Univention Bugzilla – Bug 53851
Cron fails to execute jobs of LDAP users
Last modified: 2023-08-30 10:15:16 CEST
`cron.service` does not declare a After-dependency on nss-user-lookup.target. Because of that cron.service is started before NSS is ready to resolve users from LDAP. `cron` parses its files in `/etc/cron*` on start and drops all jobs of users, which are un-resolvable. They are never executed until `cron` is restarted. This lead to some services never being executed after a `reboot` until this is manually fixed. # journalctl -b 0 -u cron.service -- Logs begin at Mon 2021-09-06 11:25:01 CEST, end at Wed 2021-09-29 17:54:31 CEST. -- Sep 18 09:12:40 ladda systemd[1]: Started Regular background program processing daemon. Sep 18 09:12:40 ladda cron[454]: (CRON) INFO (pidfile fd = 3) Sep 18 09:12:40 ladda cron[454]: nss-ldap: do_open: do_start_tls failed:stat=-1 Sep 18 09:12:40 ladda cron[454]: nss_ldap: reconnecting to LDAP server... Sep 18 09:12:40 ladda cron[454]: nss-ldap: do_open: do_start_tls failed:stat=-1 Sep 18 09:12:40 ladda cron[454]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)... Sep 18 09:12:41 ladda cron[454]: nss-ldap: do_open: do_start_tls failed:stat=-1 Sep 18 09:12:41 ladda cron[454]: nss_ldap: could not search LDAP server - Server is unavailable Sep 18 09:12:41 ladda cron[454]: Error: bad username; while reading /etc/cron.d/repo-ng # systemctl edit cron.service [Service] After=nss-user-lookup.target