967023 – oddjobd is not started by realmd

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 967023 - oddjobd is not started by realmd

Summary: oddjobd is not started by realmd

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	realmd
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Stef Walter
QA Contact:	David Spurek
Docs Contact:
URL:
Whiteboard:
Depends On:	964971 967025
Blocks:
TreeView+	depends on / blocked

Reported:	2013-05-24 14:28 UTC by Patrik Kis
Modified:	2015-03-02 05:27 UTC (History)
CC List:	5 users (show)
Fixed In Version:	realmd-0.14.2-1
Doc Type:	Bug Fix
Doc Text:
Clone Of:	964971
Environment:
Last Closed:	2014-06-13 11:17:03 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
FreeDesktop.org	64903	0	None	None	None	Never

Description Patrik Kis 2013-05-24 14:28:05 UTC

+++ This bug was initially created as a clone of Bug #964971 +++

Description of problem:
oddjobd is being enabled during realm join but not started
Note, that oddjobd cannot be started through d-bus as it is probably expected, as stated in bug 963722, so it is necessary to start it as normal service.

Version-Release number of selected component (if applicable):
realmd-0.14.1-1.fc19
oddjob-0.31.4-1.fc19
authconfig-6.2.6-3.fc19

How reproducible:
always

Steps to Reproduce:
# realm -v join -U Bender-admin ad.baseos.qe
 * Resolving: _ldap._tcp.dc._msdcs.ad.baseos.qe
 * Sending MS-CLDAP ping to: 10.34.25.20
 * Successfully discovered: ad.baseos.qe
Password for Bender-admin: 
 * Required files: /usr/sbin/sssd, /usr/bin/net
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.I269WW -U Bender-admin ads join ad.baseos.qe createupn
Enter Bender-admin's password:
^[[ADNS update failed: NT_STATUS_UNSUCCESSFUL
Using short domain name -- AD
Joined 'PKIS' to dns domain 'ad.baseos.qe'
DNS Update for pkis.ipa.baseos.qe failed: ERROR_DNS_UPDATE_FAILED
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.I269WW -U Bender-admin ads keytab create
Enter Bender-admin's password:
 * /usr/bin/systemctl enable sssd.service
ln -s '/usr/lib/systemd/system/sssd.service' '/etc/systemd/system/multi-user.target.wants/sssd.service'
 * /usr/bin/systemctl restart sssd.service
 * /usr/bin/sh -c /usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable sssd.service
 * Successfully enrolled machine in realm

# ps -ef |grep oddjo
root      4698  1268  0 10:22 pts/0    00:00:00 grep --color=auto oddjo
# systemctl list-unit-files |grep oddjob
oddjobd.service                             enabled 


The problem is probably here, with --nostart:

 * /usr/bin/sh -c /usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable sssd.service

and only sssd is started afterwards.

--- Additional comment from Stef Walter on 2013-05-24 06:41:30 EDT ---

Patch available upstream.

Comment 4 Stef Walter 2013-09-20 12:34:15 UTC

It's pretty dumb that oddjobd doesn't start automatically when used even when enabled. It's a DBus service :S

Comment 5 Stef Walter 2013-09-20 12:45:25 UTC

Can you try this build?

http://brewweb.devel.redhat.com/brew/taskinfo?taskID=6307918

Comment 6 David Spurek 2013-09-24 14:19:36 UTC

(In reply to Stef Walter from comment #5)
> Can you try this build?
> 
> http://brewweb.devel.redhat.com/brew/taskinfo?taskID=6307918

oddjob service is still not stared after join to AD server

Comment 7 Stef Walter 2013-09-24 14:30:04 UTC

1. Please provide the --verbose output of the join
2. Could you also post the contents of /usr/lib64/realmd/realmd-distro.conf
3. Did you restart realmd before trying the new build?

