389-ds-base

Clone
Source Code
GIT

#49860 Ticket 49854 - ns-slapd should create run_dir and lock_dir directories at startup
Closed 3 years ago by spichugi. Opened 5 years ago by mreynolds.
mreynolds/389-ds-base ticket49854  into  master

file modified
+1 
@@ -40,6 +40,7 @@ 
 

  inst_dir = @serverdir@/slapd-{instance_name}
 

  plugin_dir = @serverplugindir@
 

  system_schema_dir = @systemschemadir@
 

+ tmpfiles_d = @with_tmpfiles_d@
 

  

  ; These values can be altered in an installation of ds
 

  user = dirsrv

file modified
+2 -1 
@@ -7,7 +7,7 @@ 
 

  

      # You can get any variable from the list bellow. Like this:
 

      product = standalone.ds_paths.product
 

-      

+ 

      variables = [
 

          'product',
 

          'version',
 
@@ -33,6 +33,7 @@ 
 

          'backup_dir',
 

          'ldif_dir',
 

          'initconfig_dir',
 

+         'tmpfiles_d',
 

      ]
 

  

  Module documentation

file modified
+1 
@@ -35,6 +35,7 @@ 
 

      remove_paths['lock_dir'] = dirsrv.ds_paths.lock_dir
 

      remove_paths['log_dir'] = dirsrv.ds_paths.log_dir
 

      # remove_paths['run_dir'] = dirsrv.ds_paths.run_dir
 

+     remove_paths['tmpfiles_d'] = dirsrv.ds_paths.tmpfiles_d + "/dirsrv-" + dirsrv.serverid + ".conf"
 

  

      marker_path = "%s/sysconfig/dirsrv-%s" % (dirsrv.ds_paths.sysconf_dir, dirsrv.serverid)

file modified
+8 
@@ -636,6 +636,14 @@ 
 

                                      "enable",
 

                                      "dirsrv@%s" % slapd['instance_name']])
 

  

+         # Setup tmpfiles_d
 

+         tmpfile_d = ds_paths.tmpfiles_d + "/dirsrv-" + slapd['instance_name'] + ".conf"
 

+         with open(tmpfile_d, "w") as TMPFILE_D:
 

+             TMPFILE_D.write("d {} 0770 {} {}\n".format(slapd['run_dir'], slapd['user'], slapd['group']))
 

+             TMPFILE_D.write("d {} 0770 {} {}\n".format(slapd['lock_dir'].replace("slapd-" + slapd['instance_name'], ""),
 

+                                                        slapd['user'], slapd['group']))
 

+             TMPFILE_D.write("d {} 0770 {} {}\n".format(slapd['lock_dir'], slapd['user'], slapd['group']))
 

+ 

          # Else we need to detect other init scripts?
 

  

          # Bind sockets to our type?

file modified
+1 
@@ -60,6 +60,7 @@ 
 

      'backup_dir',
 

      'ldif_dir',
 

      'initconfig_dir',
 

+     'tmpfiles_d',
 

  ]
 

  

  # will need to add the access, error, audit log later.

Description: dscreate was not creating its config file in /etc/tmpfiles.d/ like
setup-ds.pl used to do. The absence of this config file prevented
the server from being started afetr a reboot.

https://pagure.io/389-ds-base/issue/49854

Reviewed by: ?

If using prefixed install, then tmpfiles directory won't be picked up by systemd-tmpfiles-setup service, since it looks only in these directories:

       /etc/tmpfiles.d/*.conf
       /run/tmpfiles.d/*.conf
       /usr/lib/tmpfiles.d/*.conf

       ~/.config/user-tmpfiles.d/*.conf
       $XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf
       ~/.local/share/user-tmpfiles.d/*.conf
       ...
       /usr/share/user-tmpfiles.d/*.conf

as listed in https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html

rebased onto 780021d79c453309172a9a0a05299e81303b7e1b
5 years ago

Thanks @vashirov , changes made, please review...

LGTM, thanks!

rebased onto dd18389
5 years ago

Pull-Request has been merged by mreynolds
5 years ago

Hey, this isn't the fix. The point is that content on /run maybe destroyed at any time.

We should not be relying on lib389 to provide supporting content for ns-slapd.

The fix is that ns-slapd should only need a dse.ldif, and then it should make every other resource it requires. This is critical for newer systemd, tmpfs /run, and containers that don't always ship with state provided.

I would like this to be rolled back, and the fix should be in ns-slapd after dse.ldif is read, we should make all the directory paths we require, with the correct permissions.

Thanks,

Ahh okay. I'll work on this shortly...

@mreynolds Thanks, there is a longer justification on the mailing list. Really appreciate your help with this :)

@mreynolds Thanks, there is a longer justification on the mailing list. Really appreciate your help with this :)

Absolutely! Nice catch! I forgot about containers in this regard, just like we are not going to use upgrade scripts anymore - ns-slapd has to do it all. I'll get to it soon!

Great! Maybe I should get you to do nothing but containers for a few months ;)

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This pull request has been cloned to Github as issue and is available here:
- https://github.com/389ds/389-ds-base/issues/2919

If you want to continue to work on the PR, please navigate to the github issue,
download the patch from the attachments and file a new pull request.

Thank you for understanding. We apologize for all inconvenience.

Pull-Request has been closed by spichugi
3 years ago
Metadata
None
No Tags
Changes Summary 5
+1 -0
file changed
ldap/admin/src/defaults.inf.in
+2 -1
file changed
src/lib389/doc/source/paths.rst
+1 -0
file changed
src/lib389/lib389/instance/remove.py
+8 -0
file changed
src/lib389/lib389/instance/setup.py
+1 -0
file changed
src/lib389/lib389/paths.py
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.