sys-apps/kmod installs /etc/init.d/kmod-static-nodes, which on boot generates file /run/tmpfiles.d/kmod.conf. This file is used by /etc/init.d/tmpfiles.setup and /etc/init.d/tmpfiles.dev in order to read the list of static device files which have to be created in /dev. When a system is configured to use LDAP, through setting up at least passwd, shadow and group entries of /etc/nsswitch.conf to something similar to: passwd: files ldap shadow: files ldap group: files ldap user lookups are first done in local files, and then in LDAP. If you setup /etc/ldap.conf properly (through nss_initgroups_ignoreusers directive), nss_ldap skips looking for the users you tell there, which is useful when the machine is booting and the network is not yet online. But even with that, as it is documented in next blog entry: https://bugs.archlinux.org/task/27984 when /lib/rc/sh/tmpfiles.sh uses files which contain entries where user or group declarations are not names (i.e. numbers or the dash), then nss_ldap does not skip the search. This search will hang on scenarios where there is no reachable LDAP server, like booting. kmod, on boot time, generates compatible tmpfiles.d configuration files, containing dashes for the user and group declarations of each entry. Reproducible: Always Steps to Reproduce: 1. Install kmod and nss_ldap 2. Setup your system to retrieve the list of users and groups through LDAP 3. Reboot your system Actual Results: The system stalls on /etc/init.d/tmpfiles.setup and /etc/init.d/tmpfiles.dev when /lib/rc/sh/tmpfiles.sh processes file /run/tmpfiles.d/kmod.conf, generated inside /etc/init.d/kmod-static-nodes by 'kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf' due the generated file uses dashes, for instance: c /dev/fuse 0600 - - - 10:229 c /dev/loop-control 0600 - - - 10:237 d /dev/net 0755 - - - c /dev/net/tun 0600 - - - 10:200 d /dev/snd 0755 - - - c /dev/snd/timer 0600 - - - 116:33 d /dev/snd 0755 - - - c /dev/snd/seq 0600 - - - 116:1 instead of named user/group declarations: c /dev/fuse 0600 root root - 10:229 c /dev/loop-control 0600 root root - 10:237 d /dev/net 0755 root root - c /dev/net/tun 0600 root root - 10:200 d /dev/snd 0755 root root - c /dev/snd/timer 0600 root root - 116:33 d /dev/snd 0755 root root - c /dev/snd/seq 0600 root root - 116:1 Expected Results: When /etc/init.d/kmod-static-nodes generates /run/tmpfiles.d/kmod.conf using named users and groups, the system boots properly, with no stalls. I have tested it adding next line in /etc/init.d/kmod-static-nodes : sed -i 's/ - - / root root /' /run/tmpfiles.d/kmod.conf after 'kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf' declaration
This is a bug for kmod, not OpenRC.
not a bug in ldap, removing mine self
not ldap bug, removing ldap-bugs...
Why is it trying to do a passwd lookup when we pass a UID value of 0? That seems kind of broken.
(In reply to William Hubbs from comment #1) > This is a bug for kmod, not OpenRC. That doesn't seem right where as systemd is capable of handling the kmod generated .conf properly, why OpenRC can't?
Created attachment 383978 [details, diff] tmpfiles.sh patch sys-apps/openrc-0.12.4 patch
the patch i just posted fixes things for me.. doesn't have to rely on upstream kmod changes. ideally, the script should drop the -o and -g flags when the user and group params are unset (or set to -) to let the commands use the running user and their group. but, i got lazy and just hard coded root.
@floppym: Does systemd's tmpfiles program ignore the uid and gid if "-" is passedin those positions?
The patch for tmpfiles.sh is working and correct, for my opinion. +1
tmpfiles.sh was moved to opentmpfiles a while ago. I wonder if this is still an issue for opentmpfiles?
(In reply to William Hubbs from comment #8) > @floppym: > Does systemd's tmpfiles program ignore the uid and gid if "-" is passedin > those positions? When systemd-tmpfiles sees a dash, it skips calling chown() and leaves the uid/gid as-is. No NSS lookups are performed.
