On Sun, 2013-07-14 at 12:19 +0400, Andrey Borzenkov wrote:
В Sun, 14 Jul 2013 09:19:00 +0200 lynn
пишет: On Sun, 2013-07-14 at 10:40 +0400, Andrey Borzenkov wrote:
В Sat, 13 Jul 2013 23:30:11 +0200 lynn
пишет: On Sat, 2013-07-13 at 13:42 -0700, Linda Walsh wrote:
Doesn't the time on your machine have to have synchronized with the kerberos server's time? I'm wondering if everything is in place for kerberos to do the authentication at boot time.
OMG. Linda, of course. Which is why it works fine on all the other clients!
Now I am completely confused. You mean that on this client mounting from /etc/fstab on boot does not work, but manual mounting after boot does work - still with wrong time offset?
Hi Yes, I see what you mean. The only explanation I can think of is that ntp was working but only after the tgs call. Which leaves me with the awful thought that the other clients mount not because of time sync with the KDC but only because they have their hardware time set correctly in the first pl1.00ace. Or could it be that it was in the wrong time zone? Or that the battery is dead? I think I'm going to turn a blind eye before someone mentions systemd;)
In this case you must have some messages from ntpd (or, better, from sntp that is used to initially set time) that it was doing large time jumps on startup. Do you have them? Something like
Sep 09 08:04:35 opensuse.site ntp[3730]: 9 Sep 08:04:35 sntp[3751]: Started sntp Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.752537 (-0400) -0.26917 +/- 0.032028 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.516363 (-0400) -0.00197 +/- 0.031769 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.643132 (-0400) -0.00244 +/- 0.000305 secs Sep 09 08:04:35 opensuse.site ntp[3730]: 2012-09-09 08:04:35.711645 (-0400) +0.005500 +/- 0.040375 secs Sep 09 08:04:35 opensuse.site ntp[3730]: Time synchronized with ru.pool.ntp.org
Also you could try to boot into run level 1 and verify time at this point.
There's something wrong: 2013-07-14T11:08:59.869841+01:00 catral boot.local[1109]: ntp.service loaded inactive dead LSB: Network time protocol daemon (ntpd) I think the only reason it's working is because I set the correct time in hardware somehow whilst I was messing around with ntp in yast. i.e. it's working because it isn't using ntp. Here is the log on the KDC: 2013-07-14T11:30:28.158286+02:00 hh16 systemd[1]: Starting LSB: Network time protocol daemon (ntpd)... 2013-07-14T11:30:28.685173+02:00 hh16 ntpd[1080]: ntpd 4.2.6p5@1.2349-o Fri Mar 1 11:32:34 UTC 2013 (1) 2013-07-14T11:30:28.692077+02:00 hh16 ntp[1046]: Starting network time protocol daemon (NTPD)..done 2013-07-14T11:30:28.692420+02:00 hh16 systemd[1]: Started LSB: Network time protocol daemon (ntpd). 2013-07-14T11:30:28.702504+02:00 hh16 ntpd[1081]: proto: precision = 0.114 usec 2013-07-14T11:30:28.703081+02:00 hh16 ntpd[1081]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 2013-07-14T11:30:28.703682+02:00 hh16 ntpd[1081]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 2013-07-14T11:30:28.704245+02:00 hh16 ntpd[1081]: Listen and drop on 1 v6wildcard :: UDP 123 2013-07-14T11:30:28.704796+02:00 hh16 ntpd[1081]: Listen normally on 2 lo 127.0.0.1 UDP 123 2013-07-14T11:30:28.705367+02:00 hh16 ntpd[1081]: Listen normally on 3 eth0 192.168.1.16 UDP 123 2013-07-14T11:30:28.706749+02:00 hh16 ntpd[1081]: Listen normally on 4 lo ::1 UDP 123 2013-07-14T11:30:28.707965+02:00 hh16 ntpd[1081]: peers refreshed 2013-07-14T11:30:28.708572+02:00 hh16 ntpd[1081]: Listening on routing socket on fd #21 for interface updates 2013-07-14T11:30:31.322517+02:00 hh16 boot.local[1050]: var-lib-ntp-proc.mount loaded active mounted /var/lib/ntp/proc 2013-07-14T11:30:31.330220+02:00 hh16 boot.local[1050]: ntp.service loaded active running LSB: Network time protocol daemon (ntpd) This is working fine. All the Spanish machines work with this time. e.g., here's the file server: 2013-07-14T11:37:14.609891+02:00 altea ntpd[509]: peers refreshed 2013-07-14T11:37:14.736518+02:00 altea ntpd[509]: Listening on routing socket on fd #22 for interface updates On the problem client, I used Yast to 'Now and on Boot' for ntp: 2013-07-14T10:44:06.286439+01:00 catral sntp[1247]: Started sntp 2013-07-14T10:44:06.308130+01:00 catral sntp[1247]: kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod 2013-07-14T10:44:06.538097+01:00 catral sntp[1250]: Started sntp 2013-07-14T10:44:06.578755+01:00 catral sntp[1250]: Error looking up (AAAA) 192.168.1.16: Address family for hostname not supported 2013-07-14T10:44:22.983921+01:00 catral sntp[1256]: Started sntp 2013-07-14T10:44:23.078058+01:00 catral sntp[1256]: Error looking up (A) ntp.hh3.site: Name or service not known 2013-07-14T10:44:23.253676+01:00 catral sntp[1259]: Started sntp 2013-07-14T10:44:23.274654+01:00 catral sntp[1259]: Error looking up (AAAA) ntp.hh3.site: Name or service not known 2013-07-14T10:44:32.245859+01:00 catral sntp[1263]: Started sntp 2013-07-14T10:44:32.425933+01:00 catral sntp[1266]: Started sntp 2013-07-14T10:44:32.438542+01:00 catral sntp[1266]: Error looking up (AAAA) 192.168.1.16: Address family for hostname not supported 2013-07-14T10:47:43.038770+01:00 catral sntp[1297]: Started sntp 2013-07-14T10:47:59.224708+01:00 catral systemd[1]: Starting LSB: Network time protocol daemon (ntpd)... 2013-07-14T10:47:59.655017+01:00 catral ntpd[1349]: ntpd 4.2.6p5@1.2349-o Fri Mar 1 11:32:25 UTC 2013 (1) 2013-07-14T10:47:59.665276+01:00 catral ntpd[1350]: proto: precision = 2.217 usec 2013-07-14T10:47:59.681385+01:00 catral ntp[1331]: Starting network time protocol daemon (NTPD)..done 2013-07-14T10:47:59.700763+01:00 catral systemd[1]: Started LSB: Network time protocol daemon (ntpd). 2013-07-14T10:47:59.725546+01:00 catral ntpd[1350]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 2013-07-14T10:47:59.731827+01:00 catral ntpd[1350]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 2013-07-14T10:47:59.765390+01:00 catral ntpd[1350]: Listen and drop on 1 v6wildcard :: UDP 123 2013-07-14T10:47:59.781972+01:00 catral ntpd[1350]: Listen normally on 2 lo 127.0.0.1 UDP 123 2013-07-14T10:47:59.798260+01:00 catral ntpd[1350]: Listen normally on 3 eth0 192.168.1.101 UDP 123 2013-07-14T10:47:59.839459+01:00 catral ntpd[1350]: Listen normally on 4 lo ::1 UDP 123 2013-07-14T10:47:59.866824+01:00 catral ntpd[1350]: Listen normally on 5 eth0 fe80::a00:27ff:fe7f:8e13 UDP 123 2013-07-14T10:47:59.873397+01:00 catral ntpd[1350]: peers refreshed 2013-07-14T10:47:59.891603+01:00 catral ntpd[1350]: Listening on routing socket on fd #22 for interface updates Why is it an hour slow? If I disable ntp, I get the correct time. I can now boot the cifs from fstab but users can't access it after it's booted unless I turn off ntp and reboot. They can't authenticate because of the clock skew or whatever Kerberos calls it. The time zone is wrong. The time is wrong. It was installed in UK. It's now in Spain. Why doesn't the ntp server tell it where it is? The Spanish boxes are fine. I tested one by deliberately setting the time wrong using date. Not only was the time correct, but the cifs shares got mounted too which suggests that systemd has indeed got the boot order correct and ntp is up before it hits the cifs lines in fstab. I can remember a map of the world screen in Yast installation and various time options. If I could get back to that, I'd probably be able to solve this. Is the only way to change the region of a machine by reinstalling? Thanks for your patience. L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org