pollinate.service fails to start: ERROR: should execute as the [pollinate] user -- missing CacheDirectory=

Bug #1848923 reported by Martin Pitt
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
pollinate (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned
Bionic
Undecided
Unassigned
Focal
Undecided
Unassigned
Groovy
Undecided
Unassigned

Bug Description

[Impact]

 * /var/cache is expected to be able to be cleared for a reboot without
   drawbacks. But the directory of pollinate is a classic cache, yet it
   only is created in postinst. That leads to the service failing on
   reboot after the path was cleared.
   For example the cockpit images are affected by that

 * The Fix for that is to instruct systemd to (if needed) create that path
   under the same permissions.

[Test Case]

 * sudo rm -rf /var/cache/pollinate
 * sudo reboot
 * systemctl status pollinate

 Without the fix it will fail to start missing the directory (but
 complaining about a wrong user). With the fix it works as systemd
 recreates that directory if needed.

[Where problems could occur]

 * We modify the service file, so issues would be around the
   /var/cache/pollinate creation/usage or the start/stop/restart
   of the service.

[Other Info]

 * the postinst bits doeing the mkdir are not removed to easen backport to
   e.g. Xenial where this systemd feature does not exist.

----

In a standard Ubuntu 19.10 cloud image install, pollinate fails to start:

● pollinate.service - Pollinate to seed the pseudo random number generator
   Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sun 2019-10-20 12:17:10 EEST; 3 months 4 days ago
     Docs: https://launchpad.net/pollinate
 Main PID: 665 (code=exited, status=1/FAILURE)

Oct 20 12:17:10 ubuntu systemd[1]: Starting Pollinate to seed the pseudo random number generator...
Oct 20 12:17:10 ubuntu pollinate[708]: ERROR: should execute as the [pollinate] user
Oct 20 12:17:10 ubuntu systemd[1]: pollinate.service: Main process exited, code=exited, status=1/FAILURE
Oct 20 12:17:10 ubuntu systemd[1]: pollinate.service: Failed with result 'exit-code'.
Oct 20 12:17:10 ubuntu systemd[1]: Failed to start Pollinate to seed the pseudo random number generator.

The user does exist:

# id pollinate
uid=110(pollinate) gid=1(daemon) groups=1(daemon)

and the unit has "User=pollinate"

This happens outside of systemd as well:

# sudo -u pollinate /usr/bin/pollinate
<13>Jan 24 09:31:05 pollinate[21456]: ERROR: should execute as the [pollinate] user

set -x shows why:

+ [ ! -w /var/cache/pollinate ]
+ error should execute as the [pollinate] user

This directory doesn't exist. So (1) this is a bad error message, and (2) pollinate.service is missing "CacheDirectory=pollinate". When adding that, it works.

pollinate 4.33-2ubuntu1

Related branches

Martin Pitt (pitti)
tags: added: eoan regression-release
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in pollinate (Ubuntu Eoan):
status: New → Confirmed
Changed in pollinate (Ubuntu):
status: New → Confirmed
Revision history for this message
Paride Legovini (paride) wrote :

Hi Martin,

I'm marking the Eoan task as Wont't Fix as Eoan reached its EOL. Do you see this issue in >= Focal? I tried to reproduce it but I wasn't able too, so if you are able to please share some steps we can follow. Thanks!

Changed in pollinate (Ubuntu Eoan):
status: Confirmed → Won't Fix
Changed in pollinate (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Martin Pitt (pitti) wrote :

I just tested on current 20.04 and 20.10 cloud images, still the same bug. There was exactly one upload since then [1] which was trivial (just updating the watch file).

[1] https://launchpad.net/ubuntu/+source/pollinate/+changelog

Changed in pollinate (Ubuntu):
status: Incomplete → Triaged
Revision history for this message
Martin Pitt (pitti) wrote :

One more thing: That package hasn't worked in literally years, and is also obsolete. QEMU has had `-device virtio-rng-pci` for a long time now, libvirt uses it by default, and apparently most cloud providers use that, too. So I suggest to remove the package from Ubuntu, but *at least* from the default install.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :
Download full text (3.3 KiB)

Hallo Martin!
o/

Let us split this into

#A
"Not needing it anymore" is a separate discussion that I'll trigger internally.
IMHO not all consumers of e.g. libvirt have followed and if specifying devices at all libvirt will not (as it does with some other things) add virtio-rng. I'd personally more like to see a "check if good RNG is available, and if so don't act" than completely removing it. But that is up for discussion ...

and into

#B
On recreating this I see the same that Paride does ?!?:
@Martin how are you starting your images to fail the way you see it, any command line worth to share? Maybe no or only special network to make it fail?
I attached how I started my test systems.

BareMetal:
$ systemctl status pollinate
● pollinate.service - Pollinate to seed the pseudo random number generator
     Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Thu 2021-02-04 13:18:00 UTC; 18h ago
       Docs: https://launchpad.net/pollinate
   Main PID: 892 (code=exited, status=0/SUCCESS)

Feb 04 13:17:59 node-horsea systemd[1]: Starting Pollinate to seed the pseudo random number generator...
Feb 04 13:18:00 node-horsea systemd[1]: pollinate.service: Succeeded.
Feb 04 13:18:00 node-horsea systemd[1]: Finished Pollinate to seed the pseudo random number generator.

Focal KVM Guest booting cloud image:
● pollinate.service - Pollinate to seed the pseudo random number generator
     Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Fri 2021-02-05 07:57:52 UTC; 1min 54s ago
       Docs: https://launchpad.net/pollinate
   Main PID: 664 (code=exited, status=0/SUCCESS)

Feb 05 07:57:51 f-pol systemd[1]: Starting Pollinate to seed the pseudo random number generator...
Feb 05 07:57:51 f-pol pollinate[710]: client sent challenge to [https://entropy.ubuntu.com/]
Feb 05 07:57:52 f-pol pollinate[740]: client verified challenge/response with [https://entropy.ubuntu.com/]
Feb 05 07:57:52 f-pol pollinate[747]: client hashed response from [https://entropy.ubuntu.com/]
Feb 05 07:57:52 f-pol pollinate[748]: client successfully seeded [/dev/urandom]
Feb 05 07:57:52 f-pol systemd[1]: pollinate.service: Succeeded.
Feb 05 07:57:52 f-pol systemd[1]: Finished Pollinate to seed the pseudo random number generator.

Hirsute KVM Guest booting cloud image:
ubuntu@h-pol:~$ systemctl status pollinate
● pollinate.service - Pollinate to seed the pseudo random number generator
     Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Fri 2021-02-05 07:57:41 UTC; 2min 11s ago
       Docs: https://launchpad.net/pollinate
   Main PID: 659 (code=exited, status=0/SUCCESS)

Feb 05 07:57:40 h-pol systemd[1]: Starting Pollinate to seed the pseudo random number generator...
Feb 05 07:57:41 h-pol pollinate[710]: client sent challenge to [https://entropy.ubuntu.com/]
Feb 05 07:57:41 h-pol pollinate[758]: client verified challenge/response with [https://entropy.ubuntu.com/]
Feb 05 07:57:41 h-pol pollinate[765]: client hashed response from [https://entropy.ubuntu.com/]
Feb 05 07:57:41...

Read more...

Changed in pollinate (Ubuntu):
status: Triaged → Incomplete
no longer affects: pollinate (Ubuntu Eoan)
Revision history for this message
Martin Pitt (pitti) wrote :
Download full text (4.1 KiB)

Thanks Christian! Interesting, the "ERROR: should execute as the [pollinate] user" looks quite unrelated to any networking setup and smelled like a package postinst/systemd unit bug.

I started trying to reproduce this outside of the Ubuntu CI, with a most naïve

  curl -O https://cloud-images.ubuntu.com/daily/server/groovy/current/groovy-server-cloudimg-amd64.img
  curl -O https://github.com/cockpit-project/bots/raw/master/machine/cloud-init.iso
  qemu-system-x86_64 -enable-kvm -nographic -m 2048 -device virtio-rng-pci -drive file=groovy-server-cloudimg-amd64.img,if=virtio -snapshot -cdrom cloud-init.iso

(that cloud-init is nothing special, just to get root:foobar and admin:foobar accounts, see [1])

But this fails to start ssh.service, and neither does it actually run cloud-init, so there is no way to log in and examine further. But indeed it seems to have started pollinate:

[ OK ] Finished Pollinate to seed…seudo random number generator.
         Starting OpenBSD Secure Shell server...
[ OK ] Started Dispatcher daemon for systemd-networkd.
[FAILED] Failed to start OpenBSD Secure Shell server.
See 'systemctl status ssh.service' for details.

Our CI uses libvirt for everything, which of course makes a CLI reproducer a lot more difficult. It's fairly easy when actually using our python wrappers:

  git clone https://github.com/cockpit-project/bots/
  bots/vm-run ubuntu-stable

(log in as root:foobar)

This downloads the actual image to ~/.cache/cockpit-images and creates a transient domain with a transient overlay. I attach the `virsh dumpxml` output, but of course that has a lot of absolute file system paths in it, UUIDs, and other junk that is specific to my system.

