Univention Bugzilla – Bug 53712
freeradius service broken after update to UCS 5.0
Last modified: 2021-09-01 17:07:12 CEST
reproducer: UCS 4.4-8 -> univention-install univention-radius -> univention-upgrade # to UCS 5.0-0 -> reboot -> service freeradius status ● freeradius.service - FreeRADIUS multi-protocol policy server Loaded: loaded (/lib/systemd/system/freeradius.service; enabled; vendor preset: enabled) Active: activating (auto-restart) (Result: exit-code) since Fri 2021-08-27 15:54:27 CEST; 3s ago Docs: man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ http://networkradius.com/doc/ Process: 2023 ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cxm -lstdout (code=exited, status=1/FAILURE) Aug 27 15:54:27 master systemd[1]: freeradius.service: Control process exited, code=exited, status=1/FAILURE Aug 27 15:54:27 master systemd[1]: freeradius.service: Failed with result 'exit-code'. Aug 27 15:54:27 master systemd[1]: Failed to start FreeRADIUS multi-protocol policy server. Problem is that during the update /etc/freeradius/3.0/sites-enabled is removed: freeradius-config.preinst ... upgrade) # Delete any symlinks/files which were created in postinst previously. # These are not covered by conffile handling, so they would otherwise not # be cleaned up. for file in /etc/freeradius/certs/ca.pem \ /etc/freeradius/certs/server.key \ /etc/freeradius/certs/server.pem \ /etc/freeradius/sites-enabled/default \ /etc/freeradius/sites-enabled/inner-tunnel do if [ -h "$file" ] then rm -f "$file" fi done ... freeradius.postinst ... find /etc/freeradius -type d -empty -delete ... and without /etc/freeradius/3.0/sites-enabled freeradius won't start. -> freeradius -X ... /etc/freeradius/3.0/radiusd.conf[826]: Failed reading directory /etc/freeradius/3.0/sites-enabled/: No such file or directory Errors reading or parsing /etc/freeradius/3.0/radiusd.conf
(In reply to Felix Botner from comment #0) > Problem is that during the update /etc/freeradius/3.0/sites-enabled is > removed: > > freeradius-config.preinst > ... > upgrade) > # Delete any symlinks/files which were created in postinst previously. > # These are not covered by conffile handling, so they would otherwise not > # be cleaned up. > for file in /etc/freeradius/certs/ca.pem \ > /etc/freeradius/certs/server.key \ > /etc/freeradius/certs/server.pem \ > /etc/freeradius/sites-enabled/default \ > /etc/freeradius/sites-enabled/inner-tunnel > do > if [ -h "$file" ] > then > rm -f "$file" > fi > done It is not the freeradius-config.preinst (no 3.0 in /etc/freeradius/sites-enabled/default). It is just that freeradius-config < UCS 5.0-0 shipped those links in the packages grep sites-enabled /var/lib/dpkg/info/freeradius-config.list /etc/freeradius/3.0/sites-enabled /etc/freeradius/3.0/sites-enabled/default /etc/freeradius/3.0/sites-enabled/inner-tunnel and the new package not grep sites-enabled /var/lib/dpkg/info/freeradius-config.list /etc/freeradius/3.0/sites-enabled so further updates of freeradius-config should not remove /etc/freeradius/3.0/sites-enabled/default ... and we can add those links in univention-radius.
961e0606ec6bd14d1d1e2a14020441946524d96f - univenton-radius * add etc/freeradius/3.0/sites-enabled/default|inner-tunnel links 4ea02d7c2aaa6cbb1219d04dbd29dc4a771bba8c - yaml
OK: fix OK: all tests are green ~OK: YAML
<https://errata.software-univention.de/#/?erratum=5.0x77>