[Samba] winbind: does it actually depend on nmbd? and network-online?
Michael Tokarev
mjt at tls.msk.ru
Thu May 2 17:00:09 UTC 2024
02.05.2024 19:43, Jeremy Allison via samba wrote:
>>> Does winbind requires network to be online or just up?
>
> What's the difference between "online" and "up" ?
"Online" has numerous meanings depending on the settings, but the basic
idea is the same: when there's some connectivity present.
I had a trap on my notebook due to this and due to debian-specific settings.
Obviously, a notebook is supposed to be without connectivity just fine.
This one has been upgraded from an old version of debian, - a version which
used to use /etc/rc.local which was ordered after networking, and at that
old time, there was no notion of "network-online" at all. My rc.local was
empty. Debian decided to make rc.local dependent on network-ONLINE.target.
And user logins are ordered after rc.local if it is present. So as the
result, I wasn't able to log in to my notebook until there's a known wifi
network nearby, or available ethernet port - not even root login was possible.
See https://www.freedesktop.org/software/systemd/man/latest/systemd.special.html#network-online.target
for a bit more context about this, and the page referenced from there,
https://systemd.io/NETWORK_ONLINE .
The meaning of "online" can be adjusted by the local settings. By default
it means "at least one network interface (besides loopback) is configured
and has carrier".
In this context, basically, network-online means winbind is able to send
queries to a remote domain controller (hopefully it is up and running).
While network means the interfaces are configured (and might not even be
configured, - eg. systemd-networkd can delay interface configuration until
it detects carrier).
Since winbind can cache network information, and since samba even allows
network-less login with saved/cached credentials, I guess it should depend
on network.target, not network-online.target. Not for the first login
though.
For nmbd, - this one apparently is the same (when it is used), though it
might not find any active interface in this case (when networkd delays
carrier-less interface configuration) and even fail to start. Still,
without network-online, nmbd becomes basically useless.
Thanks,
/mjt
--
GPG Key transition (from rsa2048 to rsa4096) since 2024-04-24.
New key: rsa4096/61AD3D98ECDF2C8E 9D8B E14E 3F2A 9DD7 9199 28F1 61AD 3D98 ECDF 2C8E
Old key: rsa2048/457CE0A0804465C5 6EE1 95D1 886E 8FFB 810D 4324 457C E0A0 8044 65C5
Transition statement: http://www.corpit.ru/mjt/gpg-transition-2024.txt
More information about the samba
mailing list