Bug 43690 - Legacy univention-bind* breaks systemd in UCS-4.2
Legacy univention-bind* breaks systemd in UCS-4.2
Product: UCS
Classification: Unclassified
Component: DNS
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.2
Assigned To: Philipp Hahn
Arvid Requate
: interim-3, systemd
Depends on: 42406
Blocks: 43330 43689
  Show dependency treegraph
Reported: 2017-03-01 15:20 CET by Philipp Hahn
Modified: 2018-09-04 10:50 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Release Management
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2017-03-01 15:20:19 CET
Currently there is the following very confusing situation, that we have *three* different names for *one* init script "bind9". The systemd-generator follows the symbolic link and creates *three* services:

# find /etc/init.d /lib/systemd/system /etc/systemd/system /run/systemd \( -name univention-bind\* -o -name bind9\* \) -printf '%p\t%l\n'
/etc/init.d/univention-bind-proxy       bind9
/etc/init.d/univention-bind     bind9
/run/systemd/generator.late/runlevel5.target.wants/bind9.service        /run/systemd/generator.late/bind9.service
/run/systemd/generator.late/runlevel4.target.wants/bind9.service        /run/systemd/generator.late/bind9.service
/run/systemd/generator.late/runlevel3.target.wants/bind9.service        /run/systemd/generator.late/bind9.service
/run/systemd/generator.late/runlevel2.target.wants/bind9.service        /run/systemd/generator.late/bind9.service

But only "bind9" gets started on boot, so the other two remain inactive:

# systemctl status bind9.service univention-bind.service univention-bind-proxy.service
● bind9.service - LSB: bind9 Domain Name Server (DNS)
   Loaded: loaded (/etc/init.d/bind9)
  Drop-In: /run/systemd/generator/bind9.service.d
   Active: active (exited) since Mi 2017-03-01 12:43:15 CET; 1h 57min ago
  Process: 1185 ExecStart=/etc/init.d/bind9 start (code=exited, status=0/SUCCESS)

Mär 01 12:43:15 dc0 bind9[1185]: Starting bind9 Domain Name Server (DNS): ldap proxy.
Mär 01 12:43:15 dc0 systemd[1]: Started LSB: bind9 Domain Name Server (DNS).

● univention-bind.service - LSB: bind9 Domain Name Server (DNS)
   Loaded: loaded (/etc/init.d/univention-bind)
   Active: inactive (dead)

● univention-bind-proxy.service - LSB: bind9 Domain Name Server (DNS)
   Loaded: loaded (/etc/init.d/univention-bind-proxy)
   Active: inactive (dead)

At least the following call sites will not work, as the try to access the wrong services:
$ git grep -n '\(invoke-rc.d \|service \|/etc/init.d/\)univention-bind'
services/univention-bind/conffiles/etc/network/if-down.d/bind9:33:[ -e /etc/init.d/univention-bind ] || exit 0
services/univention-bind/conffiles/etc/network/if-down.d/bind9:36:invoke-rc.d univention-bind reload
services/univention-bind/conffiles/etc/network/if-up.d/bind9:33:[ -x /etc/init.d/univention-bind ] || exit 0
services/univention-bind/conffiles/etc/network/if-up.d/bind9:36:invoke-rc.d univention-bind reload

We should remove those symbolic links ASAP and fix those two files! But there are probably more, which must be fixed too:

base/univention-system-setup/usr/lib/univention-system-setup/scripts/10_basis/10hostname:service_stop univention-bind univention-bind-proxy heimdal-kdc
base/univention-system-setup/usr/lib/univention-system-setup/scripts/10_basis/10hostname:service_start univention-bind univention-bind-proxy heimdal-kdc
base/univention-system-setup/usr/lib/univention-system-setup/scripts/10_basis/12domainname:service_stop univention-bind univention-bind-proxy
base/univention-system-setup/usr/lib/univention-system-setup/scripts/10_basis/12domainname:service_start univention-bind univention-bind-proxy
base/univention-system-setup/usr/lib/univention-system-setup/scripts/10_basis/14ldap_basis:service_stop univention-bind univention-bind-proxy
base/univention-system-setup/usr/lib/univention-system-setup/scripts/10_basis/14ldap_basis:service_start univention-bind univention-bind-proxy
base/univention-system-setup/usr/lib/univention-system-setup/scripts/30_net/16forwarder:service_stop univention-bind univention-bind-proxy
base/univention-system-setup/usr/lib/univention-system-setup/scripts/30_net/16forwarder:service_start univention-bind univention-bind-proxy

+++ This bug was initially created as a clone of Bug #42406 +++
Comment 1 Philipp Hahn univentionstaff 2017-03-09 11:29:02 CET
r77495 | Bug #43690 LDAP/DNS: Drop legacy univention-bind packages
r77494 | Bug #43690 DNS: Remove univention-bind[-proxy] init script symbolic links
r77493 | Bug #43690 DNS: Fix restarting BIND
r77492 | Bug #43690 USS: Fix shell quoting
r77491 | Bug #43690 USS: White space
r77490 | Bug #43690 USS: Use service wrapper
r77489 | Bug #43690 USS: Fix restarting BIND

Package: univention-system-setup
Version: 10.0.7-23A~
Branch: ucs_4.2-0

Package: univention-ldap
Version: 13.0.5-3A~
Branch: ucs_4.2-0

Package: univention-bind
Version: 11.0.0-17A~
Branch: ucs_4.2-0

QA: find /etc /lib/systemd/system /run/systemd -name univention-bind\* -printf '%p\t%l\n'
QA: upgrade
QA: new DVD
Comment 2 Arvid Requate univentionstaff 2017-03-20 19:42:17 CET
Ok, changelog entry fixed (r78014).
Comment 3 Stefan Gohmann univentionstaff 2017-04-04 18:28:53 CEST
UCS 4.2 has been released:

If this error occurs again, please use "Clone This Bug".