 --- Comment #8 from Frederic Crozat <fcrozat@suse.com> 2013-03-06 16:07:49 UTC --- (In reply to comment #5)
I'm discussing with upstream regarding nss-user-lookup.target if it should be pulled by some specific "user lookup" services (like winbind, ypbind, ..) when installed or if it should be the job of YaST, when configuring auth for such services.
so, upstream is in agreement with me. The fix for this should be to add to "network user service" (ypbind.service / winbind / openldap / ...) the following lines in the [Unit] serction: Wants=nss-user-lookup.target Before=nss-user-lookup.target This way, nss-user-lookup.target will be correctly used as a sync point, preventing user login until network user service is available. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c Frederic Crozat <fcrozat@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|fcrozat@suse.com |systemd-maintainers@suse.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=803471 https://bugzilla.novell.com/show_bug.cgi?id=803471#c Dr. Werner Fink <werner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- OS/Version|Other |openSUSE 12.3 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com