Control: tags -1 + wontfix On Mon, 03 Apr 2017 at 19:35:36 +0200, Laurent Bonnaud wrote: > - does dbus really need to query the NSS databases on boot?
Yes: if any user or group mentioned in /etc/dbus/system.d/ comes from LDAP, then it needs to know who they are. I would not recommend using non-local NSS without some sort of cache (unscd, nss-updatedb or sssd), and doubly so if system users are in LDAP. Unfortunately, many commonly-used packages (e.g. BlueZ) still use the firewall-style policies found in /etc/dbus/system.d/ for group-based access control, instead of letting all users communicate with the service and then doing their own authorization via polkit (like NetworkManager does). > - would it be possible to order the dbus start after network is available? In general no, because some ways to get on the network require D-Bus (NetworkManager, ConnMan, wicd), so you would have a circular dependency. If you don't use any of those, then you can configure this locally by creating /etc/systemd/system/dbus.service.d/local.conf containing something like this (untested and quite possibly wrong, see systemd documentation): [Unit] Wants=network-online.target After=network-online.target Regards, S