[Bug 1874915] Re: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system
I agree with Sam and Andreas, we should not change the krb5kdc systemd unit file because of freeipa. I am assigning this bug back to freeipa. ** Package changed: krb5 (Ubuntu) => freeipa (Ubuntu) ** Changed in: freeipa (Ubuntu) Status: New => Triaged ** Changed in: freeipa (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874915 Title: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1874915/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1874915] Re: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system
In general I tend to agree with Sam. A config was changed (kdc logging to a file in /var/log/), and for it to work fully another config needs to be changed (systemd). FreeIPA (who made the first change) can easily create a systemd override for this. That being said, it's not super unreasonable for a user, after reading the kdc.conf(8) manpage, to expect logging to a file in /var/log to work. Were the logfile in, say, /var/adm, or some other nonexistent directory, I can easily see how that would require further configuration, but not /var/log. That I find a bit unexpected. I would however generally recommend to use SYSLOG and the AUTH facility, that would seem to offer better integration. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874915 Title: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1874915/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1874915] Re: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system
I'm going to push back on the reassignment to krb5. I think this is a freeipa bug. Kerberos's systemd service unit is correct for Kerberos. freeipa is the one that is deciding it wants to change the Kerberos logging configuration, and thus is the one that should adjust the permissions. Honestly I'd rather see this fixed by freeipa not messing around with Kerberos configs so much, but especially not logging config. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874915 Title: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1874915/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1874915] Re: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system
** Package changed: freeipa (Ubuntu) => krb5 (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874915 Title: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1874915/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs