Bug 1292607
| Summary: | Add comment warning inside /etc/sysconfig/nfs stating how to use an alternate keytab rather than the default /etc/krb5.keytab | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Ramandeep Arora <raarora> |
| Component: | nfs-utils | Assignee: | Steve Dickson <steved> |
| Status: | CLOSED ERRATA | QA Contact: | Yongcheng Yang <yoyang> |
| Severity: | medium | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.2 | CC: | dwysocha, eguan, jkachuck, sbhat, steved, swhiteho |
| Target Milestone: | rc | Keywords: | Documentation |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | nfs-utils-1.3.0-0.24.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-11-04 05:02:44 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1203710, 1295577, 1313485, 1364088 | ||
|
Description
Ramandeep Arora
2015-12-17 22:13:27 UTC
Since this is reproducible it seems a good candidate for consideration in RHEL7.3 Steve D - what do you think? (In reply to Dave Wysochanski from comment #3) > Steve D - what do you think? I just sent email to the systemd-devel mailing list to see if this is possible. Here is the thread I started with the systemd folks http://lists.freedesktop.org/archives/systemd-devel/2016-January/035559.h In short, the answer is no, its not possible to add a variable to the ConditionPathExists= clause. any ideas? (In reply to Steve Dickson from comment #6) > Here is the thread I started with the systemd folks > http://lists.freedesktop.org/archives/systemd-devel/2016-January/035559.h > > In short, the answer is no, its not possible to add a > variable to the ConditionPathExists= clause. > > any ideas? Is there some reason you're not using EnvironmentFile in cases where there's an env var inside /etc/sysconfig/nfs? (In reply to Dave Wysochanski from comment #8) > (In reply to Steve Dickson from comment #6) > > Here is the thread I started with the systemd folks > > http://lists.freedesktop.org/archives/systemd-devel/2016-January/035559.h > > > > In short, the answer is no, its not possible to add a > > variable to the ConditionPathExists= clause. > > > > any ideas? > > Is there some reason you're not using EnvironmentFile in cases where there's > an env var inside /etc/sysconfig/nfs? It is being used.... rpc-gssd.service: [Unit] Description=RPC security service for NFS client and server DefaultDependencies=no Conflicts=umount.target Requires=var-lib-nfs-rpc_pipefs.mount After=var-lib-nfs-rpc_pipefs.mount ConditionPathExists=/etc/krb5.keytab ^^^^^ the problem is this has to be a hard coded path and the systemd people do not want to change that. PartOf=nfs-utils.service Wants=nfs-config.service After=nfs-config.service [Service] EnvironmentFile=-/run/sysconfig/nfs-utils Type=forking ExecStart=/usr/sbin/rpc.gssd $GSSDARGS Hello Steve, If this wont be able to be fixed. Would we be able to have a warning message added? Thank You Joe Kachuck (In reply to Joseph Kachuck from comment #10) > Hello Steve, > If this wont be able to be fixed. Would we be able to have a warning message > added? > What would the warning message say? Hello, Might put a comment warning inside /etc/sysconfig/nfs. Stating ConditionPathExists=/etc/krb5.keytab can not be changed? Thank You Joe Kachuck Its not the easiest things to explain :-) but here goes
Warning: The keytab is now statically define in the
rpc-gssd.service systemd script. The
ConditionPathExists= variable in that
script must point the existing keytab
for the rpc-gssd service to start.
Thoughts?
Here is a better read: The rpc-gssd service will not start unless the file /etc/krb5.keytab exists. If an alternate keytab is needed, that separate keytab file location may be defined in the rpc-gssd.service's systemd unit file under the ConditionPathExists parameter According to comment 12 and comment 14, only need to add a warning message. There is no need to generate an automatic case. Will check the Note added or not and verify this bug when available. Update the description according to comment 12. Please correct me if there is any concern. Have checked the warning exists in latest compose. (Only need to add a warning message according to comment 12 and comment 14) Move to VERIFIED now. [root@hp-dl585g7-04 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.3 Beta (Maipo) [root@hp-dl585g7-04 ~]# rpm -q nfs-utils nfs-utils-1.3.0-0.33.el7.x86_64 [root@hp-dl585g7-04 ~]# cat /etc/sysconfig/nfs | grep -B8 RPCGSSDARGS # # Optional arguments passed to rpc.gssd. See rpc.gssd(8) # Note: The rpc-gssd service will not start unless the # file /etc/krb5.keytab exists. If an alternate # keytab is needed, that separate keytab file # location may be defined in the rpc-gssd.service's # systemd unit file under the ConditionPathExists # parameter RPCGSSDARGS="" [root@hp-dl585g7-04 ~]# Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2383.html |