Bug 967023 - oddjobd is not started by realmd
oddjobd is not started by realmd
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: realmd (Show other bugs)
7.0
Unspecified Unspecified
medium Severity medium
: rc
: ---
Assigned To: Stef Walter
David Spurek
:
Depends On: 964971 967025
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-24 10:28 EDT by Patrik Kis
Modified: 2015-03-02 00:27 EST (History)
5 users (show)

See Also:
Fixed In Version: realmd-0.14.2-1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 964971
Environment:
Last Closed: 2014-06-13 07:17:03 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
FreeDesktop.org 64903 None None None Never

  None (edit)
Description Patrik Kis 2013-05-24 10:28:05 EDT
+++ This bug was initially created as a clone of Bug #964971 +++

Description of problem:
oddjobd is being enabled during realm join but not started
Note, that oddjobd cannot be started through d-bus as it is probably expected, as stated in bug 963722, so it is necessary to start it as normal service.

Version-Release number of selected component (if applicable):
realmd-0.14.1-1.fc19
oddjob-0.31.4-1.fc19
authconfig-6.2.6-3.fc19

How reproducible:
always

Steps to Reproduce:
# realm -v join -U Bender-admin ad.baseos.qe
 * Resolving: _ldap._tcp.dc._msdcs.ad.baseos.qe
 * Sending MS-CLDAP ping to: 10.34.25.20
 * Successfully discovered: ad.baseos.qe
Password for Bender-admin: 
 * Required files: /usr/sbin/sssd, /usr/bin/net
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.I269WW -U Bender-admin ads join ad.baseos.qe createupn
Enter Bender-admin's password:
^[[ADNS update failed: NT_STATUS_UNSUCCESSFUL
Using short domain name -- AD
Joined 'PKIS' to dns domain 'ad.baseos.qe'
DNS Update for pkis.ipa.baseos.qe failed: ERROR_DNS_UPDATE_FAILED
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.I269WW -U Bender-admin ads keytab create
Enter Bender-admin's password:
 * /usr/bin/systemctl enable sssd.service
ln -s '/usr/lib/systemd/system/sssd.service' '/etc/systemd/system/multi-user.target.wants/sssd.service'
 * /usr/bin/systemctl restart sssd.service
 * /usr/bin/sh -c /usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable sssd.service
 * Successfully enrolled machine in realm

# ps -ef |grep oddjo
root      4698  1268  0 10:22 pts/0    00:00:00 grep --color=auto oddjo
# systemctl list-unit-files |grep oddjob
oddjobd.service                             enabled 


The problem is probably here, with --nostart:

 * /usr/bin/sh -c /usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable sssd.service

and only sssd is started afterwards.

--- Additional comment from Stef Walter on 2013-05-24 06:41:30 EDT ---

Patch available upstream.
Comment 4 Stef Walter 2013-09-20 08:34:15 EDT
It's pretty dumb that oddjobd doesn't start automatically when used even when enabled. It's a DBus service :S
Comment 5 Stef Walter 2013-09-20 08:45:25 EDT
Can you try this build?

http://brewweb.devel.redhat.com/brew/taskinfo?taskID=6307918
Comment 6 David Spurek 2013-09-24 10:19:36 EDT
(In reply to Stef Walter from comment #5)
> Can you try this build?
> 
> http://brewweb.devel.redhat.com/brew/taskinfo?taskID=6307918

oddjob service is still not stared after join to AD server
Comment 7 Stef Walter 2013-09-24 10:30:04 EDT
1. Please provide the --verbose output of the join
2. Could you also post the contents of /usr/lib64/realmd/realmd-distro.conf
3. Did you restart realmd before trying the new build?
Comment 8 David Spurek 2013-09-24 10:41:07 EDT
realmd service was restarted.

