Bug 2040195

Summary: Ignition fails to enable systemd units with backslash-escaped characters in their names
Product: OpenShift Container Platform Reporter: Mat Kowalski <mko>
Component: RHCOSAssignee: Benjamin Gilbert <bgilbert>
Status: CLOSED ERRATA QA Contact: HuijingHei <hhei>
Severity: medium Docs Contact:
Priority: low    
Version: 4.10CC: achernet, agurenko, bgilbert, dornelas, dustymabe, jligon, miabbott, mrussell, nstielau, qzhang, travier, yshnaidm
Target Milestone: ---   
Target Release: 4.11.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 2061952 (view as bug list) Environment:
Last Closed: 2022-08-10 10:42:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1952686    
Bug Blocks: 2061952    

Description Mat Kowalski 2022-01-13 08:54:16 UTC 
As the Assisted Installer Team, when testing RHCOS 410.84.202201102308-0 we are observing the following behaviour of a systemd mount unit

* `"enabled":true` in the ignition
* `disabled` and `inactive` in the booted OS

The unit definition itself seems to be correct, as manually starting it via `systemctl start` does not throw any errors and makes the mount to appear correctly.

The part of ignition defining the unit

```
{"units":[{"contents":"\n[Unit]\nAfter=systemd-tmpfiles-setup.service\n[Mount]\nWhere=/etc/NetworkManager/system-connections-merged\nWhat=overlay\nType=overlay\nOptions=lowerdir=/etc/NetworkManager/system-connections,upperdir=/run/nm-system-connections,workdir=/run/nm-system-connections-work\n[Install]\nWantedBy=multi-user.target\n","enabled":true,"name":"etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"}]}
```

and respective systemd unit inside the OS

```
[root@extraworker-0 NetworkManager]# systemctl status etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount 
● etc-NetworkManager-system\x2dconnections\x2dmerged.mount - /etc/NetworkManager/system-connections-merged
   Loaded: loaded (/etc/systemd/system/etc-NetworkManager-system\x2dconnections\x2dmerged.mount; disabled; vendor preset: disabled)
   Active: inactive (dead)
    Where: /etc/NetworkManager/system-connections-merged
     What: overlay
```

From the journal it can be seen that the unit was parsed and allegedly enabled

```
[root@extraworker-0 NetworkManager]# journalctl  | grep merged | grep -i network
Jan 12 13:45:55 localhost ignition[1049]: INFO     : files: op(7e): [started]  processing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:55 localhost ignition[1049]: INFO     : files: op(7e): op(7f): [started]  writing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" at "/sysroot/etc/systemd/system/etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:55 localhost ignition[1049]: INFO     : files: op(7e): op(7f): [finished] writing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" at "/sysroot/etc/systemd/system/etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:55 localhost ignition[1049]: INFO     : files: op(7e): [finished] processing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:55 localhost ignition[1049]: INFO     : files: op(a3): [started]  setting preset to enabled for "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:55 localhost ignition[1049]: INFO     : files: op(a3): [finished] setting preset to enabled for "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:56 extraworker-0 ignition[1049]: INFO     : files: op(7e): [started]  processing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:56 extraworker-0 ignition[1049]: INFO     : files: op(7e): op(7f): [started]  writing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" at "/sysroot/etc/systemd/system/etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:56 extraworker-0 ignition[1049]: INFO     : files: op(7e): op(7f): [finished] writing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount" at "/sysroot/etc/systemd/system/etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:56 extraworker-0 ignition[1049]: INFO     : files: op(7e): [finished] processing unit "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:56 extraworker-0 ignition[1049]: INFO     : files: op(a3): [started]  setting preset to enabled for "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
Jan 12 13:45:56 extraworker-0 ignition[1049]: INFO     : files: op(a3): [finished] setting preset to enabled for "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
```
Comment 2 Benjamin Gilbert 2022-01-13 20:22:42 UTC 
Complete repro:

{
  "ignition": {
    "version": "3.3.0"
  },
  "storage": {
    "directories": [
      {
        "path": "/etc/NetworkManager/system-connections-merged"
      }
    ]
  },
  "systemd": {
    "units": [
      {
        "contents": "[Mount]\nWhere=/etc/NetworkManager/system-connections-merged\nWhat=tmpfs\nType=tmpfs\n[Install]\nWantedBy=multi-user.target\n",
        "enabled": true,
        "name": "etc-NetworkManager-system\\x2dconnections\\x2dmerged.mount"
      }
    ]
  },
  "passwd": {
    "users": [
      {
        "name": "core",
        "sshAuthorizedKeys": [
          "ssh-rsa ..."
        ]
      }
    ]
  }
}
Comment 3 Benjamin Gilbert 2022-01-13 20:31:15 UTC 
systemd in RHEL 8.4 does not correctly parse singly-escaped unit names in preset files, which are used by Ignition for unit enablement.  This is fixed in RHEL 8.5, and backport to 8.4 was requested in https://bugzilla.redhat.com/show_bug.cgi?id=1952686#c9.

As a workaround, you could rename the mountpoint (and thus the mount unit) to something that doesn't include dashes.
Comment 4 Mat Kowalski 2022-01-14 09:27:43 UTC 
Thanks a lot! Given that we have implemented a solution not depending on this mountpoint, this has no urgency for our team any more. Feel free to close it as a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=1952686 or any other way you handle it internally
Comment 5 Benjamin Gilbert 2022-01-14 17:00:25 UTC 
Great.  Will leave this open as a tracking bug for now.
Comment 7 Micah Abbott 2022-03-08 19:02:08 UTC 
Need to target this as 4.11, so we can track the 8.4.z fix in RHCOS 4.10.z appropriately

I've updated the Depends On field to point to the 8.5 version of the BZ, to indicate that RHCOS 4.11 should have the fix already included when it moves to RHEL 8.6
Comment 9 Timothée Ravier 2022-07-19 16:04:41 UTC 
RHCOS has moved to RHEL 8.6 in 4.11 and the fix has landed in 8.4 thus in 4.10 too now.
Comment 10 HuijingHei 2022-07-20 08:01:29 UTC 
Verify passed with 411.86.202207150124-0

$ cosa run --qemu-image rhcos-411.86.202207150124-0-qemu.x86_64.qcow2 -B fedora-coreos-config/tests/kola/root-reprovision/swap-before-root/config.bu --memory 4096
2022-07-20T07:47:17Z platform/conf: warnings parsing config: warning at $.storage.disks.0.partitions.1.label, line 13 col 18: incorrect partition number; a new partition will be created using reserved label
Red Hat Enterprise Linux CoreOS 411.86.202207150124-0
  Part of OpenShift 4.11, RHCOS is a Kubernetes native operating system
  managed by the Machine Config Operator (`clusteroperator/machine-config`).

WARNING: Direct SSH access to machines is not recommended; instead,
make configuration changes via `machineconfig` objects:
  https://docs.openshift.com/container-platform/4.11/architecture/architecture-rhcos.html

---
[core@cosa-devsh ~]$ rpm -q systemd
systemd-239-58.el8.x86_64
[core@cosa-devsh ~]$ rpm-ostree status
State: idle
Deployments:
● 402f4bed4f73ad9f5be12efa5398d434bd6ddc568552c9456b1a36c173c8a06a
                   Version: 411.86.202207150124-0 (2022-07-15T01:27:45Z)
[core@cosa-devsh ~]$ systemctl status dev-disk-by\\x2dpartlabel-swap.swap
● dev-disk-by\x2dpartlabel-swap.swap - /dev/disk/by-partlabel/swap
   Loaded: loaded (/etc/systemd/system/dev-disk-by\x2dpartlabel-swap.swap; enabled; vendor preset: enabled)
   Active: active since Wed 2022-07-20 07:49:52 UTC; 2min 35s ago
     What: /dev/disk/by-partlabel/swap
    Tasks: 0 (limit: 24504)
   Memory: 64.0K
   CGroup: /system.slice/dev-disk-by\x2dpartlabel-swap.swap

Jul 20 07:49:52 localhost systemd[1]: Activated swap /dev/disk/by-partlabel/swap.
Comment 14 errata-xmlrpc 2022-08-10 10:42:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5069