Bug 1852659
| Summary: | sssd service is starting even though it is disabled state [rhel-7.9.z] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Divya Mittal <dmittal> |
| Component: | sssd | Assignee: | Alexey Tikhonov <atikhono> |
| Status: | CLOSED ERRATA | QA Contact: | shridhar <sgadekar> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 7.8 | CC: | atikhono, ddas, dlavu, grajaiya, jhrozek, jreznik, lslebodn, mzidek, pbrezina, sbose, sgoveas, spanjikk, thalman, tscherf |
| Target Milestone: | rc | Keywords: | Triaged, ZStream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | sync-to-jira qetodo | ||
| Fixed In Version: | sssd-1.16.5-10.el7_9.6 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-12-15 11:22:17 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Hi, the file '/var/tmp/sssd_is_running' is created during update in %pre and is removed in %posttrans. But if there are some issues during an update, maybe not even caused by an SSSD package, %posttrans might not be executed. A later update will see this file and will try to start SSSD in %posttrans even if it was not running before. To avoid such confusion the file '/var/tmp/sssd_is_running' should be removed in %pre before the check if it should be created or not. bye, Sumit (In reply to Sumit Bose from comment #2) > Hi, > > the file '/var/tmp/sssd_is_running' is created during update in %pre and is > removed in %posttrans. But if there are some issues during an update, maybe > not even caused by an SSSD package, %posttrans might not be executed. A > later update will see this file and will try to start SSSD in %posttrans > even if it was not running before. > > To avoid such confusion the file '/var/tmp/sssd_is_running' should be > removed in %pre before the check if it should be created or not. Something like this? ``` diff --git a/sssd.spec b/sssd.spec index 50e2eb2..e954eea 100644 --- a/sssd.spec +++ b/sssd.spec @@ -1130,6 +1130,7 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "Us %pre common getent group sssd >/dev/null || groupadd -r sssd getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin -c "User for sssd" sssd +rm -f /var/tmp/sssd_is_running /bin/systemctl is-active --quiet sssd.service && touch /var/tmp/sssd_is_running || : %post common ``` Sumit, do you know why the code that works with `/var/tmp/sssd_is_running` was removed in RHEL8 sssd.spec? In RHEL8 it's just: ``` %posttrans common %systemd_postun_with_restart sssd.service ``` (In reply to Alexey Tikhonov from comment #3) > (In reply to Sumit Bose from comment #2) > > Hi, > > > > the file '/var/tmp/sssd_is_running' is created during update in %pre and is > > removed in %posttrans. But if there are some issues during an update, maybe > > not even caused by an SSSD package, %posttrans might not be executed. A > > later update will see this file and will try to start SSSD in %posttrans > > even if it was not running before. > > > > To avoid such confusion the file '/var/tmp/sssd_is_running' should be > > removed in %pre before the check if it should be created or not. > > Something like this? > ``` > diff --git a/sssd.spec b/sssd.spec > index 50e2eb2..e954eea 100644 > --- a/sssd.spec > +++ b/sssd.spec > @@ -1130,6 +1130,7 @@ getent passwd sssd >/dev/null || useradd -r -g sssd -d > / -s /sbin/nologin -c "Us > %pre common > getent group sssd >/dev/null || groupadd -r sssd > getent passwd sssd >/dev/null || useradd -r -g sssd -d / -s /sbin/nologin > -c "User for sssd" sssd > +rm -f /var/tmp/sssd_is_running > /bin/systemctl is-active --quiet sssd.service && touch > /var/tmp/sssd_is_running || : > > %post common > ``` Yes, exactly. > > Sumit, do you know why the code that works with `/var/tmp/sssd_is_running` > was removed in RHEL8 sssd.spec? > In RHEL8 it's just: > ``` > %posttrans common > %systemd_postun_with_restart sssd.service > ``` iirc it was added to handle an issue with updates from a version where the restart was in %postun. Since there is no such version in RHEL-8 it is not needed anymore. HTH bye, Sumit Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (sssd bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:5459 |
Description of problem: sssd service is restarting after server update even if it is in disabled state. Version-Release number of selected component (if applicable): sssd-ad-1.16.4-37.el7_8.1.x86_64 Wed Jun 24 13:24:08 2020 sssd-client-1.16.4-37.el7_8.1.x86_64 Wed Jun 24 13:24:06 2020 sssd-common-1.16.4-37.el7_8.1.x86_64 Wed Jun 24 13:24:07 2020 sssd-common-pac-1.16.4-37.el7_8.1.x86_64 Wed Jun 24 13:24:07 2020 sssd-krb5-common-1.16.4-37.el7_8.1.x86_64 Wed Jun 24 13:24:07 2020 sssd-ldap-1.16.4-37.el7_8.1.x86_64 Wed Jun 24 13:24:08 2020 How reproducible: Not reproducible Steps to Reproduce: 1. 2. 3. Actual results: sssd is trying to start even when it is in disabled state and going to failed state Expected results: sssd should not start when it is in disabled state and service state should be in inactive . Additional info: Below can be seen in sssd-common package ============== rpm -q --scripts sssd-common .. .. .. systemctl try-restart sssd >/dev/null 2>&1 || : # After changing order of sssd-common and *libwbclient, # older version of sssd will restart sssd.service in postun scriptlet # It failed due to missing alternative to libwbclient. Start it again. /bin/systemctl is-active --quiet sssd.service || { if [ -f /var/tmp/sssd_is_running ]; then systemctl start sssd.service >/dev/null 2>&1; rm -f /var/tmp/sssd_is_running; ==============