[Bug 804454] New: NSCD daemon must be reloaded after changing config file in YaST2
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c0 Summary: NSCD daemon must be reloaded after changing config file in YaST2 Classification: openSUSE Product: openSUSE 12.3 Version: RC 1 Platform: Other OS/Version: Other Status: NEW Severity: Minor Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: joschibrauchle@gmx.de QAContact: jsrain@suse.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.70 Safari/537.17 When installing SSSD along with NSCD, YaST correctly changes the NSCD config file /etc/nscd.conf to disable caching if passwd & group entries, as this would interfere with SSSD (see bnc#789277). Unfortunately, NSCD seems to already be running at this point in time, thus is does not respect the changed configuration file. A "rcnscd reload" or systemd equivalent is needed to make NSCD aware of this change. See attached screenshot. Otherwise, the system will not be in the correct state after finishing the installation. A reboot of course will help, as the NSCD restarts and respects the new config. Reproducible: Always Steps to Reproduce: 1. Active SSSD along with NSCD 2. check "nscd --statistics" after installation finishes Actual Results: NSCD still caches passwd and group, although configured differently in config file Expected Results: NSCD is in correct state w.r.t. config file -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c1 --- Comment #1 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-02-19 15:05:51 UTC --- Created an attachment (id=525278) --> (http://bugzilla.novell.com/attachment.cgi?id=525278) Statistics and config of NSCD -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c Xiaolong Li <xlli@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |xlli@suse.com AssignedTo|bnc-team-screening@forge.pr |kukuk@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c Xiaolong Li <xlli@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kukuk@suse.com |yast2-maintainers@suse.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c3 Jiří Suchomel <jsuchome@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |joschibrauchle@gmx.de --- Comment #3 from Jiří Suchomel <jsuchome@suse.com> 2013-04-17 10:05:51 UTC --- YaST LDAP Client actually calls rcnscd try-restart this should be enough, I assume. Do you have y2logs so we can see if it was called? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c4 --- Comment #4 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-17 11:40:33 UTC --- Please see y2logs attached. As far as I can see, nscd is *not* being restarted. Here is the snipped from ldap auto: ---------------- 2013-04-17 07:04:00 <1> lab16(4529) [YCP] clients/inst_autoconfigure.ycp:144 current resource: ldap 2013-04-17 07:04:00 <1> lab16(4529) [YCP] clients/inst_autoconfigure.ycp:155 Writing configuration for ldap 2013-04-17 07:04:00 <1> lab16(4529) [YCP] clients/inst_autoconfigure.ycp:190 Calling auto client with: $["create_ldap":false, "file_server":false, "krb5_kdcip":"gemini.lnt.ei.tum.de", "krb5_realm":"LNT.EI.TUM.DE", "ldap_domain":"ou=users,dc=lnt,dc=ei,dc=tum,dc=de", "ldap_server":"gemini.lnt.ei.tum.de", "ldap_tls":false, "login_enabled":true, "member_attribute":"member", "mkhomedir":false, "nss_base_group":"ou=groups,dc=lnt,dc=ei,dc=tum,dc=de", "nss_base_passwd":"ou=users,dc=lnt,dc=ei,dc=tum,dc=de", "nss_base_shadow":"ou=users,dc=lnt,dc=ei,dc=tum,dc=de", "pam_password":"exop", "sssd":true, "sssd_ldap_schema":"rfc2307", "sssd_with_krb":true, "start_autofs":true, "start_ldap":true, "tls_cacertfile":"/etc/ssl/certs/LNT-CA.pem"] 2013-04-17 07:04:00 <1> lab16(4529) [YCP] clients/inst_autoconfigure.ycp:41 current step: 13 desc:Configuring ldap 2013-04-17 07:04:01 <1> lab16(4529) [wfm] Y2CCWFM.cc(createInLevel):148 Parsing finished 2013-04-17 07:04:01 <1> lab16(4529) [Interpreter] clients/ldap_auto.ycp:127 Calling YaST client ldap_auto 2013-04-17 07:04:01 <1> lab16(4529) [YCP] clients/ldap_auto.ycp:45 ---------------------------------------- 2013-04-17 07:04:01 <1> lab16(4529) [YCP] clients/ldap_auto.ycp:46 Ldap auto started 2013-04-17 07:04:01 <3> lab16(4529) [agent-ini] IniFile.cc(delValue):993 Delete: Invalid path .v."/etc/ldap.conf"."host" [1] 2013-04-17 07:04:01 <1> lab16(4529) [YCP] Ldap.ycp:2229 file /etc/openldap/ldap.conf was modified 2013-04-17 07:04:01 <3> lab16(4529) [bash] ShellCommand.cc(shellcommand):78 ln -s '/usr/lib/systemd/system/autofs.service' '/etc/systemd/system/multi-user.target.wants/autofs.service' 2013-04-17 07:04:01 <3> lab16(4529) [bash] ShellCommand.cc(shellcommand):78 ln -s '/usr/lib/systemd/system/sssd.service' '/etc/systemd/system/multi-user.target.wants/sssd.service' 2013-04-17 07:04:01 <1> lab16(4529) [YCP] clients/ldap_auto.ycp:126 Ldap auto finished 2013-04-17 07:04:01 <1> lab16(4529) [YCP] clients/ldap_auto.ycp:127 ---------------------------------------- 2013-04-17 07:04:01 <1> lab16(4529) [Interpreter] clients/ldap_auto.ycp:127 Called YaST client returned. ---------------- I have a post script running at 07:04:27 that will restart NSCD, hence the restart entries in /var/log/messages at that time. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c5 Joschi Brauchle <joschibrauchle@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW InfoProvider|joschibrauchle@gmx.de | --- Comment #5 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-17 11:42:10 UTC --- Created an attachment (id=535545) --> (http://bugzilla.novell.com/attachment.cgi?id=535545) y2logs -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c6 --- Comment #6 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-17 11:47:51 UTC --- It looks like /var/log/messages is not part of the saved y2logs. So at the time where the ldap auto client is running, there is no incident showing that nscd was restarted, see: --------------- 2013-04-17T07:04:01.703167+02:00 linux systemd[1]: Reloading. 2013-04-17T07:04:24.382621+02:00 linux systemd[1]: last message repeated 5 times 2013-04-17T07:04:24.382557+02:00 linux sntp[8992]: Started sntp 2013-04-17T07:04:24.380370+02:00 linux sntp[8992]: kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod 2013-04-17T07:04:27.026898+02:00 linux systemd[1]: Stopping Name Service Cache Daemon... 2013-04-17T07:04:27.032224+02:00 linux systemd[1]: Starting Name Service Cache Daemon... 2013-04-17T07:04:27.034211+02:00 linux systemd[1]: Started Name Service Cache Daemon. --------------- The "reloading" at 07:04:01 comes from enabling autofs and sssd, I guess? The post script is started at 07:04:24, hence nscd restarts there... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c7 Jiří Suchomel <jsuchome@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |fehr@suse.com --- Comment #7 from Jiří Suchomel <jsuchome@suse.com> 2013-04-17 11:57:46 UTC --- I see, it's during autoinstallation. Services are not reloaded/restarted when called from autoYaST, I assume correct status should be assured by autoYaST itself, not by YaST modules it is using. Thomas? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c8 Thomas Fehr <fehr@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |fehr@suse.com InfoProvider|fehr@suse.com | --- Comment #8 from Thomas Fehr <fehr@suse.com> 2013-04-17 12:38:33 UTC --- How should autoyast know something about correct status of services it installs. Autoyast does not interpret the data a module provides in any way. It simply calls "Import()", "Export()", "Read()" and "Write()" from the modules client. If we decided not to reload/restart services when called from autoyast, I can not see how this can be fixed without putting all knowledge about services dependent on each other into autoyast (which we certainly do not want to do). Would it not be possible for ldap_auto to simply restart nscd service if it is running? Autoyast does a "systemctl isolate default.target" at the end to start all services. Problem seems to be that the service is already running? Why is that the case? Who starts nscd service? I would simply tend to say in such cases final_reboot needs to be set to true. Alternately we can determine if it is possible to prevent in some way that nscd is running at all -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c9 --- Comment #9 from Jiří Suchomel <jsuchome@suse.com> 2013-04-17 13:00:41 UTC --- (In reply to comment #8)
Would it not be possible for ldap_auto to simply restart nscd service if it is running?
It probably could, but it would be a hack against current autoYaST way of work.
I would simply tend to say in such cases final_reboot needs to be set to true. Alternately we can determine if it is possible to prevent in some way that nscd is running at all
So should we say that final_reboot is the correct answer here? Or that nscd is to blame instead of YaST? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c10 --- Comment #10 from Thomas Fehr <fehr@suse.com> 2013-04-17 13:32:23 UTC ---
It probably could, but it would be a hack against current autoYaST way of work.
But this "way of work" assumed services were not running (yet), which seems not to be true any more in 12.3.
So should we say that final_reboot is the correct answer here?
As long as we do not want to either introduce hacks like nscd restart or change something fundamentally, yes.
Or that nscd is to blame instead of YaST?
