Date: Thu, 02 May 2019 20:30:23 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 237713] security/kstart: rc script still starts before cleartmp Message-ID: <bug-237713-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D237713 Bug ID: 237713 Summary: security/kstart: rc script still starts before cleartmp Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: zi@FreeBSD.org Reporter: wsh-bugs@wshooper.org Assignee: zi@FreeBSD.org Flags: maintainer-feedback?(zi@FreeBSD.org) On 12.0-RELEASE-p3, using kstart-4.2_2 with nss-pam-ldapd-sasl-0.9.10_1, bo= th installed as packages, the fix from bug #235757 doesn't work for me: the Kerberos credential cache written by kstart, /tmp/krb5cc_928, is removed fr= om /tmp before nslcd can use it. rcorder(8) causes both kstart and nslcd to start before cleartmp: root@host:~ # rcorder /etc/rc.d/* /usr/local/etc/rc.d/* | grep -E 'DAEMON|LOGIN|cleartmp|kstart|nslcd' rcorder: Circular dependency on provision `DAEMON' in file `/usr/local/etc/rc.d/kstart'. rcorder: requirement `slapd' in file `/usr/local/etc/rc.d/nslcd' has no providers. /usr/local/etc/rc.d/kstart /usr/local/etc/rc.d/nslcd /etc/rc.d/cleartmp /etc/rc.d/DAEMON /etc/rc.d/LOGIN The circular dependency in the error message seems to involve /etc/rc.d/LOG= IN. The kstart script says it requires DAEMON but must run before LOGIN: root@host:~ # head -9 /usr/local/etc/rc.d/kstart #!/bin/sh # $FreeBSD: head/security/kstart/files/kstart.in 496119 2019-03-18 02:28:= 10Z zi $ # PROVIDE: kstart # REQUIRE: DAEMON # BEFORE: LOGIN # KEYWORD: shutdown # Add the following lines to /etc/rc.conf to enable kstart: The LOGIN script, however, requires DAEMON, so LOGIN can't run before DAEMO= N: root@host:~ # head -9 /etc/rc.d/LOGIN #!/bin/sh # # $FreeBSD: releng/12.0/libexec/rc/rc.d/LOGIN 278706 2015-02-13 20:52:23Z ngie $ # # PROVIDE: LOGIN # REQUIRE: DAEMON # This is a dummy dependency to ensure user services such as xdm, I worked around the problem by changing REQUIRE: DAEMON to REQUIRE: cleartmp in /usr/local/etc/rc.d/kstart, after which the rcorder output was as expect= ed: root@host:/etc/rc.d # rcorder /etc/rc.d/* /usr/local/etc/rc.d/* | grep -E 'DAEMON|LOGIN|cleartmp|kstart|nslcd' rcorder: requirement `slapd' in file `/usr/local/etc/rc.d/nslcd' has no providers. /etc/rc.d/cleartmp /usr/local/etc/rc.d/kstart /usr/local/etc/rc.d/nslcd /etc/rc.d/DAEMON /etc/rc.d/LOGIN --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237713-7788>