Issue #8282: dnssec instance creation is racy - freeipa

freeipa

#8282 dnssec instance creation is racy

Closed: invalid 3 years ago by tjaalton. Opened 3 years ago by tjaalton.

I need to do this on Debian in order to verify that the instance is up before ods_policy_import:

--- a/ipaserver/install/opendnssecinstance.py
+++ b/ipaserver/install/opendnssecinstance.py
@@ -306,6 +306,9 @@ class OpenDNSSECInstance(service.Service):

     def __start(self):
         self.restart()  # needed to reload conf files
+        import time
+        while not os.path.exists('/run/opendnssec/enforcer.sock'):
+            time.sleep(1)
         tasks.run_ods_policy_import()
         if self.kasp_db_file:
             # regenerate zonelist.xml

cheimes commented 3 years ago

IMHO this is the wrong approach. The ods-enforcerd.service should perform the wait operation and not signal readiness unless the socket is available.

[Service]
ExecStartPost=/bin/bash -c 'while [ ! -S /run/opendnssec/enforcer.sock ]; do sleep 0.5; done'

tjaalton commented 3 years ago

hmm right, didn't think of that

Metadata Update from @tjaalton:
- Issue close_status updated to: invalid
- Issue status updated to: Closed (was: Open)

3 years ago

cheimes commented 3 years ago

I have filed https://bugzilla.redhat.com/show_bug.cgi?id=1826233

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

Milestone

None

affects_doc

None

source

None

knownissue

None

type

None

blockedby

None

test_case

None

component

None

blocking

None

on_review

None

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

None

tester

None

changelog

None

design

None

freeipa

Source Code

#8282 dnssec instance creation is racy Closed: invalid 3 years ago by tjaalton. Opened 3 years ago by tjaalton.

Metadata

#8282 dnssec instance creation is racy

Closed: invalid 3 years ago by tjaalton. Opened 3 years ago by tjaalton.