You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sometimes I don't want PKI to start on boot, so I do what I'm most familiar with:
systemctl disable pki-tomcatd@pki-tomcat
However, this is a very bad idea: it leaves the system in an unworkable state. Attempting to start the service manually gives:
-- Unit pki-tomcatd@pki-tomcat.service has begun starting up.
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com pki-server[1489]: ----------------------------
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com pki-server[1489]: pki-tomcat instance migrated
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com pki-server[1489]: ----------------------------
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com pkidaemon[1516]: WARNING: Symbolic link '/etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service' does NOT exist!
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com pkidaemon[1516]: INFO: Attempting to create '/etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service' -> '/lib/systemd/system/pki-tomcatd@.service' . . .
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com pkidaemon[1516]: ln: failed to create symbolic link '/etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service': No such file or directory
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com pkidaemon[1516]: ERROR: Failed to create '/etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service' -> '/lib/systemd/system/pki-tomcatd@.service'!
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com systemd[1]: pki-tomcatd@pki-tomcat.service: Control process exited, code=exited status=1
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com systemd[1]: pki-tomcatd@pki-tomcat.service: Failed with result 'exit-code'.
Mar 27 22:42:58 vm-171-084.abc.idm.lab.eng.brq.redhat.com systemd[1]: Failed to start PKI Tomcat Server pki-tomcat.
-- Subject: Unit pki-tomcatd@pki-tomcat.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit pki-tomcatd@pki-tomcat.service has failed.
--
-- The result is failed.
And enabling the service again fails. If you try a pkidestroy and a new spawn, you get:
[root@vm-171-084 ~]# pkispawn -f CA-ecc.cfg
Subsystem (CA/KRA/OCSP/TKS/TPS) [CA]: CA
Begin installation (Yes/No/Quit)? Yes
Log file: /var/log/pki/pki-ca-spawn.20190327224642.log
Loading deployment configuration from CA-ecc.cfg.
Installing CA into /var/lib/pki/pki-tomcat.
Storing deployment configuration into /etc/sysconfig/pki/tomcat/pki-tomcat/ca/deployment.cfg.
pkihelper : ERROR OSError: [Errno 2] No such file or directory: '/lib/systemd/system/pki-tomcatd@.service' -> '/etc/systemd/system/pki-tomcatd.target
.wants/pki-tomcatd@pki-tomcat.service'!
pkispawn : ERROR FileNotFoundError: [Errno 2] No such file or directory: '/lib/systemd/system/pki-tomcatd@.service' -> '/etc/systemd/system/pki-tomca
td.target.wants/pki-tomcatd@pki-tomcat.service'
File "/usr/lib/python3.6/site-packages/pki/server/pkispawn.py", line 547, in main
scriptlet.spawn(deployer)
File "/usr/lib/python3.6/site-packages/pki/server/deployment/scriptlets/instance_layout.py", line 231, in spawn
deployer.mdict['pki_systemd_service_link'])
File "/usr/lib/python3.6/site-packages/pki/server/deployment/pkihelper.py", line 1711, in create
os.symlink(name, link)
Installation failed: [Errno 2] No such file or directory: '/lib/systemd/system/pki-tomcatd@.service' -> '/etc/systemd/system/pki-tomcatd.target.wants/pki-tomcatd@pki-tomcat.service'
So I think we need to figure out what exactly gets removed during disable, and how to allow enable / start to function properly again.
The text was updated successfully, but these errors were encountered:
This issue was migrated from Pagure Issue #3096. Originally filed by cipherboy (@cipherboy) on 2019-03-27 17:54:05:
Sometimes I don't want PKI to start on boot, so I do what I'm most familiar with:
systemctl disable pki-tomcatd@pki-tomcat
However, this is a very bad idea: it leaves the system in an unworkable state. Attempting to start the service manually gives:
And enabling the service again fails. If you try a
pkidestroy
and a new spawn, you get:So I think we need to figure out what exactly gets removed during
disable
, and how to allowenable
/start
to function properly again.The text was updated successfully, but these errors were encountered: