checkconfig in the init script no longer works correctly. The "variable get --current" portions return nothing which means the directory permission checks are incorrect and icinga fails to start with the following error in the log: critical/cli: Could not create temporary objects file: Error: Function call 'mkstemp' for file '/var/cache/icinga2/icinga2.debug.XXXXXX' failed with error code 13, 'Permission denied' Reproducible: Always
It looks like there are some conf.d/init.d variables that need updating as well, from https://icinga.com/docs/icinga2/latest/doc/16-upgrading-icinga-2/ "If you have the ICINGA2_RUN_DIR environment variable configured in the sysconfig file, you need to rename it to ICINGA2_INIT_RUN_DIR. ICINGA2_STATE_DIR has been removed and this setting has no effect."
It seems to be that the method used to determine the user/group no longer works: "/usr/sbin/icinga2 variable get --current RunAsUser" returns an empty string. This makes the init script run "chroot : /var/cache/icinga2" Looks like this commit is the culprit https://github.com/Icinga/icinga2/commit/e678fa1aa57b079ccc75dfac4086b48bcf809b11 and we need another way to determine the user icinga runs as.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e66a341ec02cfbb13ac0875fd0c2ea55a1212f09 commit e66a341ec02cfbb13ac0875fd0c2ea55a1212f09 Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2018-10-14 18:38:17 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2018-10-14 18:40:01 +0000 net-analyzer/icinga2: update init script Closes: https://bugs.gentoo.org/668506 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> Package-Manager: Portage-2.3.49, Repoman-2.3.11 net-analyzer/icinga2/files/icinga2.initd-3 | 91 ++++++++++++++++++++++ ...nga2-2.10.0.ebuild => icinga2-2.10.0-r1.ebuild} | 2 +- net-analyzer/icinga2/icinga2-9999.ebuild | 4 +- 3 files changed, 94 insertions(+), 3 deletions(-)
This isn't fixed for me with icinga2-2.10.1 . Same symptoms, same problem, icinga still won't start up and fails with error: [2018-10-20 21:03:23 +1100] information/cli: Icinga application loader (version: r2.10.1-1) [2018-10-20 21:03:23 +1100] information/cli: Loading configuration file(s). [2018-10-20 21:03:23 +1100] critical/cli: Could not create temporary objects file: Error: Function call 'mkstemp' for file '/var/cache/icinga2/icinga2.debug.XXXXXX' failed with error code 13, 'Permission denied' If I could re-open the bug I would. However if I downgrade to 2.9.2 icinga then starts up normally. If I then upgrade to 2.10.x again it still works until I next reboot (at which point /var/cache/icinag2 is recreated). There is definitely something still wrong with permissions of the directory being created in /var/cache/icinga2: drwxr-x--- 2 root root 4096 Oct 20 21:03 icinga2 and as per Louis Sautier's comment: "/usr/sbin/icinga2 variable get --current RunAsUser" returns an empty string. That applies to me as well. Currently icinga2 2.10.x is unusable, as it fails to start.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=11648313f20e3a3a175832764755c373edc71ec0 commit 11648313f20e3a3a175832764755c373edc71ec0 Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2018-10-20 17:05:34 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2018-10-20 17:05:34 +0000 net-analyzer/icinga2: update init script Do not require icinga2 to run before we start it. Closes: https://bugs.gentoo.org/668506 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> Package-Manager: Portage-2.3.49, Repoman-2.3.11 net-analyzer/icinga2/Manifest | 1 - net-analyzer/icinga2/files/icinga2.initd-3 | 12 +- ...2-2.10.0-r1.ebuild => icinga2-2.10.1-r1.ebuild} | 0 net-analyzer/icinga2/icinga2-2.10.1.ebuild | 172 --------------------- 4 files changed, 1 insertion(+), 184 deletions(-)