If nscd would recognize when its config file changes, this would also solve the problem, but I am sure if this is capability is really promised by the service. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c11 --- Comment #11 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-17 14:13:49 UTC --- (In reply to comment #10)
It probably could, but it would be a hack against current autoYaST way of work.
But this "way of work" assumed services were not running (yet), which seems not to be true any more in 12.3.
So, this poses the question again: - why is nscd running and who starts it? - should it not be automatically restarted anyways, because it was running during installation and thus it is likely that its configuration has changed? I think this is somewhat similar to the network service, which also is started and required during installation, but later needs to be restarted to adapt to its final configuration... Are there any other service that are both required during installation and configured during installation? How is it handled there? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c12 --- Comment #12 from Thomas Fehr <fehr@suse.com> 2013-04-17 16:32:34 UTC ---
So, this poses the question again: - why is nscd running and who starts it? - should it not be automatically restarted anyways, because it was running during installation and thus it is likely that its configuration has changed?
I just did a test install if you enable nscd in <runlevel> section, it gets started by systemd before YaST2-Second-Stage gets started.
I think this is somewhat similar to the network service, which also is started and required during installation, but later needs to be restarted to adapt to its final configuration...
Network is the exception here. It probably would work to add "nscd.service" to the "Before" list of YaST2-Second-Stage.service but we can hardly add all existing services there. Another solution would be to add network.target to "After" section of nscd.service. I am not sure if it even makes any sense to start nscd before network is up, in pre-Systemd times it was dependent on $remote-fs and therefore indirectly on network. yast2-runlevel correctly does not start services. From the y2log: RunlevelEd.ycp:768 All services will be started at the end, skipping for now...
Are there any other service that are both required during installation and configured during installation? How is it handled there?
So far these services were expected not to be running while YaST2-Second-Stage is executed unless yast2 start scripts starts them (as an excpetion like for network). With 12.3 this is not true any more and will most probably lead to lots of subtle problems. Therefore I would urge to use final_reboot=true. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c13 --- Comment #13 from Jiří Suchomel <jsuchome@suse.com> 2013-04-18 12:02:12 UTC --- (In reply to comment #12)
Are there any other service that are both required during installation and configured during installation? How is it handled there?
So far these services were expected not to be running while YaST2-Second-Stage is executed unless yast2 start scripts starts them (as an excpetion like for network). With 12.3 this is not true any more and will most probably lead to lots of subtle problems. Therefore I would urge to use final_reboot=true.
Do you propose any deeper change in autoYaST logic based on current behavior? For now, I'd just close it with the offical 'use final_reboot' advice. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c14 Thomas Fehr <fehr@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED AssignedTo|jsuchome@suse.com |fehr@suse.com --- Comment #14 from Thomas Fehr <fehr@suse.com> 2013-04-18 12:34:51 UTC ---
Do you propose any deeper change in autoYaST logic based on current behavior?
I had a new idea this morning and am experimenting with it. While autoyast cannot know which services need to be restarted due to configuration changes, it could simply restart all services that are in running state. This should solve all potential problems with changed config files for services already running. No modules beside autoyast would be affected and so far I see no disadvantages (the system is not (yet) in a usable state at this time anyway), but I did not try it yet.
For now, I'd just close it with the offical 'use final_reboot' advice.
I just reassigned it to me. I hope I will have something which Joschi Brauchle could test either today or early next week. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c15 --- Comment #15 from Thomas Fehr <fehr@suse.com> 2013-04-18 14:43:59 UTC --- Created an attachment (id=535841) --> (http://bugzilla.novell.com/attachment.cgi?id=535841) updated autoyast client /usr/share/YaST2/clients/inst_autoconfigure.ycp -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c16 Thomas Fehr <fehr@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |joschibrauchle@gmx.de --- Comment #16 from Thomas Fehr <fehr@suse.com> 2013-04-18 14:49:08 UTC --- Attached updated version of inst_autoconfigure.ycp. This restarts all services in state "running" after all auto clients of modules have been run. I tested it and it worked as expected. Additional delay for my installations was about 15 seconds. Joschi, could you please try with this version if your problem with nscd demon having wrong configuration is fixed? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c17 --- Comment #17 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-18 15:28:56 UTC --- I am currently testing... But I just did a **manual** installation without autoyast. I can see in the logs that "rcnscd try-restart" was running, but still "nscd --statistics" shows that passwd and group are being cached. See ylogs of manual installation attached! