Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 996847
+++ This bug was initially created as a clone of Bug #996716 +++ Description of problem: I Setup a replication server and after reboot it fails to start ipa. I did the install three different times and every time I'm able to create the replicaton server but after a reboot it fails to start. After much digging I finally found out that the /var/lock/dirsrv/slapd-INSTANCE dirs are not being created. /var/lock is a symlink to /run/lock so I updated the tmpfiles.d to point to /run/lock instead and now ipa starts fine on bootup. Version-Release number of selected component (if applicable): 3.2.2 How reproducible: Everytime on my VM host when doing replication. Strange thing is my Master host has the same config files and it starts fine. Additional Info: journalctl shows the following failure: Aug 13 12:45:45 pippin.home.pecknet.com systemd-tmpfiles[191]: Failed to create directory /var/lock/dirsrv: No such file or directory Aug 13 12:45:45 pippin.home.pecknet.com systemd-tmpfiles[191]: Failed to create directory /var/lock/dirsrv/slapd-HOME-PECKNET-COM: No such file or directory Could be a race condition where /run/lock doesn't exist yet? (That is created from /usr/lib/tmpfiles.d/legacy) --- Additional comment from Martin Kosek on 2013-08-14 02:24:19 EDT --- I noticed the "/var/lock" symlinks in dirsrv's tmpfiles config file: # cat /etc/tmpfiles.d/dirsrv-IDM-LAB-BOS-REDHAT-COM.conf d /var/run/dirsrv 0770 dirsrv dirsrv d /var/lock/dirsrv 0770 dirsrv dirsrv d /var/lock/dirsrv/slapd-IDM-LAB-BOS-REDHAT-COM 0770 dirsrv dirsrv However, is this something that IPA should tackle? It is created during setup-ds.pl phase, by DS. I would expect that DS would update it during upgrade (if necessary). Rich, please advise if this is something that IPA is expected to do. --- Additional comment from Alexander Bokovoy on 2013-08-14 02:37:37 EDT --- Similar update to tmpfiles.d needs to be done on Dogtag side as pki-* configs also mention /var/lock and /var/run. It is worth to file Dogtag bug for that. As for FreeIPA, we need to avoid running systemd upgrade tool unless we are upgrading from Fedora 16. This needs to be done ASAP.
Fixed in 10.0 branch: (java, RA, TPS)
To ssh://vakwetu@git.fedorahosted.org/git/pki.git ebc7bf6..e8d4cb6 DOGTAG_10_0_BRANCH -> DOGTAG_10_0_BRANCH
Fixed for 10.1 branch (RA, TPS):
To ssh://vakwetu@git.fedorahosted.org/git/pki.git 64a4b12..a42e510 master -> master
Metadata Update from @nkinder: - Issue assigned to vakwetu - Issue set to the milestone: 10.0.6
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1310
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.