Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1094932 - subscription-manager: script and/or trigger should not directly enable systemd units
Summary: subscription-manager: script and/or trigger should not directly enable system...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: subscription-manager
Version: 7.2
Hardware: Unspecified
OS: Unspecified
medium
low
Target Milestone: rc
: ---
Assignee: William Poteat
QA Contact: John Sefler
URL:
Whiteboard:
: 1209382 (view as bug list)
Depends On: 1163968 1271839
Blocks: autoenabled-systemd-units rhsm-rhel72 1201663 1378128
TreeView+ depends on / blocked
 
Reported: 2014-05-06 17:23 UTC by Andy Lutomirski
Modified: 2017-08-01 19:18 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1163968 (view as bug list)
Environment:
Last Closed: 2017-08-01 19:18:42 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github candlepin subscription-manager pull 1497 0 None None None 2016-09-26 18:16:57 UTC
Red Hat Bugzilla 1209382 0 medium CLOSED Use systemd macros instead of direct call to systemctl enable 2022-05-16 11:32:56 UTC
Red Hat Product Errata RHBA-2017:2083 0 normal SHIPPED_LIVE python-rhsm and subscription-manager bug fix and enhancement update 2017-08-01 18:14:19 UTC

Internal Links: 1209382

Description Andy Lutomirski 2014-05-06 17:23:36 UTC 
My query script thinks that subscription-manager has a script or trigger that directly enables a systemd unit using 'systemctl enable'.  It probably should not.  Please update this packages to use the macroized scriptlet (https://fedoraproject.org/wiki/Packaging:ScriptletSnippets#Systemd).

If your package has an exception from FESCo permitting it to enable
itself, please make sure that the service in question is listed in the
appropriate preset file.

There is a general exception described here:

https://fedoraproject.org/wiki/Starting_services_by_default

If your package falls under the general exception, then it is possible
that no change is required.  Nevertheless, if you are relying on the
exception, please make sure that your rpm scripts are sensible.  The
exception is:

In addition, any service which does not remain persistent on the system (aka, it "runs once then goes away"), does not listen to incoming connections during initialization, and does not require configuration to be functional may be enabled by default (but is not required to do so). An example of "runs once then goes away" service is iptables.

Given that this issue can affect Fedora 20 users who install your
package as a dependency, this bug should be fixed in Fedora 20 and
Rawhide.
Comment 1 Jaroslav Reznik 2015-03-03 17:01:04 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 22 development cycle.
Changing version to '22'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora22
Comment 2 Adrian Likins 2015-08-13 14:02:20 UTC 
Pinged redhat-release-server component about that side of it at https://bugzilla.redhat.com/show_bug.cgi?id=1163968
Comment 3 William Poteat 2016-09-26 18:16:57 UTC 
systemctl commands removed. Issue will only be resolved when the preset file has been updated by rel-eng.
Comment 7 Rehana 2017-05-02 10:51:13 UTC 
Retested with ;

# subscription-manager version
server type: This system is currently not registered.
subscription management server: 0.9.51.21-1
subscription management rules: 5.15.1
subscription-manager: 1.19.10-1.el7
python-rhsm: 1.19.5-1.el7


Demonstrating that with older subscription-manager packages(subscription-manager: 1.17.15-1.el7 and python-rhsm: 1.17.9-1.el7) the rpm scriptlets contains /bin/systemctl enable commands 

# rpm -q --scripts subscription-manager | grep /bin/systemctl
    /bin/systemctl enable rhsmcertd.service >/dev/null 2>&1 || :
    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
    /bin/systemctl try-restart rhsmcertd.service >/dev/null 2>&1 || :

with the latest subscription-manager packages from brew (subscription-manager: 1.19.10-1.el7 and python-rhsm: 1.19.5-1.el7 ) /bin/systemctl enable commands are removed

# rpm -q --scripts subscription-manager | grep /bin/systemctl
# 
 
Full contents for reference 
-------------------------------

# rpm -q --scripts subscription-manager 
postinstall scriptlet (using /bin/sh):
    
if [ $1 -eq 1 ] ; then 
        # Initial installation 
        systemctl preset rhsmcertd.service >/dev/null 2>&1 || : 
fi 


if [ -x /bin/dbus-send ] ; then
    dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig > /dev/null 2>&1 || :
fi

if [ "$1" -eq "2" ] ; then
    /sbin/service rhsmcertd condrestart >/dev/null 2>&1 || :
fi
preuninstall scriptlet (using /bin/sh):
if [ $1 -eq 0 ] ; then
        
if [ $1 -eq 0 ] ; then 
        # Package removal, not upgrade 
        systemctl --no-reload disable rhsmcertd.service > /dev/null 2>&1 || : 
        systemctl stop rhsmcertd.service > /dev/null 2>&1 || : 
fi 


    if [ -x /bin/dbus-send ] ; then
        dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig > /dev/null 2>&1 || :
    fi
fi
postuninstall scriptlet (using /bin/sh):
    
systemctl daemon-reload >/dev/null 2>&1 || : 
if [ $1 -ge 1 ] ; then 
        # Package upgrade, not uninstall 
        systemctl try-restart rhsmcertd.service >/dev/null 2>&1 || : 
fi
Comment 8 Rehana 2017-05-02 13:55:28 UTC 
Based on comment 7 , Marking the bug as Verified
Comment 9 Kevin Howell 2017-05-03 15:07:56 UTC 
*** Bug 1209382 has been marked as a duplicate of this bug. ***
Comment 10 errata-xmlrpc 2017-08-01 19:18:42 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2083
Note You need to log in before you can comment on or make changes to this bug.