First Last Prev Next    This bug is not in your last search results.
Bug 42406 - Assorted 4.2 errors preventing new install/reboot
Assorted 4.2 errors preventing new install/reboot
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: General
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.2
Assigned To: Philipp Hahn
Janek Walkenhorst
: interim-1
Depends on:
Blocks: 43330 43690
  Show dependency treegraph
 
Reported: 2016-09-15 13:26 CEST by Philipp Hahn
Modified: 2017-04-04 18:29 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Release Management
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2016-09-15 13:26:14 CEST 
> ● bind9.service                                masked failed failed    bind9.service
is not masked/disabled by default and as thus clashes with univention-bind


> Sep 15 12:56:43 dc0 ntpdate[580]: no servers can be used, exiting


> Sep 15 12:56:44 dc0 univention-saml-stunnel[848]: LOG3[main]: Cannot create pid file /var/run/univention-saml/stunne
> Sep 15 12:56:44 dc0 univention-saml-stunnel[848]: LOG3[main]: create: No such file or directory (2)


> Sep 15 12:56:44 dc0 named[704]: LDAP sdb zone '17.200.10.in-addr.arpa': ldapdb_bind(): ldap_sasl_bind_s(ldp, 'cn=dc0,cn=dc,cn=computers,dc=xxx,dc=intranet', '<secret>') failed: Can't contact LDAP server


> Sep 15 12:56:44 dc0 nrpe[892]: Invalid IPv6 address in ACL: dc0.xxx.intranet


> Sep 15 12:56:44 dc0 nscd[903]: nss-ldap: do_open: do_start_tls failed:stat=-1
> Sep 15 12:56:44 dc0 nscd[903]: nss_ldap: reconnecting to LDAP server...
> Sep 15 12:56:44 dc0 nscd[903]: nss-ldap: do_open: do_start_tls failed:stat=-1
> Sep 15 12:56:44 dc0 nscd[903]: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)...
> Sep 15 12:56:45 dc0 nscd[903]: nss-ldap: do_open: do_start_tls failed:stat=-1
> Sep 15 12:56:45 dc0 nscd[903]: nss_ldap: could not search LDAP server - Server is unavailable
> Sep 15 12:56:45 dc0 logger[925]: /etc/init.d/slapd start (pid: 723, ppid:    1 systemd)


> Sep 15 12:56:59 dc0 login[876]: pam_access(login:account): unrecognized option [maxent=0x400001]


Did not get a getty on tty0 - only on ttyS0
 <http://0pointer.de/blog/projects/serial-console.html>


Multiple runsvdir run:
  705 ?        Ss     0:00 runsvdir -P /etc/service log: ...........................................................
  716 ?        Ss     0:00  \_ runsv univention-bind-samba4
  717 ?        Ss     0:00  \_ runsv univention-bind
  718 ?        Ss     0:00  \_ runsv univention-directory-notifier
 1301 ?        S      0:00  |   \_ /usr/sbin/univention-directory-notifier -o -d 1 -F
  719 ?        Ss     0:00  \_ runsv univention-bind-proxy
  720 ?        Ss     0:00  \_ runsv univention-directory-listener
 1332 ?        S      0:00      \_ /usr/sbin/univention-directory-listener -F -b dc=xxx,dc=intranet -m /usr/lib/univ
  823 ?        S      0:00 runsvdir -P /etc/service log: l: unable to lock supervise/lock: temporary failure runsv u
 1604 ?        Zs     0:00  \_ [runsv] <defunct>


Multiple memchaced/stunnel run:
  776 ?        Ssl    0:00 /usr/bin/memcached -m 64 -p 11211 -u memcache -l 127.0.0.1
  946 ?        Sl     0:00 /usr/bin/memcached -m 64 -s /var/run/univention-saml/memcached.socket -u samlcgi
  985 ?        Ss     0:00 /usr/bin/stunnel4 /etc/stunnel/univention_saml.conf


For debugging:
 ucr set grub/generate-menu-lst=no grub/quiet=no grub/loglevel=7 grub/bootsplash=nosplash grub/rootdelay=0 grub/append='console=ttyS0,115200 console=tty0'
Comment 1 Philipp Hahn univentionstaff 2016-09-20 14:29:15 CEST 
(In reply to Philipp Hahn from comment #0)
> > ● bind9.service                                masked failed failed    bind9.service
> is not masked/disabled by default and as thus clashes with univention-bind

