Description of problem: gssproxy.service fails to start when / is read-only. It is obviously a problem when trying to recover from a file system issue. $ touch /var/tmp/foo touch: cannot touch '/var/tmp/foo': Read-only file system $ sudo systemctl start gssproxy Job for gssproxy.service failed because the control process exited with error code. See "systemctl status gssproxy.service" and "journalctl -xe" for details. Some debugging reveals that no socket is in use, but gssproxy fails to unlink /var/lib/gssproxy/default.sock. # strace -f /usr/sbin/gssproxy -D ... [pid 868] unlink("/var/lib/gssproxy/default.sock") = -1 EROFS (Read-only file system) [pid 868] umask(0111) = 0177 [pid 868] socket(AF_UNIX, SOCK_STREAM, 0) = 7 [pid 868] bind(7, {sa_family=AF_UNIX, sun_path="/var/lib/gssproxy/default.sock"}, 110) = -1 EADDRINUSE (Address already in use) ... [pid 868] writev(2, [{iov_base="gssproxy[868]: Failed to create "..., iov_len=72}, {iov_base="\n", iov_len=1}], 2gssproxy[868]: Failed to create Unix Socket! (98:Address already in use) Please just move the socket to /run. That's what /run is for. (A static symlink from /var/lib/gssproxy would be fine to keep backwards compat.) Version-Release number of selected component (if applicable): gssproxy-0.8.3-1.fc33.x86_64 How reproducible: Deterministic Steps to Reproduce: 1. Make /var/log read-only, either by not remounting the filesystems rw, or by using udev.blockdev-read-only with systemd-246+ 2. Try to start sssd
This bug appears to have been reported against 'rawhide' during the Fedora 33 development cycle. Changing version to 33.
Tentative solution here, would this work? https://src.fedoraproject.org/rpms/gssproxy/pull-request/1
I think so. Longer reply in the pull request.