Bug 973697

Summary: No way to restart auditd
Product: [Fedora] Fedora Reporter: Zing <zing>
Component: auditAssignee: Steve Grubb <sgrubb>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 18CC: sgrubb
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-14 14:58:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Zing 2013-06-12 14:00:34 UTC 
Description of problem:
It's not possible to restart auditd:

# systemctl restart auditd
Failed to issue method call: Operation refused, unit auditd.service may be requested by dependency only.

I tried the restart legacy script:
/usr/libexec/initscripts/legacy-actions/auditd/restart

but that killed the auditd daemon and then it fails to start the auditd daemon afterwards, leaving no auditd daemon running on the system now.

Version-Release number of selected component (if applicable):
audit-2.3.1-2.fc18.x86_64

How reproducible:
All the time

Steps to Reproduce:
1. $ systemctl restart auditd

Actual results:
Failed to issue method call: Operation refused, unit auditd.service may be requested by dependency only.


Expected results:
restart auditd daemon
Comment 1 Zing 2013-06-12 14:03:42 UTC 
It's this line in the systemd auditd.service file:

RefuseManualStop=yes

I commented that out.
Comment 2 Steve Grubb 2013-06-12 21:12:27 UTC 
The audit daemon must be controlled from the service command. It will decide which commands can be sent to systemctl and which ones are supported by legacy actions. So, you should do:

service auditd restart

Unfortunately, it has to be this way.
Comment 3 Zing 2013-06-13 15:22:59 UTC 
Hmmm.  Ok.   But the service legacy restart seems to have a timing issue.  It succeeds if you try again.  If I put a short delay between stopping and restarting the daemon, it seems to be "ok".
Comment 4 Steve Grubb 2013-09-14 14:58:07 UTC 
A "sleep 1" statement was added between stop and start. This was fixed in audit-2.3.2-1.