[systemd-devel] proper way for shutdown script
list at xenhideout.nl
Wed Oct 5 16:08:34 UTC 2016
Mantas Mikulėnas schreef op 05-10-2016 14:49:
> On Wed, Oct 5, 2016 at 1:47 PM, Xen <list at xenhideout.nl> wrote:
>> the libnss-ldap package on my system used to contain (and still
>> contains) a script that is run on system reboot and shutdown and
>> installs itself into SysV directories for runlevel 0 and 6.
> Do you mean libnss-ldapd? The standalone libnss-ldap has been
> deprecated for quite a while (in favor of nslcd-based thin modules).
> Also, what does this script do?
Thanks for the hint. I had come across nslcd but it seemed more
complicated to get it running the first time, so I opted for the smaller
solution having only libnss-ldap. I was not actually aware (anymore) of
I am sure it is a "better" solution I was just not sure I could get it
running in due time.
I also don't know what could be the difference here (I am sure there
The script does what I have mentioned in another email which is to
exclude certain users and groups from being LDAP-sourced by factual
enumeration: the script just lists all of the groups and user (I think)
and puts them into the configuration file. It is just a bit of an ugly
workaround I guess as to simply checking for user and group ID.
The script probably just assumes that all user IDs and user groups start
above a certain UID/GID.
What you would really need is an LDAP module that would not perform
lookups above a certain ID, but this also works, and is in a way more
flexible and powerful.
Even with very low timeouts LDAP queries would not be okay for system
There is just no way you can run a (Linux) system with system groups and
users in some LDAP database.
More information about the systemd-devel