verbose output of join:

realm -v join --user=Amy-admin ad.baseos.qe
 * Resolving: _ldap._tcp.ad.baseos.qe
 * Performing LDAP DSE lookup on: 2620:52:0:2223::1:1
 ! Can't contact LDAP server
 * Performing LDAP DSE lookup on: 2620:52:0:2223:1dfe:a8ea:f0d8:380c
 * Performing LDAP DSE lookup on: 2001:db8:ee8c:180:1dfe:a8ea:f0d8:380c
 ! Can't contact LDAP server
 * Performing LDAP DSE lookup on: 10.34.37.22
 ! Can't contact LDAP server
 * Successfully discovered: ad.baseos.qe
Password for Amy-admin: 
 * Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.VUUA4W -U Amy-admin ads join ad.baseos.qe
Enter Amy-admin's password:
Using short domain name -- AD
Joined 'RHEL7-20-8' to dns domain 'ad.baseos.qe'
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.VUUA4W -U Amy-admin ads keytab create
Enter Amy-admin's password:
 * /usr/bin/systemctl enable sssd.service
ln -s '/usr/lib/systemd/system/sssd.service' '/etc/systemd/system/multi-user.target.wants/sssd.service'
 * /usr/bin/systemctl restart sssd.service
 * /usr/bin/sh -c /usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable oddjobd.service
 * Successfully enrolled machine in realm


cat /usr/lib64/realmd/realmd-distro.conf
# Distro specific overrides for redhat
[paths]
smb.conf = /etc/samba/smb.conf

[samba-packages]
samba-common = /usr/bin/net

[winbind-packages]
samba-winbind = /usr/sbin/winbindd
samba-winbind-clients = /usr/bin/wbinfo
oddjob = /usr/sbin/oddjobd
oddjob-mkhomedir = /usr/libexec/oddjob/mkhomedir

[sssd-packages]
sssd = /usr/sbin/sssd
oddjob = /usr/sbin/oddjobd
oddjob-mkhomedir = /usr/libexec/oddjob/mkhomedir

[adcli-packages]
adcli = /usr/sbin/adcli

[ipa-packages]
ipa-client = /usr/sbin/ipa-client-install

[commands]
winbind-enable-logins = /usr/bin/sh -c "/usr/sbin/authconfig --update --enablewinbind --enablewinbindauth --enablemkhomedir --nostart && /usr/bin/systemctl enable oddjobd.service && /usr/bin/systemctl start oddjobd.service"
winbind-disable-logins = /usr/sbin/authconfig --update --disablewinbind --disablewinbindauth --nostart
winbind-enable-service = /usr/bin/systemctl enable winbind.service
winbind-disable-service = /usr/bin/systemctl disable winbind.service
winbind-restart-service = /usr/bin/systemctl restart winbind.service
winbind-stop-service = /usr/bin/systemctl stop winbind.service

sssd-enable-logins = /usr/bin/sh -c "/usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable oddjobd.service"
sssd-disable-logins = /usr/sbin/authconfig --update --disablesssdauth --nostart
sssd-enable-service = /usr/bin/systemctl enable sssd.service
sssd-disable-service = /usr/bin/systemctl disable sssd.service
sssd-restart-service = /usr/bin/systemctl restart sssd.service
sssd-stop-service = /usr/bin/systemctl stop sssd.service
sssd-caches-flush = /usr/sbin/sss_cache --users --groups --netgroups --services --autofs-maps

# Fedora and RHEL have libnss_sss in place by default, this is no longer needed
name-caches-flush =
Comment 9 Stef Walter 2013-09-24 11:09:43 EDT
Thanks. That makes sense. Could you try out this build:

http://brewweb.devel.redhat.com/brew/taskinfo?taskID=6322555
Comment 10 David Spurek 2013-09-25 02:42:52 EDT
This build looks fine, oddjob service is started and enabled after IPA and AD join. In which realmd version will be this fix included?
Comment 14 Ludek Smid 2014-06-13 07:17:03 EDT
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.