Currently univention-bind and univention-bind-proxy are symbolic links to bind9, which is not used because bind9.service is preferred.
 rm /etc/init.d/univention-bind-prox9
 rm /etc/init.d/univention-bind
 mv  /etc/init.d/bind9 /etc/init.d/univention-bind
 sed -i /Provides:/s/bind9/univention-bind9/ /etc/init.d/univention-bind
 systemctl mask bind9


> Did not get a getty on tty0 - only on ttyS0
>  <http://0pointer.de/blog/projects/serial-console.html>

Our QEMU uses "vga=cirrus" by default, which gets the Linux kernel module "cirrus" loaded; it has a bug as it clashes with some EFI voodoo:

| kernel: fb: switching to cirrusdrmfb from simple
| kernel: Console: switching to colour dummy device 80x25
| kernel: [drm:cirrus_device_init [cirrus]] *ERROR* can't reserve VRAM
| kernel: cirrus 0000:00:02.0: Fatal error during GPU init: -6

 ucr set kernel/blacklist='nouveau;cirrus' ; update-initramfs -u -k all
or
 ucr set grub/append='cirrus.modeset=0'

<https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1038055>
<https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1177772>


> Multiple runsvdir run:

 systemctl mask runit.service



/lib/systemd/system-generators/systemd-sysv-generator does process all those renamed /etc/init.d/*.debian files:
 /run/systemd/generator.late/ntp.debian.service
 /run/systemd/generator.late/networking.debian.service
 /run/systemd/generator.late/docker.debian.service
 /run/systemd/generator.late/nagios-nrpe-server.debian.service
 /run/systemd/generator.late/bind9.debian.service
 /run/systemd/generator.late/heimdal-kdc.debian.service
 /run/systemd/generator.late/openbsd-inetd.debian.service
 /run/systemd/generator.late/rpcbind.debian.service
 /run/systemd/generator.late/quotarpc.debian.service
 /run/systemd/generator.late/nscd.debian.service
 /run/systemd/generator.late/slapd.debian.service
 /run/systemd/generator.late/postfix.debian.service
 /run/systemd/generator.late/cron.debian.service
Maybe we need to filter them out.
Comment 2 Philipp Hahn univentionstaff 2017-01-12 08:32:12 CET 
(In reply to Philipp Hahn from comment #1)
> /lib/systemd/system-generators/systemd-sysv-generator does process all those
> renamed /etc/init.d/*.debian files:
>  /run/systemd/generator.late/ntp.debian.service
>  /run/systemd/generator.late/networking.debian.service
>  /run/systemd/generator.late/docker.debian.service
>  /run/systemd/generator.late/nagios-nrpe-server.debian.service
>  /run/systemd/generator.late/bind9.debian.service
>  /run/systemd/generator.late/heimdal-kdc.debian.service
>  /run/systemd/generator.late/openbsd-inetd.debian.service
>  /run/systemd/generator.late/rpcbind.debian.service
>  /run/systemd/generator.late/quotarpc.debian.service
>  /run/systemd/generator.late/nscd.debian.service
>  /run/systemd/generator.late/slapd.debian.service
>  /run/systemd/generator.late/postfix.debian.service
>  /run/systemd/generator.late/cron.debian.service
> Maybe we need to filter them out.

r17051 | Bug #42380 systemd: Ignore UCR diverted files

Package: systemd
Version: 215-17+deb8u5A~4.2.0.201701111509
Version: 215-17+deb8u5A~4.2.0.201701111554
Branch: ucs_4.2-0

patch on omar/dimma/ladda is too old (still from UCS-3.2) and cannot be used to apply git-patches, which is required for building systemd (and other packages from UCS-4.2 / Debian-Jessie)

repo_admin.py -U -d jessie -r 3.2 -s internal -p patch

Package: patch
Version: 2.7.5-1.16.201701111548
Branch: ucs_3.2-0-internal
Scope: internal
Comment 3 Philipp Hahn univentionstaff 2017-01-12 08:53:47 CET 
Bug #42204(In reply to Philipp Hahn from comment #1)
> (In reply to Philipp Hahn from comment #0)
> > Did not get a getty on tty0 - only on ttyS0
> >  <http://0pointer.de/blog/projects/serial-console.html>
> 
> Our QEMU uses "vga=cirrus" by default, which gets the Linux kernel module
> "cirrus" loaded; it has a bug as it clashes with some EFI voodoo:
> 
> | kernel: fb: switching to cirrusdrmfb from simple
> | kernel: Console: switching to colour dummy device 80x25
> | kernel: [drm:cirrus_device_init [cirrus]] *ERROR* can't reserve VRAM
> | kernel: cirrus 0000:00:02.0: Fatal error during GPU init: -6
> 
>  ucr set kernel/blacklist='nouveau;cirrus' ; update-initramfs -u -k all
> or
>  ucr set grub/append='cirrus.modeset=0'
> 
> <https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1038055>
> <https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1177772>

