Hi there
As Fedora Core user I was always abusing the Runlevel idea of the init/runlevel
idea in on 'powerful' remote machines:
multicore Linux machines authenticating against Active Directory (with schema
extension for Unix holding uid/etc), each carrying a virtual Windows domain
controller (using VMware)
Background idea of either you can authenticate using remote domain controllers
via VPN, or use the local virtual Domain controller, on the very same anyway
oversized(but only one per site) machine.
To catch the case where VPN is down and the server is booting (power outage,
firewall burned?), we basically did this:
1. At the earliest possibility:
- cp -v /etc/nsswitch.conf.local /etc/nsswitch.conf
- cp -v /etc/pam.d/system-auth.local /etc/pam.d/system-auth
2. booting into runlevel 3, starting all 'server services':
- network, etc, vmware(!)
3. At the latest possibility (rc3.d/S99..) a script was kicked off that:
- was trying every few seconds to auth. against _any_ available DC
- if succeed:
- cp -v /etc/nsswitch.conf.ldap /etc/nsswitch.conf
- cp -v /etc/pam.d/system-auth.ldap /etc/pam.d/system-auth
- start into runlevel 4
4. when at least one DC available: runlevel 4: 'networked services':
- start samba
- start NFS
- other things, some cases even X11
Equals: on boot, start the virtual domain controller, then either wait for this
one to become available, or if any other is reachable also good :)
(Despite an abuse of infrastructure, this actually works quite well, the
on-site used severs serving SMB are in either 2min or 15minutes available,
regardless of whether the firewall could establish the VPN's)
Any hint how I can implement this scenario with systemd?
Cheers
Josh
_______________________________________________
systemd-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
