-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
rhel-8.10
-
No
-
Moderate
-
rhel-sst-openshift
-
None
-
False
-
-
None
-
Red Hat Enterprise Linux
-
None
-
None
-
None
-
-
All
-
None
What were you trying to do that didn't work?
This is somehow a continuation of RHEL-64920 but when having SELinux disabled or in permissive to workaround the initial issue.
A customer is trying to setup keepalived in a network namespace name "LB".
When starting the service, systemd marks the service as "Failed timed out" after 1m30.
The reason for this is keepalived, when configured with a network namespace, doesn't create the PIDfile as /run/keepalived.pid but as /run/keepalived/keepalived.pid, which is a bug.
This occurs because of the weird code selecting where to create the PID file:
2043 /* Entry point */ 2044 int 2045 keepalived_main(int argc, char **argv) 2046 { : 2276 if (use_pid_dir) { 2277 if (!main_pidfile) 2278 main_pidfile = KEEPALIVED_PID_DIR KEEPALIVED_PID_FILE PID_EXTENSION; : 2292 else 2293 { 2294 if (!main_pidfile) 2295 main_pidfile = RUN_DIR KEEPALIVED_PID_FILE PID_EXTENSION; :
Here above, the location depends on use_pid_dir variable, which is automatically set when configuring a network namespace.
This ends up entering line 2278 instead of always entering line 2295.
Since the keepalived.service unit hardcodes the PIDfile location, it's important to always choose the proper location (line 2295).
Please fix this code.
What is the impact of this issue to you?
Cannot start keepalived when configuring a network namespace
Please provide the package NVR for which the bug is seen:
keepalived-2.1.5-9.el8
How reproducible is this bug?:
Always
Steps to reproduce
- Move SELinux to Permissive (to avoid failing due to RHEL-64920)
#setenforce 0
- Start the service with a network namespace configuration, e.g.
net_namespace LB global_defs { router_id 102 # Unique id enable_script_security } vrrp_instance VI_1 { [...] }
Expected results
Service starts properly
Actual results
Service fails in timeout
