I agree with Sam and Andreas, we should not change the krb5kdc systemd
unit file because of freeipa. I am assigning this bug back to freeipa.
** Package changed: krb5 (Ubuntu) => freeipa (Ubuntu)
** Changed in: freeipa (Ubuntu)
Status: New => Triaged
** Changed in: freeipa (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1874915
Title:
krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only
file system
Status in freeipa package in Ubuntu:
Triaged
Bug description:
Hopefully this can trivially be corrected.
Seems the systemd service file for the kerberos portion of freeipa
could use a minor tweak.
When restarting the kerberos service, it (incorrectly) reports that
the default configured log file (/var/log/krb5kdc.log) is sending to a
"read only filesystem". This is a misleading error, since the
/var/log directory by default -IS- writeable, but systemd is in fact
preventing the daemon from writing. Why systemd can't inject itself
inappropriately and report that it's causing the trouble is another
conversation. ;) [not personally a systemd fan]
File:
=====
/lib/systemd/system/krb5-kdc.service
Command:
=====
service krb5-kdc restart
Error:
=====
krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file
system
Please make the following adjustment to the default systemd file.
=====
13c13
< ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run
---
> ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run /var/log
Thank you for all the help and support. :)
Cheers,
-Chris
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1874915/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
