Bug 2372533 - Use `systemctl kill` in logrotate postrotate script
Summary: Use `systemctl kill` in logrotate postrotate script
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: sssd
Version: 43
Hardware: Unspecified
OS: Linux
unspecified
low
Target Milestone: ---
Assignee: Alejandro López
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-06-12 18:15 UTC by Marcos Mello
Modified: 2026-05-07 09:27 UTC (History)
8 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2026-05-07 09:13:53 UTC
Type: ---
Embargoed:
aboscatt: mirror+


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FC-1762 0 None None None 2025-06-30 21:22:09 UTC

Description Marcos Mello 2025-06-12 18:15:59 UTC
`systemctl kill` leverages systemd's knowledge of the daemon's main PID, eliminating the need to rely on PID files or external tools like `killall` or `pkill`. This ensures precise signal sending to the intended process, reducing the risk of errors in process identification. Additionally, using `systemctl kill` logs the signal sending in the service's journal, providing a record of actions taken. Requires selinux-policy-41.43 or higher (see https://bugzilla.redhat.com/show_bug.cgi?id=2369644), available as an update for F41, F42, and Rawhide.

https://bodhi.fedoraproject.org/updates/FEDORA-2025-eb98eb9e24 (F41 -- will go to stable in a few days)
https://bodhi.fedoraproject.org/updates/FEDORA-2025-f9f097f491 (F42 -- stable)
https://bodhi.fedoraproject.org/updates/FEDORA-2025-3db4c0ec1c (Rawhide)

The logrotate configuration snippet:

# cat /etc/logrotate.d/sssd
/var/log/sssd/*.log {
    weekly
    missingok
    notifempty
    sharedscripts
    rotate 2
    compress
    delaycompress
    su sssd sssd
    postrotate
        /bin/kill -HUP `cat /run/sssd/sssd.pid 2>/dev/null` 2> /dev/null || true
        /bin/pkill -HUP sssd_kcm 2> /dev/null || true
    endscript
}

In the postrotate script, kill and pkill can be replaced by:

/usr/bin/systemctl kill --signal=HUP --kill-whom=main sssd.service sssd-kcm.service 2>/dev/null || true

Because:

# systemctl show -P MainPID sssd.service
1225
# cat /run/sssd/sssd.pid
1225

# systemctl show -P MainPID sssd-kcm.service
1447
# pgrep sssd_kcm
1447

Reproducible: Always




Additional Information:
sssd-common-2.11.0-1.fc42.x86_64

Comment 1 Fedora Release Engineering 2026-05-06 13:13:34 UTC
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, change the 'version' 
to a later Fedora Linux version. Note that the version field may be hidden.
Click the "Show advanced fields" button if you do not see it.

Thank you for reporting this issue and we are sorry that we were not 
able to fix it before Fedora Linux 42 is end of life. If you would still like 
to see this bug fixed and are able to reproduce it against a later version 
of Fedora Linux, you are encouraged to change the 'version' to a later version
prior to this bug being closed.

Comment 2 Alejandro López 2026-05-07 09:13:53 UTC
SSSD is expeted to work also on non-systemd systems.

Comment 3 Lukas Slebodnik 2026-05-07 09:26:36 UTC
> SSSD is expeted to work also on non-systemd systems.

That might be true fro upstream sssd.
But this issue is reported to fedora and one cannot install fedora without systemd.

Therefore re-opening.


Note You need to log in before you can comment on or make changes to this bug.