Public bug reported:

Hopefully this can trivially be corrected.

Seems the systemd service file for the kerberos portion of freeipa could
use a minor tweak.

When restarting the kerberos service, it (incorrectly) reports that the
default configured log file (/var/log/krb5kdc.log) is sending to a "read
only filesystem".  This is a misleading error, since the /var/log
directory by default -IS- writeable, but systemd is in fact preventing
the daemon from writing.  Why systemd can't inject itself
inappropriately and report that it's causing the trouble is another
conversation. ;) [not personally a systemd fan]


File:
=====
/lib/systemd/system/krb5-kdc.service

Command:
=====
service krb5-kdc restart

Error:
=====
krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only file 
system


Please make the following adjustment to the default systemd file.
=====
13c13
< ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run
---
> ReadWriteDirectories=-/var/tmp /tmp /var/lib/krb5kdc -/var/run /run /var/log


Thank you for all the help and support.  :)

Cheers,
-Chris

** Affects: freeipa (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1874915

Title:
  krb5kdc[27833]: Couldn't open log file /var/log/krb5kdc.log: Read-only
  file system

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1874915/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to