As a FreeIPA admin , I want the /etc/tmpfiles.d entry to be updated so that the service does not fail to start on other architectures (CentOS 8 Stream aarch64).
By default the FreeIPA installer creates a /etc/tmpfiles.d entry for the 389 dirsrv lock and run files. The config file specifies that directories are created in the /var/run and /var/lock directories. These directories are deprecated in favor of /run and /run/lock respectively. On x86_64, this works fine, even though they are deprecated. However, on aarch64 architecture, the system will not create temp directories for /var/lock, which causes the dirsrv service to fail startup, and the ipa service to fail to start. These entries should be updated for all archtectures to /run and /run/lock.
The IPA service fails to start, as the /var/lock directories are not created on reboot.
The IPA service should start, and the /var/lock (/run/lock) directories should exist.
ipa-server-4.9.6-6.module_el8.5.0+948+b8187ba6.aarch64 ipa-client-4.9.6-6.module_el8.5.0+948+b8187ba6.aarch64 389-ds-base-1.4.3.23-7.module_el8.5.0+889+90e0384f.aarch64 pki-ca-10.11.2-2.module_el8.5.0+945+a81e57da.noarch krb5-server-1.18.2-14.el8.aarch64
Relevant log info from service startup: Nov 1 11:53:24 freeipa1 ns-slapd[682]: Error - Problem accessing the lockfile /var/lock/dirsrv/slapd-ID-0X424B-COM/lock Nov 1 11:53:24 freeipa1 ns-slapd[682]: [01/Nov/2021:11:53:24.073344006 -0700] - CRIT - main - Shutting down due to possible conflicts with other slapd processes Nov 1 11:53:25 freeipa1 systemd[1]: dirsrv@ID-0X424B-COM.service: Main process exited, code=exited, status=1/FAILURE Nov 1 11:53:25 freeipa1 systemd[1]: dirsrv@ID-0X424B-COM.service: Failed with result 'exit-code'. Nov 1 11:53:25 freeipa1 systemd[1]: Failed to start 389 Directory Server ID-0X424B-COM.. Nov 1 11:53:25 freeipa1 ipactl[318]: Failed to start Directory Service: CalledProcessError(Command ['/bin/systemctl', 'start', 'dirsrv@ID-0X424B-COM.service'] returned non-zero exit status 1)
=============================== /etc/tmpfiles.d entry by default that causes failure:
d /var/run/dirsrv 0770 dirsrv dirsrv d /var/lock/dirsrv/ 0770 dirsrv dirsrv d /var/lock/dirsrv/slapd-ID-0X424B-COM 0770 dirsrv dirsrv
=============================== /etc/tmpfiles.d entry modified that results in successful service startup:
d /var/run/dirsrv 0770 dirsrv dirsrv d /run/lock/dirsrv/ 0770 dirsrv dirsrv d /run/lock/dirsrv/slapd-ID-0X424B-COM 0770 dirsrv dirsrv
These are files created by the 389-ds installation script. Moving to their issue tracker.
https://github.com/389ds/389-ds-base/issues/4977
Metadata Update from @rcritten: - Issue close_status updated to: invalid - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.