Univention Bugzilla – Bug 48062
nscd needs to be started before cron / atd
Last modified: 2021-07-01 07:58:41 CEST
cron doesn't seem to try to reconnect to nscd if it isn't already running on its initialization. In the result it is not possible to use ldap users in cronjobs. Error messages I have seen: ''' Error: bad username; while reading /etc/cron.d/univention-ucr-cronjobs ''' And after adding and removing the username from the local /etc/shadows: ''' User not known to the underlying authentication module '''
Same problem for atd atd error message: ''' Userid 2007 not found - aborting job 9 (a00009018defbc) '''
install -d /etc/systemd/system/{atd,cron}.service.d printf '[Unit]\nAfter=nss-user-lookup.target\n' | tee /etc/systemd/system/atd.service.d/bug48062.conf | tee /etc/systemd/system/cron.service.d/bug48062.conf | systemctl daemon-reload Maybe also "user.slice".
Debian has a similar issue: <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801384> Happend again on ladda with UCS-4.4, where cron.service was not running /usr/bin/repo-ng-auto-build: # journalctl -u cron --this-boot -- Logs begin at Tue 2020-03-17 16:32:49 CET, end at Tue 2020-05-19 15:30:45 CEST. -- Mai 11 07:54:06 ladda systemd[1]: Started Regular background program processing daemon. Mai 11 07:54:06 ladda cron[449]: (CRON) INFO (pidfile fd = 3) Mai 11 07:54:07 ladda cron[449]: nss-ldap: do_open: do_start_tls failed:stat=-1 Mai 11 07:54:07 ladda cron[449]: nss_ldap: reconnecting to LDAP server... Mai 11 07:54:07 ladda cron[449]: nss-ldap: do_open: do_start_tls failed:stat=-1 Mai 11 07:54:07 ladda cron[449]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)... Mai 11 07:54:08 ladda cron[449]: nss-ldap: do_open: do_start_tls failed:stat=-1 Mai 11 07:54:08 ladda cron[449]: nss_ldap: could not search LDAP server - Server is unavailable Mai 11 07:54:08 ladda cron[449]: Error: bad username; while reading /etc/cron.d/repo-ng Mai 11 07:54:08 ladda cron[449]: (*system*repo-ng) ERROR (Syntax error, this crontab file will be ignored)
This issue has been filed against UCS 4.3. UCS 4.3 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.
Still relevant with UCS-5: Just recently I experienced this problem where CRON did not execute certain jobs because the LDAP-user was unknown because NSCD was not running.