>>> Lennart Poettering <mzerq...@0pointer.de> schrieb am 14.07.2020 um 09:50 in Nachricht <20200714075029.GC180968@gardel-login>: > On Di, 14.07.20 09:10, Dac Override (dac.overr...@gmail.com) wrote: > >> selinux-autorelabel needs to be able to resolve users. Currently users >> managed with systemd-serdbd are not resolvable in the >> selinux-autorelabel.target.. >> >> Should I be able to pull systemd.userdvd into the >> selinux-autorelabel.target? Is there a better way to ensure that homed >> users are resolvable when selinux-autorelabel.service runs? > > systemd-homed runs after /home, and the selinux relabel stuff runs > much earlier, no? > > How does this work for LDAP/NIS/… users? They typically are late boot > stuff too?
Yes, it is a problem even at different places: You cannot use an LDAP user for any tmpfiles, even if the directory is used only after LDAP us up. Also the password utilities refuse to add the same user locally that exists in LDAP. Typically I restart the tmpfiles unit again manually and then things are OK. (In this regard NFS "bg" mounts are much smarter than systemd's tmpfiles unit.) > > Lennart > > -- > Lennart Poettering, Berlin > _______________________________________________ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/systemd-devel _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
