Public bug reported: Hopefully this can trivially be corrected.
Seems the systemd service file for the kerberos portion of freeipa could use a minor tweak. When restarting the kerberos service, it (incorrectly) reports that the default configured log file (/var/log/krb5kdc.log) is sending to a "read only filesystem". This is a misleading error, since the /var/log directory by default -IS- writeable, but systemd is in fact preventing the daemon from writing. Why systemd can't inject itself inappropriately and report that it's causing the trouble is another conversation. ;) [not personally a systemd fan] File: ===== /lib/systemd/system/krb5-kdc.service Command: ===== service krb5-kdc restart Error: ===== krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system Please make the following adjustment to the default systemd file. ===== 13c13 < ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run --- > ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run /var/log Thank you for all the help and support. :) Cheers, -Chris ** Affects: freeipa (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874915 Title: krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1874915/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs