service libvirt-bin start does not set KRB5_KTNAME as required

Bug #708172 reported by Thomas Schweikle
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libvirt (Ubuntu)
Fix Released
Medium
Unassigned
Maverick
Won't Fix
Medium
Unassigned

Bug Description

Set KRB5_KTNAME in /etc/default/libvirt-bin, start libvirt-bin, wonder why the server logs "Key entry not found in keytab"....

Notice /etc/default/libvirt-bin installed, but not used any more.

Add "export KRB5_KTNAME=/etc/libvirt/krb5.keytab" right before the exec-line in /etc/init/libvirt-bin.conf. Wonder why the server logs "Key entry not found in keytab" --- it's a problem from upstart: it ignores variables set within /etc/init/libvirt-bin.conf??

The only way out:
create a new script holding all necessary things to set up libvirtd correctly:

#! /bin/bash

export KRB5_KTNAME=/etc/libvirt/krb5.keytab
/usr/sbin/libvirtd -d --listen

Make it executable, then call it from the original file.

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: libvirt-bin 0.8.3-1ubuntu14
ProcVersionSignature: Ubuntu 2.6.35-24.42-server 2.6.35.8
Uname: Linux 2.6.35-24-server x86_64
Architecture: amd64
Date: Wed Jan 26 18:14:22 2011
InstallationMedia: Ubuntu-Server 10.10 "Maverick Meerkat" - Release amd64 (20101007)
ProcEnviron:
 SHELL=/bin/bash
 LANG=de_DE.UTF-8
 LC_CTYPE=en_US.UTF-8
SourcePackage: libvirt

Related branches

Revision history for this message
Thomas Schweikle (tps) wrote :
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Thomas, thank you for taking the time to file this bug report and help us make Ubuntu better!

The upstart job is, indeed, ignoring any settings that used to be set in /etc/default/libvirt-bin.

Seeing as there is no warning about this in the release notes or changelog, I think this is a regression, as it breaks on upgrade from lucid to maverick.

As a workaround, you can take all the settings from that file and manually add them to /etc/init/libvirt-bin.conf as

env KRB5_KTNAME=/etc/libvirt/krb5.keytab

There is no need for a special script to do that.

The fix should be to source /etc/default/libvirt-bin and respect the flags as they were before, at least until the release following the next LTS.

Marking Triaged ( as Ubuntu is upstream for the upstart job ) and setting Importance to Medium, as this is a regression on upgrade, but only affects users with non-default configurations.

tags: added: regression-release
Changed in libvirt (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Changed in libvirt (Ubuntu Maverick):
importance: Undecided → Medium
status: New → Triaged
Changed in libvirt (Ubuntu):
assignee: nobody → Serge Hallyn (serge-hallyn)
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Note this is not actually a regression from lucid. It only looks like it because the package has both the sysvinit and upstart jobs, and the sysvinit script sources /etc/default/libvirt-bin while the upstart one does not. But only the upstart job gets installed in lucid.

So this fix will have to be SRU'd back to.. everything.

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Note that the upstart job says

# If you used to set $libvirtd_opts in /etc/default/libvirt-bin,
# change the 'exec' line here instead.

So I"m torn as to whether we should 'fix' the inclusion of /etc/default/libvirt-bin, or fix the documentation somehow.

If we do want to modify the upstart job, then three at lp:~serge-hallyn/ubuntu/natty/libvirt/upstart-include-default should have the fix.

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

I like Serge's solution to the problem.

However, I think we should probably bring this question, generically, to the ubuntu-server@ and ubuntu-devel@ mailing lists, and get a policy defined for this behavior. In my opinion, we should give server administrators a smooth mechanism for making minor tweaks to daemon start options (such as libvirt and ssh), either using /etc/default/* or something in that vein. I certainly think there should be a cleaner mechanism for doing this than editing the dpkg-managed conffile /etc/init/*.conf.

I simply followed the lead defined in /etc/init/ssh.conf, when I commented in libvirt's upstart job about editing the exec line.

Changed in libvirt (Ubuntu):
assignee: Serge Hallyn (serge-hallyn) → nobody
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Given Clint's comments on irc about upstream's plans, I think it would be best to merge this fix right now for natty, SRU it for maverick and lucid, and switch to the upstream solution when upstart override files become available. I'm going to propose my branch for merge, and let the fur fly :)

Revision history for this message
Dustin Kirkland  (kirkland) wrote : Re: [Bug 708172] Re: service libvirt-bin start does not set KRB5_KTNAME as required

+1, Serge.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libvirt - 0.8.5-0ubuntu5

---------------
libvirt (0.8.5-0ubuntu5) natty; urgency=low

  * Have upstart job source /etc/default/libvirt-bin. This is only a
    temporary fix until upstart provides proper default override support
    through /etc/init/libvirt-bin.override (or any other mechanism).
    (LP: #708172)
 -- Serge Hallyn <email address hidden> Tue, 01 Feb 2011 13:30:02 +0100

Changed in libvirt (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
Rolf Leggewie (r0lf) wrote :

maverick has seen the end of its life and is no longer receiving any updates. Marking the maverick task for this ticket as "Won't Fix".

Changed in libvirt (Ubuntu Maverick):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.