Re: group nvram

To: debian-devel@lists.debian.org
Subject: Re: group nvram
From: Brian May <brian@microcomaustralia.com.au>
Date: Fri, 20 Mar 2009 11:29:41 +1100
Message-id: <[🔎] 49C2E375.8000709@microcomaustralia.com.au>
In-reply-to: <[🔎] 1237472374.13789.11.camel@tomoyo>
References: <[🔎] 20090317013937.GA2973@bongo.bofh.it> <[🔎] 200903171130.35891.holger@layer-acht.org> <[🔎] 20090317013937.GA2973@bongo.bofh.it> <[🔎] 20090317085638.GA30653@www.lobefin.net> <[🔎] 20090317104252.GA4973@bongo.bofh.it> <[🔎] 20090317201956.GB17660@dario.dodds.net> <[🔎] 49C1235D.6060700@bzed.de> <[🔎] 20090318164627.GA18986@dario.dodds.net> <[🔎] 20090318181322.GA19946@bongo.bofh.it> <[🔎] 1237452589.13789.5.camel@tomoyo> <[🔎] 20090319100943.GA5485@bongo.bofh.it> <[🔎] 1237472374.13789.11.camel@tomoyo>

Josselin Mouette wrote:
> Le jeudi 19 mars 2009 à 11:09 +0100, Marco d'Itri a écrit :
>   
>> How exactly? The problem is that these groups are referenced in the udev
>> configuration but do not exist, and this causes problmes at boot time
>> with systems using LDAP.
>>     
>
> You mean, systems using only LDAP and not the local /etc/group?
>
> It looks to me that such setups are broken. Either they use /etc/group,
> either they put these groups in their LDAP, but we can’t suddently start
> supporting systems where important system groups are missing.
>   

In case its not clear, he means groups that are referenced from udev,
but are not defined in /etc/group.

So, on boot, the NSS resolver tries to find the group in /etc/group and
this fails.

The NSS resolver then tries to find the group in LDAP, but surprise,
surprise, the LDAP server doesn't respond. Keep waiting, it has to
respond soon... No answer. Lets try again... wait for it...

When of course the reason that there is no response is because udev
starts first, before networking or slapd is started.

So you get all these silly errors displaying on screen for what is a
normal condition.

If the timeouts are too large, it also can delay the boot. Significantly.

(supposedly libnss-ldapd - based on the description - is suppose to
solve this also - not sure how - I haven't been able to get it working
entirely satisfactorily).

-- 
Brian May <brian@microcomaustralia.com.au>

Reply to:

References:
- group nvram
  - From: md@Linux.IT (Marco d'Itri)
- Re: group nvram
  - From: Holger Levsen <holger@layer-acht.org>
- Re: group nvram
  - From: Stephen Gran <sgran@debian.org>
- Re: group nvram
  - From: md@Linux.IT (Marco d'Itri)
- Re: group nvram
  - From: Steve Langasek <vorlon@debian.org>
- Re: group nvram
  - From: Bernd Zeimetz <bernd@bzed.de>
- Re: group nvram
  - From: Steve Langasek <vorlon@debian.org>
- Re: group nvram
  - From: md@Linux.IT (Marco d'Itri)
- Re: group nvram
  - From: Josselin Mouette <joss@debian.org>
- Re: group nvram
  - From: md@Linux.IT (Marco d'Itri)
- Re: group nvram
  - From: Josselin Mouette <joss@debian.org>

Prev by Date: Re: group nvram
Next by Date: Re: Sponsorship requirements and copyright files
Previous by thread: Re: group nvram
Next by thread: Re: group nvram
Index(es):
- Date
- Thread