Bug 40371 - server_password_change stuck at restarting nscd
server_password_change stuck at restarting nscd
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: General
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.2-2-errata
Assigned To: Lukas Oyen
Arvid Requate
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-01-05 22:10 CET by Michael Grandjean
Modified: 2017-09-13 16:35 CEST (History)
2 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
oyen: Patch_Available+


Attachments
Move cache invalidation after daemon restart (1.30 KB, patch)
2016-12-13 16:32 CET, Lukas Oyen
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Grandjean univentionstaff 2016-01-05 22:10:39 CET
root@gydwag-opsi:~# ucr search --brief ^version
version/erratalevel: 342
version/patchlevel: 2
version/releasename: Walle
version/version: 4.0

server/role: memberserver

Installed 3rd party applications: opsi4ucs

> root@gydwag-opsi:~# ps auxf | grep '[n]scd'
> root      9707  0.0  0.0   4188   468 ?        S     2015   0:00                  \_ /bin/sh /usr/lib/univention-server/server_password_change.d/univention-nscd postchange
> root      9708  0.0  0.0   4188  1308 ?        S     2015   0:00                      \_ /bin/sh /etc/init.d/nscd restart
> root      9711  0.0  0.0  10588   768 ?        S     2015   0:00                          \_ /usr/sbin/nscd --invalidate passwd
> root      9895 27.8  4.4 540396 179432 ?       Rsl   2015 15211:18 /usr/sbin/nscd


Last lines of server_password_change.log on that day:

> [...]
> run-parts: executing /usr/lib/univention-server/server_password_change.d/univention-libnss-ldap postchange
> W: failed to convert the username messagebus to the uid
> File: /etc/libnss-ldap.conf
> run-parts: executing /usr/lib/univention-server/server_password_change.d/univention-nscd postchange
> Restarting Name Service Cache Daemon: nscd

Next day:
> Starting server password change (Tue Dec 22 01:02:04 CET 2015)
> No server password change scheduled for today, terminating without a change
Comment 1 Michael Grandjean univentionstaff 2016-01-05 22:13:26 CET
Workaround: Kill the oldest running nscd process (PID 9895 in the example above). "univention-nscd postchange" will then finish successfully.
Comment 2 Arvid Requate univentionstaff 2016-01-06 21:24:15 CET
IMHO we definitely should make /etc/init.d/nscd restart more robust against this.

It does  nscd --invalidate $table   and then stop_nscd. It must not hang in the first steps of this, ever. We should assure that it gets restarted reliably.
Comment 3 Michael Grandjean univentionstaff 2016-02-04 20:51:32 CET
2016012621000729 - same customer, other server
Comment 4 Lukas Oyen univentionstaff 2016-12-13 16:32:45 CET
Created attachment 8304 [details]
Move cache invalidation after daemon restart
Comment 5 Florian Best univentionstaff 2017-06-28 14:53:01 CEST
There is a Customer ID set so I set the flag "Enterprise Customer affected".
Comment 6 Lukas Oyen univentionstaff 2017-08-01 17:20:02 CEST
Committed in r81656 - r81657 (advisory r81658).
Comment 7 Arvid Requate univentionstaff 2017-08-28 19:52:07 CEST
Ok, works.
Comment 8 Arvid Requate univentionstaff 2017-09-13 16:35:04 CEST
<http://errata.software-univention.de/ucs/4.2/161.html>