Univention Bugzilla – Bug 49549
restore umask - Check_univention_replication fails after some time (/var/lib/univention-directory-listener/notifier_id: Permission denied)
Last modified: 2019-09-18 12:52:50 CEST
Exactly every 30 days there is the following error with the UCS Monitoring Check:
CRITICAL: no change of listener transaction id for last 10 checks (nid=5320 lid=cat: /var/lib/univention-directory-listener/notifier_id: Permission denied)
And after manually systemctl restart univention-directory-listener.service
we get correct permissions and monitoring service RECOVERY.
Seems to have other causes than bug 31573, because the bug also occurs with a quite current version 4.3-4 errata504.
Also described & mentioned @ https://help.univention.com/t/check-univention-replication-fails-after-some-time/9282
Can you please run the following command if the error occurs:
grep Umask /proc/$(pgrep -f /usr/sbin/univention-directory-listener)/status
It will check the `umask` of the currently running UDL process. It should be `0022`.
It it is not some UDL module changed the umask to some other value and did not restore it back. We just experienced the same problem yesterday here internally at Univention with the *Bareos*¹ listener module. You can use the following command to have a look it such an obvious faulty UDL module exists:
grep umask /usr/lib/univention-directory-listener/system/*
By restarting UDL the problem is fixed until the broken UDL modules runs again.
@DEV: Similar to restoring the effective UID after running a UDL module we can also restore the umask().