lynn said the following on 05/02/2013 12:31 PM:
On 02/05/13 14:31, Anton Aylward wrote:
*sigh* That's so obvious! You don't know if sss failed or what. maybe sss needs some precondition that doesn't exist at 'boot time' Remember, systemd is asynchronous and runs stuff in parallel whereas the old sysinit is sequential. sssd runs fine. Please look at the original post.
That's no justification for failing to to make sure that the script checks. You only said that it runs when you run it manually. My whole point was that running it manually means that things like DNS and other rpc services are now up.
The network must be available when the script runs as sssd first has to hit the DNS before it then again goes over the wire to request a TGT which it then uses get the ticket for ldap. It produces its cache just fine. My workaround is to copy the sssd cache to /tmp and rename it krb5cc_0.
I think you've jsut proven my point. Being dependent on just network services doesn't m1ean that DNS is available. That's what I got bitten on about spamassassin and why I included that note as an example. That is why I suggested the 'defensive programming' It would show you what was going on at boot time.
I need a standard MIT cache for autofs'd cifs. If it's not there the user shares are not mounted. On the KDC, I can see the mechanism. The user authenticates OK but is refused a cifs ticket until the client machine authenticates.
Just give me the kinit and I'll shut up. Honest.
The way you've set you the dependency systemd will run boot.local any time after the Ethernet port becomes live. This is not sysvinit, there is no defined sequence. It is, as i said, synchronous. It may not even have to work the same way each time :-) It almost certainly will try to run boot.local BEFORE DNS and other very basic network services are up. You might, based on what you've written above, also, and I mean also as in addition to what else I'm suggesting, make the cifs stuff, samba or whatever, dependent on boot.local. That way you're not going to get the cifst stuff unless and until kinit in boot.local runs, which is how I'm reading what you're saying above. I repeat: you need to set up your dependency properly. -- Marketing is the science of convincing us that What You Get Is What You Want. -- John Carter -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org