Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable service doesn't work with chroot connection #21026

Closed
Koaxiel opened this issue Feb 3, 2017 · 11 comments · Fixed by #21072
Closed

Enable service doesn't work with chroot connection #21026

Koaxiel opened this issue Feb 3, 2017 · 11 comments · Fixed by #21072

Comments

@Koaxiel
Copy link

@Koaxiel Koaxiel commented Feb 3, 2017

ISSUE TYPE
  • Bug Report
COMPONENT NAME

systemd/service module

ANSIBLE VERSION
ansible 2.2.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides

OS / ENVIRONMENT

Arch Linux

SUMMARY

From http://0pointer.de/blog/projects/changing-roots

First of all, systemctl detects when it is run in a chroot. If so, most of its operations will become NOPs, with the exception of systemctl enable and systemctl disable. If a package installation script hence calls these two commands, services will be enabled in the guest OS. However, should a package installation script include a command like systemctl restart as part of the package upgrade process this will have no effect at all when run in a chroot() environment.

In chroot environment, ansible fails to enable since this commit ansible/ansible-modules-core@2f50979
The variable "found" keep false value because "systemctl show" doesn't work

[root@archiso /]# systemctl show systemd-timesyncd.service
Running in chroot, ignoring request.

Therefore fail_if_missing(module, found, unit, "cannot %s" % (action)) is triggered

STEPS TO REPRODUCE

Try to enable a service with chroot connection in systemd environment

- hosts: /mnt
  user: root
  connection: chroot
  tasks:
    - name: Enable systemd-timesyncd.service
      systemd:
        name: systemd-timesyncd.service
        enabled: yes
EXPECTED RESULTS

Enable the service (symlink created)

ACTUAL RESULTS
fatal: [/mnt]: FAILED! => {"changed": false, "failed": true, "msg": "Could not find the requested service systemd-timesyncd.service: cannot enable"}

@bcoca

This comment has been minimized.

Copy link
Member

@bcoca bcoca commented Feb 3, 2017

is there any way to verify the systemd service exists if systemd itself lies to us?

@Koaxiel

This comment has been minimized.

Copy link
Author

@Koaxiel Koaxiel commented Feb 3, 2017

"found" is set from the output of (rc, out, err) = module.run_command("%s show '%s'" % (systemctl, unit)). Replace show by list-unit-files should fix this problem since list-unit-files works in chroot environment :

[root@archiso /]# systemctl list-unit-files systemd-timesyncd.service 
UNIT FILE                 STATE   
systemd-timesyncd.service disabled

1 unit files listed.
@hamr

This comment has been minimized.

Copy link

@hamr hamr commented Feb 6, 2017

Just noting that this prevents folks from using service/systemd modules in an installer environment like kickstart/anaconda -- which is counterintuitive because commands like systemctl enable and systemctl disable work.

@bcoca

This comment has been minimized.

Copy link
Member

@bcoca bcoca commented Feb 6, 2017

sadly list-unit-files won't find init scripts systemd can also manage .... rock meet hard place

also it REQUIRES .service ... which is not required by the other commands

@bcoca

This comment has been minimized.

Copy link
Member

@bcoca bcoca commented Feb 6, 2017

@Koaxiel @hamr I don't have systemd chroot setup, see if you can confirm that #21072 fixes the issue for you.

bcoca added a commit to bcoca/ansible that referenced this issue Feb 6, 2017
@Koaxiel

This comment has been minimized.

Copy link
Author

@Koaxiel Koaxiel commented Feb 7, 2017

I didn't test yet, but it seems limited to service unit and doesn't handle the timer, socket, etc units

also it REQUIRES .service ... which is not required by the other commands

Maybe, unlike service module, name parameter should be the entire name unit for this module

@bcoca

This comment has been minimized.

Copy link
Member

@bcoca bcoca commented Feb 7, 2017

probably a 'less friendly' approach is required here. I'll remove the 'auto add of .service' and make note in description: for some environments (i.e. chroot) you'll need to specify the full name of the unit file.

@bcoca

This comment has been minimized.

Copy link
Member

@bcoca bcoca commented Feb 8, 2017

updated, less friendly now but there is note in docs hinting at using .service/etc names.

@bcoca bcoca closed this in #21072 Feb 10, 2017
bcoca added a commit that referenced this issue Feb 10, 2017
@Koaxiel

This comment has been minimized.

Copy link
Author

@Koaxiel Koaxiel commented Feb 11, 2017

Sorry, I just have time to test and it doesn't work because the rc of systemctl show 'unit' is 0 in chroot env with this output Running in chroot, ignoring request.

@kwohlfahrt

This comment has been minimized.

Copy link
Contributor

@kwohlfahrt kwohlfahrt commented Apr 23, 2017

Just tested this (on 2.3.0.0-r1), and found it is not working. This is because the message Running in chroot, ignoring request. is in err, not in out, which is being searched.

@plutosrings

This comment has been minimized.

Copy link

@plutosrings plutosrings commented Jan 2, 2019

Sorry to spam a closed bug, but systemctl supports the "--root" option which can be used to specify the chroot location for these operations.

Was hoping something like this would work, but DOES NOT:

  - name: Enable ntp service
    service: 
      name: ntpd
      enabled: yes
      state: started
      arguments: "--root=/mnt"

  - name: Enable ssh service
    service: 
      name: sshd
      enabled: yes
      state: started
      arguments: "--root=/mnt"

Ansible outputs:

 [WARNING]: Ignoring "arguments" as it is not used in "systemd"

Where the symlinks are not created in the chroot area...

However, hacking something together with the good ole' shell module:

  - name: "Enable ntp service W/A: Passing arguments to systemctl"
    shell: "/usr/bin/systemctl enable ntpd --root=/mnt" 
    args: 
      executable: /usr/bin/bash
 
  - name: "Enable sshd service W/A: Passing arguments to systemctl"
    shell: "/usr/bin/systemctl enable sshd --root=/mnt" 
    args: 
      executable: /usr/bin/bash 

Does work, and creates the expected symlinks under the chroot area for Arch Linux.

@ansible ansible locked and limited conversation to collaborators Apr 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
6 participants
You can’t perform that action at this time.