SCIENTIFIC-LINUX-USERS Archives

August 2015

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show HTML Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
starting ypbind with systemctl in SL7
From:
Nathan Moore <[log in to unmask]>
Reply To:
Nathan Moore <[log in to unmask]>
Date:
Sat, 8 Aug 2015 08:36:24 -0500
Content-Type:
multipart/alternative
Parts/Attachments:
text/plain (2935 bytes) , text/html (7 kB) 
Working through a SL7 migration.

Right now, I can't get ypbind to start, or rather, it starts in a clunky
way.

Using systemctl,
[root@pilgrim ~]# systemctl enable ypbind
[root@pilgrim ~]# systemctl start ypbind
Job for ypbind.service failed. See 'systemctl status ypbind.service' and
'journalctl -xn' for details.

but, I can get the daemon to start by running the bare command,
[root@pilgrim ~]# /usr/sbin/ypbind
[root@pilgrim ~]# rpcinfo -p localhost | grep ypbind
    100007    2   udp    785  ypbind
    100007    1   udp    785  ypbind
    100007    2   tcp    788  ypbind
    100007    1   tcp    788  ypbind

Any ideas?  Is this a known bug?  The output below makes it seem like this
is a conflict with selinux?

[root@pilgrim ~]# systemctl -l status ypbind.service
ypbind.service - NIS/YP (Network Information Service) Clients to NIS Domain
Binder
   Loaded: loaded (/usr/lib/systemd/system/ypbind.service; enabled)
   Active: failed (Result: exit-code) since Sat 2015-08-08 03:33:06 CDT;
42s ago
  Process: 17594 ExecStartPost=/usr/libexec/ypbind-post-waitbind
(code=exited, status=1/FAILURE)
  Process: 17587 ExecStart=/usr/sbin/ypbind -n $OTHER_YPBIND_OPTS
(code=exited, status=0/SUCCESS)
  Process: 17585 ExecStartPre=/usr/sbin/setsebool allow_ypbind=1
(code=exited, status=0/SUCCESS)
  Process: 17580 ExecStartPre=/usr/libexec/ypbind-pre-setdomain
(code=exited, status=0/SUCCESS)
 Main PID: 17587 (code=exited, status=0/SUCCESS)
   Status: "Processing requests..."

Aug 08 03:32:19 pilgrim setsebool[17585]: The allow_ypbind policy boolean
was changed to 1 by root
Aug 08 03:32:19 pilgrim ypbind[17587]: cannot create pidfile
/var/run/ypbind.pid
Aug 08 03:32:20 pilgrim python[17592]: SELinux is preventing
/usr/sbin/ypbind from 'read, write' accesses on the file ypbind.pid.

                                       *****  Plugin catchall (100.
confidence) suggests   **************************

                                       If you believe that ypbind should be
allowed read write access on the ypbind.pid file by default.
                                       Then you should report this as a bug.
                                       You can generate a local policy
module to allow this access.
                                       Do
                                       allow this access for now by
executing:
                                       # grep ypbind
/var/log/audit/audit.log | audit2allow -M mypol
                                       # semodule -i mypol.pp

Aug 08 03:33:06 pilgrim ypbind[17587]: cannot unlock pidfile
Aug 08 03:33:06 pilgrim systemd[1]: ypbind.service: control process exited,
code=exited status=1
Aug 08 03:33:06 pilgrim systemd[1]: Failed to start NIS/YP (Network
Information Service) Clients to NIS Domain Binder.
Aug 08 03:33:06 pilgrim systemd[1]: Unit ypbind.service entered failed
state.


-- 
- - - - - - -   - - - - - - -   - - - - - - -
Nathan Moore
Mississippi River and 44th Parallel
- - - - - - -   - - - - - - -   - - - - - - -

ATOM RSS1 RSS2