Fixed by Bug #42204
Comment 4 Philipp Hahn univentionstaff 2017-01-16 12:03:50 CET 
(In reply to Philipp Hahn from comment #0)
> > ● bind9.service                                masked failed failed    bind9.service
> is not masked/disabled by default and as thus clashes with univention-bind

r75710 | Bug #42406 dns: Disable bind9.service
r75744 | Bug #42406 bind: Disable bind9.service temporarily 2
r75743 | Bug #42406 bind: Disable bind9.service temporarily

Package: univention-bind
Version: 11.0.0-8A~4.2.0.201701121352
Version: 11.0.0-9A~4.2.0.201701131155
Branch: ucs_4.2-0


> > Sep 15 12:56:59 dc0 login[876]: pam_access(login:account): unrecognized option [maxent=0x400001]

Fixed by r17037 | Bug #43287: UCS-4.2 PAM


> Multiple runsvdir run:
>   705 ?        Ss     0:00 runsvdir -P /etc/service log: ...........................................................
>   716 ?        Ss     0:00  \_ runsv univention-bind-samba4
>   717 ?        Ss     0:00  \_ runsv univention-bind
>   718 ?        Ss     0:00  \_ runsv univention-directory-notifier
>  1301 ?        S      0:00  |   \_ /usr/sbin/univention-directory-notifier -o -d 1 -F
>   719 ?        Ss     0:00  \_ runsv univention-bind-proxy
>   720 ?        Ss     0:00  \_ runsv univention-directory-listener
>  1332 ?        S      0:00      \_ /usr/sbin/univention-directory-listener -F -b dc=xxx,dc=intranet -m /usr/lib/univ
>   823 ?        S      0:00 runsvdir -P /etc/service log: l: unable to lock supervise/lock: temporary failure runsv u
>  1604 ?        Zs     0:00  \_ [runsv] <defunct>

r75709 | Bug #42406 runit: Remove univention-runit
r75714 | Revert "Bug #42406 runit: Remove univention-runit"

Package: univention-runit
Version: 8.0.0-4A~4.2.0.201701121352
Version: 8.0.0-5A~4.2.0.201701121516
Branch: ucs_4.2-0
Comment 5 Janek Walkenhorst univentionstaff 2017-02-22 18:00:48 CET 
(In reply to Philipp Hahn from comment #2)
> r17051 | Bug #42380 systemd: Ignore UCR diverted files
Code: OK
Test: OK

(In reply to Philipp Hahn from comment #4)
> r75710 | Bug #42406 dns: Disable bind9.service
> r75744 | Bug #42406 bind: Disable bind9.service temporarily 2
> r75743 | Bug #42406 bind: Disable bind9.service temporarily
Code: OK
Test: OK

> Fixed by r17037 | Bug #43287: UCS-4.2 PAM
Code: OK
Comment 6 Philipp Hahn univentionstaff 2017-02-23 11:50:17 CET 
r77036 | Bug #42406 runit: Disable runsvdir for real

Package: univention-runit
Version: 8.0.0-6A~4.2.0.201702231149
Branch: ucs_4.2-0
Comment 7 Janek Walkenhorst univentionstaff 2017-02-23 18:05:55 CET 
(In reply to Philipp Hahn from comment #4)
> r75709 | Bug #42406 runit: Remove univention-runit
> r75714 | Revert "Bug #42406 runit: Remove univention-runit"
(In reply to Philipp Hahn from comment #6)
> r77036 | Bug #42406 runit: Disable runsvdir for real

Code: OK
Tests: OK
Comment 8 Stefan Gohmann univentionstaff 2017-04-04 18:29:53 CEST 
UCS 4.2 has been released:
 https://docs.software-univention.de/release-notes-4.2-0-en.html
 https://docs.software-univention.de/release-notes-4.2-0-de.html

If this error occurs again, please use "Clone This Bug".
First Last Prev Next    This bug is not in your last search results.