Comment 8 David Spurek 2013-09-24 14:41:07 UTC

realmd service was restarted.

verbose output of join:

realm -v join --user=Amy-admin ad.baseos.qe
 * Resolving: _ldap._tcp.ad.baseos.qe
 * Performing LDAP DSE lookup on: 2620:52:0:2223::1:1
 ! Can't contact LDAP server
 * Performing LDAP DSE lookup on: 2620:52:0:2223:1dfe:a8ea:f0d8:380c
 * Performing LDAP DSE lookup on: 2001:db8:ee8c:180:1dfe:a8ea:f0d8:380c
 ! Can't contact LDAP server
 * Performing LDAP DSE lookup on: 10.34.37.22
 ! Can't contact LDAP server
 * Successfully discovered: ad.baseos.qe
Password for Amy-admin: 
 * Required files: /usr/sbin/oddjobd, /usr/libexec/oddjob/mkhomedir, /usr/sbin/sssd, /usr/bin/net
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.VUUA4W -U Amy-admin ads join ad.baseos.qe
Enter Amy-admin's password:
Using short domain name -- AD
Joined 'RHEL7-20-8' to dns domain 'ad.baseos.qe'
 * LANG=C LOGNAME=root /usr/bin/net -s /var/cache/realmd/realmd-smb-conf.VUUA4W -U Amy-admin ads keytab create
Enter Amy-admin's password:
 * /usr/bin/systemctl enable sssd.service
ln -s '/usr/lib/systemd/system/sssd.service' '/etc/systemd/system/multi-user.target.wants/sssd.service'
 * /usr/bin/systemctl restart sssd.service
 * /usr/bin/sh -c /usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable oddjobd.service
 * Successfully enrolled machine in realm


cat /usr/lib64/realmd/realmd-distro.conf
# Distro specific overrides for redhat
[paths]
smb.conf = /etc/samba/smb.conf

[samba-packages]
samba-common = /usr/bin/net

[winbind-packages]
samba-winbind = /usr/sbin/winbindd
samba-winbind-clients = /usr/bin/wbinfo
oddjob = /usr/sbin/oddjobd
oddjob-mkhomedir = /usr/libexec/oddjob/mkhomedir

[sssd-packages]
sssd = /usr/sbin/sssd
oddjob = /usr/sbin/oddjobd
oddjob-mkhomedir = /usr/libexec/oddjob/mkhomedir

[adcli-packages]
adcli = /usr/sbin/adcli

[ipa-packages]
ipa-client = /usr/sbin/ipa-client-install

[commands]
winbind-enable-logins = /usr/bin/sh -c "/usr/sbin/authconfig --update --enablewinbind --enablewinbindauth --enablemkhomedir --nostart && /usr/bin/systemctl enable oddjobd.service && /usr/bin/systemctl start oddjobd.service"
winbind-disable-logins = /usr/sbin/authconfig --update --disablewinbind --disablewinbindauth --nostart
winbind-enable-service = /usr/bin/systemctl enable winbind.service
winbind-disable-service = /usr/bin/systemctl disable winbind.service
winbind-restart-service = /usr/bin/systemctl restart winbind.service
winbind-stop-service = /usr/bin/systemctl stop winbind.service

sssd-enable-logins = /usr/bin/sh -c "/usr/sbin/authconfig --update --enablesssd --enablesssdauth --enablemkhomedir --nostart && /usr/bin/systemctl enable oddjobd.service"
sssd-disable-logins = /usr/sbin/authconfig --update --disablesssdauth --nostart
sssd-enable-service = /usr/bin/systemctl enable sssd.service
sssd-disable-service = /usr/bin/systemctl disable sssd.service
sssd-restart-service = /usr/bin/systemctl restart sssd.service
sssd-stop-service = /usr/bin/systemctl stop sssd.service
sssd-caches-flush = /usr/sbin/sss_cache --users --groups --netgroups --services --autofs-maps

# Fedora and RHEL have libnss_sss in place by default, this is no longer needed
name-caches-flush =

Comment 9 Stef Walter 2013-09-24 15:09:43 UTC

Thanks. That makes sense. Could you try out this build:

http://brewweb.devel.redhat.com/brew/taskinfo?taskID=6322555

Comment 10 David Spurek 2013-09-25 06:42:52 UTC

This build looks fine, oddjob service is started and enabled after IPA and AD join. In which realmd version will be this fix included?

Comment 14 Ludek Smid 2014-06-13 11:17:03 UTC

This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.