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c18 Joschi Brauchle <joschibrauchle@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #535545|0 |1 is obsolete| | --- Comment #18 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-18 15:30:43 UTC --- Created an attachment (id=535853) --> (http://bugzilla.novell.com/attachment.cgi?id=535853) y2logs w/o autoyast -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c19 --- Comment #19 from Thomas Fehr <fehr@suse.com> 2013-04-18 16:01:31 UTC --- Tried on the command line (/bin/systemctl try-restart nscd.service) and it works as expected. y2log also clearly shows that it is called: 2013-04-18 11:19:53 <1> linux-72uc(3465) [YCP] Service.ycp:355 Running service initscript nscd try-restart So if it does not work it should be either a problem with Service.ycp: But the code there is trivial enough: global define integer RunInitScript (string name, string param) { y2milestone("Running service initscript %1 %2", name, param); string command = sformat ("%1 %2 %3.service", invoker, param, name); map<string, any> output=(map<string, any>)SCR::Execute (.target.bash_output, command, $[ "TERM" : "raw"]); if (output["exit"]:-1!=0) y2error("Error while running initscript %1 :\n%2", command, output); return output["exit"]:-1; } The y2log does not show an entry for y2error, so the return code of "/bin/systemctl try-restart nscd.service" was zero. Calling this on the command line after modifying /etc/nscd.conf work as expected: f134:~ # nscd --statistics | grep enab | head -2 ; grep enab /etc/nscd.conf | head -2 no paranoia mode enabled yes cache is enabled # enable-cache <service> <yes|no> enable-cache passwd yes f134:~ # vi /etc/nscd.conf f134:~ # nscd --statistics | grep enab | head -2 ; grep enab /etc/nscd.conf | head -2 no paranoia mode enabled yes cache is enabled # enable-cache <service> <yes|no> enable-cache passwd no f134:~ # /bin/systemctl try-restart nscd.service f134:~ # nscd --statistics | grep enab | head -2 ; grep enab /etc/nscd.conf | head -2 no paranoia mode enabled no cache is enabled # enable-cache <service> <yes|no> enable-cache passwd no f134:~ # So are you really sure that this does indeed not work? I have no server setup ready to try this from yast2 module itself. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c20 --- Comment #20 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-18 16:15:55 UTC --- Yes it works on the commandline, but on my test install, the caching was enabled. I can also see that try-restart was running successfully! ------ /var/log/messages ------ 2013-04-18T11:19:52.416256-04:00 linux systemd[1]: Reloading. 2013-04-18T11:19:52.451038-04:00 linux systemd[1]: Starting System Security Services Daemon... 2013-04-18T11:19:52.578251-04:00 linux sssd: nscd socket was detected. Nscd caching capabilities may conflict with SSSD for users and groups. It is recommended not to run nscd in parallel with SSSD, unless nscd is configured not to cache the passwd, group and netgroup nsswitch maps. 2013-04-18T11:19:52.809894-04:00 linux sssd: Starting up 2013-04-18T11:19:53.057601-04:00 linux sssd[be[default]]: Starting up 2013-04-18T11:19:53.187171-04:00 linux sssd[pam]: Starting up 2013-04-18T11:19:53.190964-04:00 linux sssd[nss]: Starting up 2013-04-18T11:19:53.210196-04:00 linux systemd[1]: Started System Security Services Daemon. 2013-04-18T11:19:53.247817-04:00 linux systemd[1]: Stopping Name Service Cache Daemon... 2013-04-18T11:19:53.252838-04:00 linux systemd[1]: Starting Name Service Cache Daemon... 2013-04-18T11:19:53.254634-04:00 linux systemd[1]: Started Name Service Cache Daemon. ------ /var/log/messages ------ But look at this: ------------ # l /etc/nscd.conf -rw-r--r-- 1 root root 2343 Apr 18 11:20 /etc/nscd.conf ------------ The modify timestamp suggest that the nscd.conf was modified AFTER the try-restart! Hence nscd is still running with an incorrect config. Hence there seems to be some problem in the Yast code with the order of things? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c21 --- Comment #21 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-18 16:18:51 UTC --- So the exact modification timestamp of /etc/nscd.conf is: Modify: 2013-04-18 11:20:05.471010274 -0400 This is the time where yast-kerberos module is running... does this have something to do with it? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c22 Thomas Fehr <fehr@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jsuchome@suse.com --- Comment #22 from Thomas Fehr <fehr@suse.com> 2013-04-18 16:26:15 UTC --- I grepped trogh sources of yast2-kerberos-client and they do not mention nscd at all. Ok, if nscd.conf is written after call to "nscd try-restart" (which happened at 11:19:53) this is a problem within ldap module and needs to be handled by Jiri Suchomel. So we have basically two different problems here. - one regarding autoyast setup after auto-clients modified config files (should be addressed by attached inst_autoconfgure.ycp) - one regarding yast2-ldap with order of file writes and call to nscd restart Maybe it would be best to clone the bug. Adding Jiri Suchomel too CC: again. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c23 --- Comment #23 from Thomas Fehr <fehr@suse.com> 2013-04-18 16:40:49 UTC --- Jiri, I think there is some call "SCR::Write(.etc.nscd_conf, nil))" in function WriteNscdCache missing, otherwise SCR seems to delay the write until end of client invocation and during the "nscd try-restart" the filesystem still has old content of /etc/nscd.conf. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c24 --- Comment #24 from Jiří Suchomel <jsuchome@suse.com> 2013-04-19 06:42:07 UTC --- Created an attachment (id=535989) --> (http://bugzilla.novell.com/attachment.cgi?id=535989) patch for /usr/share/YaST2/modules/Ldap.ycp (In reply to comment #23)
Jiri, I think there is some call "SCR::Write(.etc.nscd_conf, nil))" in function WriteNscdCache missing, otherwise SCR seems to delay the write until end of client invocation and during the "nscd try-restart" the filesystem still has old content of /etc/nscd.conf.
That makes sense. Try attached patch. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c25 --- Comment #25 from Jiří Suchomel <jsuchome@suse.com> 2013-04-19 06:59:51 UTC --- (In reply to comment #24)
That makes sense. Try attached patch.
Or better package: https://build.opensuse.org/package/show?package=yast2-ldap-client&project=home%3Ajsuchome -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c26 --- Comment #26 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-19 12:58:30 UTC --- New ldap-client package looks good. Test installation had nscd caching disabled for passwd and groups! I will report back about autoyast later. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c27 Joschi Brauchle <joschibrauchle@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|joschibrauchle@gmx.de | --- Comment #27 from Joschi Brauchle <joschibrauchle@gmx.de> 2013-04-22 16:32:34 UTC --- So, the new autoyast client also fixes the problem of nscd caching by restarting all services (including nscd, but also network?) at the end of the installation process. I can see though, that now installation waits 2x 30 seconds now for "restarting all services" and "isolate systemd" to finish... In my case, the "systemd-logind.service - Login Service" seems to not start within each of these 30 second periods... it times out sometime later and restarts then. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c28 --- Comment #28 from Thomas Fehr <fehr@suse.com> 2013-04-23 12:14:36 UTC --- The problem with systemd-logind.service does not happen always, therefore I did not catch it in my tests. I now add a list of services not to restart which currently contains only systemd-logind.service. I now have an additional delay of about 5 seconds. If you still have 30 seconds delay with new version I would be interested in y2log file, maybe some more tweaking is needed. I attach updated version of inst_autoconfigure.ycp. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c29 --- Comment #29 from Thomas Fehr <fehr@suse.com> 2013-04-23 12:15:27 UTC --- Created an attachment (id=536487) --> (http://bugzilla.novell.com/attachment.cgi?id=536487) updated autoyast client /usr/share/YaST2/clients/inst_autoconfigure.ycp -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c30 Thomas Fehr <fehr@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #30 from Thomas Fehr <fehr@suse.com> 2013-04-25 12:55:27 UTC --- Considering this as fixed for factory. So far I will not backport this for 12.3 but still would advise to set "final_reboot" to "true" in 12.3 when such problems show up. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c31 Andrew Daugherity <adaugherity@tamu.edu> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |adaugherity@tamu.edu --- Comment #31 from Andrew Daugherity <adaugherity@tamu.edu> 2013-06-20 16:49:28 UTC --- Why not backport this to 12.3? FYI in testing the updated yast2-ldap-client for #815506 I found that configuring LDAP via YaST does reload nscd (since the new package also includes this fix), but with an autoyast install, nscd does *not* get reloaded and I must restart it manually (or launch yast2 ldap and hit OK) before I can use any LDAP accounts. I guess an updated package with your new inst_autoconfigure.ycp would fix this? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=804454 https://bugzilla.novell.com/show_bug.cgi?id=804454#c32 --- Comment #32 from Thomas Fehr <fehr@suse.com> 2013-06-24 03:56:16 UTC --- The problem occurs during second stage of yast2 installation. So releasing an update would only help if the user installs the updates together with original medium in initial install. This can of course be done, e.g. by adding http://download.opensuse.org/update/12.3/ as add-on product. But I doubt many autoyast setups use such a setup, mostly they will install from original medium and simply do a online update afterward. For such a scenario, releasing an update for autoyast would not help since autoyast package from original medium is used and the bug is already triggered in YaST2 second stage of autoyast install. Therefore I would assume that after releasing an online update there would be more confusion under which install scenarios the new autoyast would be in place already during initial install. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com