search

kanidm / kanidm_ppa_automation

The magic that makes kanidm/kanidm_ppa work
Mozilla Public License 2.0
0 stars 1 forks source link

Weird error on install in Debian bookworm: Could not execute systemctl #8

Open yaleman opened 1 month ago

yaleman commented 1 month ago 
Setting up kanidm-unixd (1.4.0~dev-202410160358+8c8f723) ...
=============================
Thanks for installing Kanidm!
=============================
Please ensure you modify the configuration files at /etc/kanidm/unixd and /etc/kanidm/config
Full examples are in /usr/share/kanidm-unixd/
To configure nsswitch, please follow instructions in https://kanidm.github.io/kanidm/master/integrations/pam_and_nsswitch.html
Could not execute systemctl:  at /usr/bin/deb-systemd-invoke line 145.

That last line's ... odd.

Edit, found what it's doing:

if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-deconfigure" ] || [ "$1" = "abort-remove" ] ; then
        if [ -d /run/systemd/system ]; then
                systemctl --system daemon-reload >/dev/null || true
                if [ -n "$2" ]; then
                        _dh_action=restart
                else
                        _dh_action=start
                fi
                deb-systemd-invoke $_dh_action kanidm-unixd-tasks.service kanidm-unixd.service >/dev/null || true
        fi
fi

... So it's failing to invoke systemctl somehow? 🤦🏻 deb-systemd-invoke... should just work?

deb-systemd-invoke is a Debian-specific helper script which asks /usr/sbin/policy-rc.d before performing a systemctl call.

deb-systemd-invoke is intended to be used from maintscripts to manage systemd unit files. It is specifically NOT intended to be used interactively by users. Instead, users should run systemd and use systemctl, or not bother about the systemd enabled state in case they are not running systemd.

Full postinst file here: postinst.txt

jinnatar commented 1 month ago

What I've gathered is that it might be because the service start can't succeed with the default config, i.e. without uri configured. Hopefully that's something that the next-gen unixd rewrite could address, i.e. that the service can start without a configured kanidmd URI.

yaleman commented 1 month ago

Ooh, that's possible... terrible error message from the OS tooling though without any context 😢