Прошу прошения, поиск использовал, нашел более менее подходящею мне, только эту тему в "Alt Linux на Сервере" -
https://forum.altlinux.org/index.php?topic=1949.msg168202#msg168202 - по тому есть несколько вопросов.
У меня простая не подключенная к домену рабочая станция:
# cat /etc/altlinux-release
ALT Workstation K 8.2 (Centaurea Ruthenica)
# uname -a
Linux desk-alsanlin17.localdomain 4.9.93-std-def-alt0.M80P.1 #1 SMP Mon Apr 9 17:30:40 UTC 2018 x86_64 GNU/Linux
"Случайно" заглянул в логи и выяснил, что эта проблема у меня достаточно давно:
Спойлер
$ journalctl --since="2018-04-09" --until="2018-04-10"
-- Logs begin at Wed 2017-10-11 11:31:05 +07, end at Thu 2018-04-12 13:50:47 +07. --
апр 09 00:00:20 desk-alsanlin17.localdomain systemd[1]: Starting Discard unused blocks...
апр 09 00:00:22 desk-alsanlin17.localdomain systemd[1]: Started Discard unused blocks.
апр 09 00:01:01 desk-alsanlin17.localdomain crond[4492]: PAM unable to dlopen(/lib64/security/pam_ldap.so): /lib64/security/pam_ldap.so: cannot open shared object file: No such file or directory
апр 09 00:01:01 desk-alsanlin17.localdomain crond[4492]: PAM adding faulty module: /lib64/security/pam_ldap.so
апр 09 00:01:01 desk-alsanlin17.localdomain crond[4492]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain crond[4492]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain crond[4492]: pam_tcb(crond:session): Session opened for root by (uid=0)
апр 09 00:01:01 desk-alsanlin17.localdomain systemd[1]: Created slice User Slice of root.
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain systemd[1]: Starting User Manager for UID 0...
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: could not search LDAP server - Server is unavailable
апр 09 00:01:01 desk-alsanlin17.localdomain polkitd[667]: nss_ldap: failed to bind to LDAP server ldap://127.0.0.1: Can't contact LDAP server
Вот так выглядит
/etc/nsswitch.confСпойлер
# cat /etc/nsswitch.conf
#
# Please refer to nsswitch.conf(5) for more information on this file.
#
# This is the Name Service Switch configuration file. This file should
# be sorted with the most-used databases at the beginning.
#
# Specifying '[NOTFOUND=return]' means that the search for an entry
# should stop if the search with the previous service turned up nothing.
# Note that if the search failed due to some other reason (like no NIS
# server responding) then the search continues with the next service.
#
# Legal name services are:
#
# files Use local files
# tcb Use local tcb shadow files, see tcb(5)
# db Use local database files under /var/db
# nis or yp Use NIS (NIS version 2), also called YP
# nisplus or nis+ Use NIS+ (NIS version 3)
# dns Use DNS (Domain Name Service)
# compat Use NIS in compatibility mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#
passwd: files ldap mymachines
shadow: tcb files ldap
group: files [SUCCESS=merge] ldap mymachines
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns myhostname mymachines
# To use db, put the "db" in front of "files" for things you want to be
# looked up first in the db files.
#
#passwd: db files nisplus nis
#shadow: db tcb files nisplus nis
#group: db files nisplus nis
#
#hosts: db files nisplus nis dns
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files
bootparams: nisplus [NOTFOUND=return] files
netgroup: nisplus
publickey: nisplus
automount: files
aliases: files
# system-auth status
ldap dc=localdomain ldap://127.0.0.1
Вопрос: (Несколько вопросов)
- Не приведет ли "избавление" от
ldap к проблемам с доступом к общим папкам на этом компьютере и компьютерами в сети?
- Я не настраивал домен, почему по умолчанию тогда LDAP аутентификация?
- Смущает "Server is unavailable". Что будет если его просто запустить?