我最近为我们的网络设置了一个 Fedora 17 服务器,但一直无法让 NIS 服务在启动时运行。以下是系统的一些日志:
Aug 21 12:57:12 cairnwell ypbind-pre-setdomain[718]: Setting NIS domain: 'indigo-nis' (environment variable)
Aug 21 12:57:13 cairnwell ypbind: Binding NIS service
Aug 21 12:57:13 cairnwell rpc.statd[730]: Unable to prune capability 0 from bounding set: Operation not permitted
Aug 21 12:57:13 cairnwell systemd[1]: nfs-lock.service: control process exited, code=exited status=1
Aug 21 12:57:13 cairnwell systemd[1]: Unit nfs-lock.service entered failed state.
Aug 21 12:57:14 cairnwell setroubleshoot: SELinux is preventing /usr/sbin/rpc.statd from using the setpcap capability. For complete SELinux messages. run sealert -l 024bba8a-b0ef-43dc-b195-5c9a2d4c4d41
Aug 21 12:57:15 cairnwell kernel: [ 18.822282] bnx2 0000:02:00.0: em1: NIC Copper Link is Up, 1000 Mbps full duplex
Aug 21 12:57:15 cairnwell kernel: [ 18.822925] ADDRCONF(NETDEV_CHANGE): em1: link becomes ready
Aug 21 12:57:15 cairnwell NetworkManager[621]: <info> (em1): carrier now ON (device state 20)
Aug 21 12:57:15 cairnwell NetworkManager[621]: <info> (em1): device state change: unavailable -> disconnected (reason 'carrier-changed') [20 30 40]
Aug 21 12:57:15 cairnwell NetworkManager[621]: <info> Auto-activating connection 'System em1'.
Aug 21 12:57:15 cairnwell NetworkManager[621]: <info> Activation (em1) starting connection 'System em1'
Aug 21 12:57:15 cairnwell NetworkManager[621]: <info> (em1): device state change: disconnected -> prepare (reason 'none') [30 40 0]
.......
Aug 21 12:57:19 cairnwell sendmail[790]: YPBINDPROC_DOMAIN: Domain not bound
Aug 21 12:57:26 cairnwell sendmail[790]: YPBINDPROC_DOMAIN: Domain not bound
Aug 21 12:57:31 cairnwell sendmail[790]: YPBINDPROC_DOMAIN: Domain not bound
Aug 21 12:57:35 cairnwell sendmail[790]: YPBINDPROC_DOMAIN: Domain not bound
Aug 21 12:58:00 cairnwell ypbind: Binding took 47 seconds
Aug 21 12:58:00 cairnwell ypbind: NIS server for domain indigo-nis is not responding.
Aug 21 12:58:01 cairnwell ypbind: Killing ypbind with PID 733.
Aug 21 12:58:01 cairnwell ypbind-post-waitbind[734]: /usr/lib/ypbind/ypbind-post-waitbind: line 51: kill: SIGTERM: invalid signal specification
Aug 21 12:58:01 cairnwell systemd[1]: ypbind.service: control process exited, code=exited status=1
Aug 21 12:58:01 cairnwell systemd[1]: Unit ypbind.service entered failed state.
从这些日志来看,ypbind 服务在 12:57:12 启动,但网络接口直到 12:57:15 才启动。我猜这导致 ypbind 在尝试连接时超时。
作为连锁反应,NIS 故障导致 NFS 出现问题,无法再正确映射 UID。这个问题似乎无法通过实际启动 ypbind 等来解决,所以我不得不将所有 NFS 共享设置为 noauto。
我曾尝试在 /etc/sysconfig/network 中手动添加NETWORKDELAY和NETWORKWAIT运行,并且systemctl enable NetworkManager-wait-online.service按照我在某些地方看到的建议运行,但这些都没有任何效果。
通过在网络启动后重新启动 ypbind 和挂载 NFS 共享来手动修复这个问题相对容易,但每次重新启动服务器时都必须这样做并不理想。
是否有人知道一种简单(最好是无黑客攻击)的方法,可以延迟 ypbind 启动直到网络接口完全准备好之后?
答案1
我发表了一个答案,因为评论需要> 50 声誉。
我要告诉你这一点非常好的文章以防你还没有偶然发现它。
另外,还有一句很有趣的话:
或者,您可以更改需要网络启动的服务,包括 After=network-online.target 和 Wants=network-online.target
请注意“或者”。
因此,您可能必须创建这个文件:/etc/systemd/system/ypbind.service.d/waitfornetwork.conf
[Service]
After=network-online.target
Wants=network-online.target
这个答案是一个可能的解决方案。不是一个保证解决方案。