[systemd-devel] Antw: Re: Service that runs with network credentials

Ulrich Windl Ulrich.Windl at rz.uni-regensburg.de
Thu Dec 5 10:10:18 UTC 2019


>>> Lennart Poettering <mzerqung at 0pointer.de> schrieb am 05.12.2019 um 10:37
in
Nachricht <20191205093742.GB10317 at gardel-login>:
> On Mi, 04.12.19 23:18, Kenneth Porter (shiva at sewingwitch.com) wrote:
> 
>> What's the best practice for defining a service that might require network
>> credentials to run? Are there example unit files that do this? How does
one
>> set up the dependencies to access an LDAP or Active Directory server, for
>> example?
> 
> I am not sure what "network credentials" is supposed to mean, but the

I guess it's about "secret credentials", i.e. where to store "secrets".

> assumption is that network user/group naming services such as
> LDAP/NIS/AD/… are set up properly as soon as nss-user-lookup.target is
> reached. i.e. such infrastructure should be ordered before it so that
> services requiring users/groups from this source to be resolvable can
> be ordered after it.
> 
> This means, system services that need such users cannot run in early
> boot, but only in late boot, with that target acting as boundary to
> the front.
> 
> Lennart
> 
> --
> Lennart Poettering, Berlin
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org 
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel 





More information about the systemd-devel mailing list