[Samba] PAM Offline Authentication in Ubuntu 22.04

Rowland Penny rpenny at samba.org
Wed Jun 14 11:10:42 UTC 2023 


On 14/06/2023 11:48, Michael Tokarev via samba wrote:
> 
> This shouldn't be a problem by its own.  On a laptop without its own 
> local domain
> name it doesn't matter much which domain search to use, and "." is about 
> right
> anyway.

I totally agree, it shouldn't matter, but this (in my case) isn't a laptop.
I know that it may have something to do with my router and so I will 
have to set up another dhcp server that I can totally control, but I 
doubt if this will help because the router is sending a domain name, 
just not the correct one.

> 
> The problem seems to be the delays happening when the network isn't 
> connected.

Yes, it appears that Marco gets these long waits when he unplugs from 
the network, something I don't, which is why I was trying to set up an 
Ubuntu 22.04 machine.

> systemd-resolved (which is managed /etc/resolv.conf in this setup) does 
> quite
> good job to fail queries quickly when there's no connectivity (since any
> sendto() calls will be failed immediately due to missing routes, and more,
> since when network interfaces are down, it does not even try to send any
> queries).
> 
> Someone here mentioned netplan. This is a worst thing to have/use. It is an
> extra "unification" layer to convert yet another network configuration to
> ifupdown (/etc/nstwork/ineterfaces) or to systemd-networkd or to something
> else.
> 

Ubuntu 22.04 seems to have netplan installed, but then doesn't seem to 
use it, it uses NetworkManager instead.

To me, it just looks like layer upon layer.

> In order for systemd-resolved to know when interfaces come and go, it is 
> best
> to use it together with systemd-networkd (which also provides dhcp 
> information
> to systemd-resolved and other components such as system-timesyncd).
> 
> But even in case if systemd-networkd is not used, systemd-resolved 
> should be
> able to fail quickly instead of timing out every query.  Maybe it's worth
> the effort to enable debugging and see what's going on there. It is not
> supposed to work this way.
> 
> Thanks,
> 
> /mjt
> 
> 

How do you turn on debugging for systemd-resolved ?
Also systemd-networkd doesn't seem to be available from the Ubuntu 22.04 
repos, perhaps it is part of another package ?

Rowland

More information about the samba mailing list