Package: quagga-core Version: 1.1.1-3 Severity: important Dear Maintainer,
after receiving word bgpd no longer starts[1], presumably after systemd went from 234-3 to 235-2, I checked a bit further and the most likely explanation is zebra.service is invalid and used to work in the past rather by coincidence only. This might need more checking in the systemd sources but honestly reading the documentation it's obvious the service file needs some attention. So, there is a "RuntimeDirectory=quagga" definition. *Presumably* systemd now enforces ownership of this directory which is, for lack of User= and Group= statemant, root:root. This obviously happens *after* the ExecStartPre= commands are run, rendering the chown statement for /run/quagga void. Check with your local systemd guru in case of doubt. So zebra, no longer root after a setgroups/setruid, cannot write its PID file. The logfile, if written, shows: | ZEBRA: Can't create pid lock file /run/quagga/zebra.pid (Permission denied), exiting With zebra failed to start, bgpd will not be attempted at all, resulting in the observed behaviour. Not sure about a sane fix. User=/Group= is certainly not an option since some portions of zebra need root privileges. Removing the RuntimeDirectory= statement and asserting /run/quagga - either by an additional ExecStartPre= or by a tmpfile sniplet - seems to do the trick. Christoph [1] See also https://ci.debian.net/data/packages/unstable/amd64/q/quagga/20171011_224800.log -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.58 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: unable to detect Versions of packages quagga-core depends on: ii adduser 3.116+~jj1 ii dpkg 1.19.0.4+~jj1 ii init-system-helpers 1.51 pn iproute2 <none> ii libc6 2.24-17 ii libcap2 1:2.25-1.1 ii libpam0g 1.1.8-3.6 ii libreadline7 7.0-3 ii libtinfo5 6.0+20170902-1 quagga-core recommends no packages. Versions of packages quagga-core suggests: pn quagga-bgpd <none> pn quagga-isisd <none> pn quagga-ospf6d <none> pn quagga-ospfd <none> pn quagga-pimd <none> pn quagga-ripd <none> pn quagga-ripngd <none> pn snmpd <none>
signature.asc
Description: Digital signature