Bug 1804015
| Summary: | Running ipa-backup continuously causes httpd to crash and makes it irrecoverable | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | rmitra |
| Component: | nss | Assignee: | nss-nspr-maint <nss-nspr-maint> |
| Status: | CLOSED ERRATA | QA Contact: | Hubert Kario <hkario> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.7 | CC: | dueno, fcami, hkario, mharmsen, pasik, rcritten, rrelyea, ssorce, toneata, tscherf |
| Target Milestone: | rc | Keywords: | Triaged |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | nss-3.53.1-3.el7_9 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-09-29 21:18:46 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1804262 | ||
| Bug Blocks: | |||
What do you mean reboot doesn't restore the services and has to be done manually? Exact package versions are necessary for ipa-server, httpd, mod_nss and nss. The key error message is:
[Fri Feb 07 11:24:26.408975 2020] [core:emerg] [pid 30649] (28)No space left on device: AH00023: Couldn't create the proxy mutex
[Fri Feb 07 11:24:26.408999 2020] [proxy:crit] [pid 30649] (28)No space left on device: AH02478: failed to create proxy mutex
This may mean that Apache is out of semaphores.
# ipcs -s
If there are a ton of semaphores you can clean this up with without requiring a reboot.
# for x in `ipcs -s | awk '{print $2}'`; do ipcrm -s $x; done
As for ipa-backup being enhanced to predict how much space a backup is going to take, this is covered by: "RFE: predict how much space a backup is going to take" https://bugzilla.redhat.com/show_bug.cgi?id=1796589 Rituparna, would you agree to close the current bug (#1804015) after reviewing the RFE above and Rob's comments in #7 please? Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: nss and nspr security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:4076 |
Description of problem ====================== 1. When ipa-backup is run continuously for few hours, httpd crashes with 7/BUS error and afterwards, IPA services are not restored. 2. While reproducing this issue by running ipa-backup in a loop, ipa-backup eventually fails after file-system becomes full, which is normal. However, the following behaviour is seen: a) After clearing up the file-system space, IPA services cannot be restarted because httpd continues to fail. b) Manual start using "systemctl status httpd" also fails. c) Reboot doesn't restore IPA service, however after reboot, manual restart of httpd works. Version-Release number of selected component (if applicable) ============================================================ RHEL 7.6+ How reproducible ================ Run "ipa-backup" in a loop, with or without sufficient sleeps in between and wait for file system to become full. # ipa-backup ; sleep 1; time { RET=0; while [ $RET -eq 0 ]; do ipa-backup ; sleep 1; systemctl status httpd ; RET=$?; echo "**** status=$RET ****"; done; } Steps to Reproduce ================== 1. Run ipa-backup in a loop until file system becomes full. The sleeps in between don't really matter. # ipa-backup ; sleep 1; time { RET=0; while [ $RET -eq 0 ]; do ipa-backup ; sleep 1; systemctl status httpd ; RET=$?; echo "**** status=$RET ****"; done; } 2. Once httpd starts failing, it goes into an irrecoverable state i.e. cannot be restored manually even after clearing up disk space. 3. Reboot fails to restore IPA services automatically. Actual results ============== Continuously running ipa-backup breaks httpd service. Expected results ================ ipa-backup should be robust enough to check for available space before disrupting service and shouldn't be able to cause IPA services (especially httpd) to enter an irrecoverable state.