Bug 45905 - slapd and listener are not started during UCS 4.3 master setup
slapd and listener are not started during UCS 4.3 master setup
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 4.3
Other Linux
: P5 normal (vote)
: UCS 4.3
Assigned To: Stefan Gohmann
Felix Botner
: interim-1
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-12-19 22:03 CET by Stefan Gohmann
Modified: 2018-03-14 14:38 CET (History)
2 users (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2017-12-19 22:03:49 CET
slapd is not started during UCS 4.3 DC master setup:

root@unassigned-hostname:~# tail -n 4 /usr/lib/univention-install/01univention-ldap-server-init.inst
invoke-rc.d slapd start

joinscript_save_current_version
exit 0
root@unassigned-hostname:~# invoke-rc.d slapd start
Running in chroot, ignoring request.
root@unassigned-hostname:~#
Comment 1 Stefan Gohmann univentionstaff 2017-12-19 22:10:20 CET
Fixed:

https://git.knut.univention.de/univention/ucs/commit/ae636e1b061653677dca5b3128982295040c6a8e
 * Use service instead of invoke-rc.d since systemd policy layer 

Changelog missing.
Comment 2 Stefan Gohmann univentionstaff 2017-12-19 22:19:55 CET
The same happens to the listener:


univention-directory-notifier:

* Use service instead of invoke-rc.d since systemd policy layer
  prevents starting services in a chroot environment (Bug #45905)

https://git.knut.univention.de/univention/ucs/commit/0a083a5fea01efcebd3f125021ea29d82c687855
Comment 3 Stefan Gohmann univentionstaff 2017-12-19 22:31:17 CET
And bind:

univention-bind:

* Use service instead of invoke-rc.d since systemd policy layer
  prevents starting services in a chroot environment (Bug #45905)

https://git.knut.univention.de/univention/ucs/commit/ea8dc103fad66b36e879d5f2f645b315ca5a2499
Comment 4 Florian Best univentionstaff 2017-12-20 00:31:51 CET
It seems a lot of services are affected by this. Can't we change the systemd policy layer instead so that it allows starting services in chroot during the initial system installation?
Comment 6 Stefan Gohmann univentionstaff 2017-12-20 19:51:03 CET
Changelog added: https://git.knut.univention.de/univention/ucs/commit/4d93bb943d5338dde16ba05d1d15b13a3666eac6

The packages <package>univention-ldap</package>, <package>univention-directory-notifier</package>, <package>univention-bind</package>, <package>univention-heimdal</package> and <package>univention-appcenter</package> now use the command <command>service</command> instead of <command>invoke-rc.d</command> to restart services. This is necessary for the services to be restarted during the UCS installation (<u:bug>45905</u:bug>).

(In reply to Florian Best from comment #4)
> It seems a lot of services are affected by this. Can't we change the systemd
> policy layer instead so that it allows starting services in chroot during
> the initial system installation?

That would also start a lot of other services. I don't think it would be a good idea.
Comment 7 Felix Botner univentionstaff 2018-02-08 19:11:31 CET
OK - setup
OK - changelog
Comment 8 Stefan Gohmann univentionstaff 2018-03-14 14:38:17 CET
UCS 4.3 has been released:
 https://docs.software-univention.de/release-notes-4.3-0-en.html
 https://docs.software-univention.de/release-notes-4.3-0-de.html

If this error occurs again, please use "Clone This Bug".