Univention Bugzilla – Bug 46300
docker/autostart value changes are not recognized if they are changed on different layers
Last modified: 2018-06-27 14:37:24 CEST
In a customer environment, the following situation occurred. Starting docker was always possible. Setting and unsetting the ucrv docker/autostart seems to have no consequence. ________________________________________________________________________________ root@master:~# systemctl list-unit-files |grep docker docker.service enabled docker.socket enabled ________________________________________________________________________________ root@master:~# ucr get docker/autostart no ________________________________________________________________________________ ucr set docker/autostart='yes' Setting docker/autostart W: docker/autostart is overridden by scope "ldap" Module: autostart ________________________________________________________________________________ root@master:~# grep docker/autostart /etc/univention/base*conf /etc/univention/base.conf:docker/autostart: yes /etc/univention/base-ldap.conf:docker/autostart: no ________________________________________________________________________________ root@master:~# ucr set --force docker/autostart='yes' Create docker/autostart Module: autostart None → old yes → new root@master:~# systemctl list-unit-files |grep docker docker.service enabled docker.socket enabled root@master:~# ucr unset --force docker/autostart Unsetting docker/autostart Module: autostart yes → old None → new root@master:~# systemctl list-unit-files |grep docker docker.service enabled docker.socket enabled ________________________________________________________________________________ The situation could be fixed with setting and unsetting the ucr value on ldap-layer: root@master:~# ucr set --ldap-policy docker/autostart='yes'· Setting docker/autostart Module: autostart no yes root@master:~# grep docker/autostart /etc/univention/base*conf /etc/univention/base.conf:docker/autostart: yes /etc/univention/base-ldap.conf:docker/autostart: yes root@master:~# systemctl list-unit-files |grep docker docker.service enabled· docker.socket enabled· root@master:~# ucr set --ldap-policy docker/autostart='no'· Setting docker/autostart Module: autostart yes no root@master:~# systemctl list-unit-files |grep docker docker.service masked·· docker.socket enabled· ________________________________________________________________________________
It is a problem in the autostart handling file and not a Docker problem. It was introduced with Bug #43470.
The ucr autostart module is not scope aware. It uses the changed variable which it gets from ucr. That variable does not contain the effective change but only the change on the scope. Changing that in ucr might be problem (backwards compatibility?). I will probably fix that by not using the changed variable in the autostart module and instead always call systemctl without checking if the value actually changed.
[4.3-1 628afa8c38] Bug #46300: Do not ignore ucr layers in ucr autostart module [4.3-1 864b663b7f] Bug #46300: YAML Is a backport needed?
OK: 628afa8c38 OK: 864b663b7f OK: univention-base-files.yaml OK: errata-announce -V --only univention-base-files.yaml OK: find /???/systemd -name docker.service -ls ucr set --ldap-policy docker/autostart=yes ucr set docker/autostart=no find /???/systemd -name docker.service -ls ucr unset --ldap-policy docker/autostart find /???/systemd -name docker.service -ls ucr set --forced docker/autostart=yes find /???/systemd -name docker.service -ls ucr unset --forced docker/autostart find /???/systemd -name docker.service -ls ucr set docker/autostart=yes find /???/systemd -name docker.service -ls
<http://errata.software-univention.de/ucs/4.3/122.html>