Hi,
On 11/22/18 1:28 PM, Siegfried Eichhorn wrote:
Hi
see
https://unix.stackexchange.com/questions/210604/how-to-write-a-systemd-service-unit-file-so-it-waits-until-a-specific-interface
maybe that solves it.
I am not sure if waiting for the interface solves the problem. It
should wait for DNS to succeed, shouldn't it?
Obviously I missed to add the backend log file. Here are the important
parts, AFAICT:
:
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [sdap_id_setup_tasks]
(0x0400): Setting up cleanup task for example.com
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]]
[be_fo_set_srv_lookup_plugin] (0x0400): Trying to set SRV lookup plugin to DNS
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]]
[be_fo_set_srv_lookup_plugin] (0x0400): SRV lookup plugin is now DNS
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [sysdb_get_certmap]
(0x0400): No certificate maps found.
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [dp_copy_options_ex]
(0x0400): Option ipa_domain has value example.com
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [dp_copy_options_ex]
(0x0400): Option ipa_server has value _srv_, ipa0.example.com
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [dp_copy_options_ex]
(0x0400): Option ipa_backup_server has no value
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [dp_copy_options_ex]
(0x0400): Option ipa_hostname has value srvl061.ac.example.com
:
:
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'IPA'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [resolve_srv_send] (0x0200):
The status of SRV lookup is neutral
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]]
[resolv_discover_srv_next_domain] (0x0400): SRV resolution of service 'ldap'.
Will use DNS discovery domain 'example.com'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [resolv_getsrv_send]
(0x0100): Trying to resolve SRV record of '_ldap._tcp.example.com'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [request_watch_destructor]
(0x0400): Deleting request watch
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [resolv_discover_srv_done]
(0x0040): SRV query failed [11]: Could not contact DNS servers
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [fo_set_port_status]
(0x0100): Marking port 0 of server '(no name)' as 'not working'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [resolve_srv_done] (0x0040):
Unable to resolve SRV [1432158237]: SRV lookup error
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [set_srv_data_status]
(0x0100): Marking SRV lookup of service 'IPA' as 'not resolved'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [be_resolve_server_process]
(0x0080): Couldn't resolve server (SRV lookup meta-server), resolver returned
[1432158237]: SRV lookup error
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [fo_resolve_service_send]
(0x0100): Trying to resolve service 'IPA'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]]
[resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of
'ipa0.example.com' in files
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [set_server_common_status]
(0x0100): Marking server 'ipa0.example.com' as 'resolving name'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]]
[resolv_gethostbyname_files_send] (0x0100): Trying to resolve AAAA record of
'ipa0.example.com' in files
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [resolv_gethostbyname_next]
(0x0200): No more address families to retry
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]]
[resolv_gethostbyname_dns_query] (0x0100): Trying to resolve A record of
'ipa0.example.com' in DNS
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [request_watch_destructor]
(0x0400): Deleting request watch
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [resolv_gethostbyname_done]
(0x0040): querying hosts database failed [5]: Input/output error
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [fo_resolve_service_done]
(0x0020): Failed to resolve server 'ipa0.example.com': Could not contact DNS
servers
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [set_server_common_status]
(0x0100): Marking server 'ipa0.example.com' as 'not working'
(Thu Nov 22 11:57:31 2018) [sssd[be[example.com]]] [be_resolve_server_process]
(0x0080): Couldn't resolve server (ipa0.example.com), resolver returned [5]:
Input/output error
Most easy workaround seems to be to add ipa0.example.com to /etc/hosts.
There is no problem with sysvinit, so changing init might be an option,
too.
I would prefer if the backend waits for DNS a little bit longer, of course.
Surely systemctl status sssd should not say "running", while the backend
is dead.
Regards
Harri
_______________________________________________
sssd-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