There the pollinate user exists

  # id pollinate
  uid=111(pollinate) gid=1(daemon) groups=1(daemon)

  # systemctl cat pollinate
  [..]
  [Service]
  User=pollinate
  ExecStart=/usr/bin/pollinate
  Type=oneshot

which looks right.

I edited the systemd unit to run pollinate through /bin/sh -ex, and that did reveal something:

Feb 07 09:24:10 ubuntu sh[2449]: + set -e
Feb 07 09:24:10 ubuntu sh[2449]: + set -f
Feb 07 09:24:10 ubuntu sh[2449]: + PKG=pollinate
Feb 07 09:24:10 ubuntu sh[2450]: + mktemp -d -t pollinate.XXXXXXXXXXXX
Feb 07 09:24:10 ubuntu sh[2449]: + TMPDIR=/tmp/pollinate.77BPmzGSfzFm
Feb 07 09:24:10 ubuntu sh[2449]: + trap rm -rf /tmp/pollinate.77BPmzGSfzFm 2>/dev/null || true EXIT HUP INT QUIT TERM
Feb 07 09:24:10 ubuntu sh[2449]: + CACHEDIR=/var/cache/pollinate
Feb 07 09:24:10 ubuntu sh[2449]: + FLAG=/var/cache/pollinate/seeded
Feb 07 09:24:10 ubuntu sh[2449]: + LOG=/var/cache/pollinate/log
Feb 07 09:24:10 ubuntu sh[2451]: + hostname
Feb 07 09:24:10 ubuntu sh[2449]: + HOSTNAME=ubuntu
Feb 07 09:24:10 ubuntu sh[2449]: + STRICT=0
Feb 07 09:24:10 ubuntu sh[2453]: + logger -V
Feb 07 09:24:10 ubuntu sh[2454]: + awk {print $4}
Feb 07 09:24:10 ubuntu sh[2449]: + logger_ver=2.36
Feb 07 09:24:10 ubuntu sh[2449]: + dpkg --compare-versions 2.36 ge 2.26.2
Feb 07 09:24:10 ubuntu sh[2449]: + LOGGER=logger --id=2449
Feb 07 09:24:10 ubuntu sh[2449]: + [ -t 0 ]
Feb 07 09:24:10 ubuntu sh[2449]: + [ -r /etc/default/pollinate ]
Feb 07 09:24:10 ubuntu sh[2449]: + . /etc/default...

Read more...

summary: pollinate.service fails to start: ERROR: should execute as the
- [pollinate] user
+ [pollinate] user -- missing CacheDirectory=
Changed in pollinate (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Awesome debugging Martin!

but while I agree that:
  CacheDirectory=pollinate
would in your case mitigate the issue by systemd providing that directory, it would also hide that this dir was lost at some point. The postinst of pollinate would have created that dir:

root@h:~# grep cache /var/lib/dpkg/info/pollinate.*
/var/lib/dpkg/info/pollinate.postinst: adduser --disabled-password --quiet --system --home /var/cache/$PKG --ingroup daemon --shell /bin/false $PKG
/var/lib/dpkg/info/pollinate.postinst:mkdir -p /var/cache/$PKG
/var/lib/dpkg/info/pollinate.postinst:chown -f $PKG /var/cache/$PKG
/var/lib/dpkg/info/pollinate.postinst:rm -f /var/cache/$PKG/tag

And only on remove it is removed, which didn't happen here:
/var/lib/dpkg/info/pollinate.postrm: rm -rf /var/lib/$PKG /var/cache/$PKG /etc/default/$PKG

And if we examine the groovy image that you referred at https://cloud-images.ubuntu.com/daily/server/groovy/current/groovy-server-cloudimg-amd64.img it has that path and would therefore not be affected.
Here as example:
$ wget https://cloud-images.ubuntu.com/daily/server/groovy/current/groovy-server-cloudimg-amd64.img
...
2021-02-08 16:00:56 (7,71 MB/s) - ‘groovy-server-cloudimg-amd64.img’ saved [562692096/562692096]
$ modprobe nbd max_part=8
$ sudo qemu-nbd --connect=/dev/nbd0 /tmp/groovy-server-cloudimg-amd64.img
[sudo] password for paelzer:
$ sudo fdisk /dev/nbd0 -l
Disk /dev/nbd0: 2,2 GiB, 2361393152 bytes, 4612096 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: 063C6DF3-80DF-451F-8EA3-60CA46A6188F

Device Start End Sectors Size Type
/dev/nbd0p1 227328 4612062 4384735 2,1G Linux filesystem
/dev/nbd0p14 2048 10239 8192 4M BIOS boot
/dev/nbd0p15 10240 227327 217088 106M EFI System

Partition table entries are not in disk order.
$ mkdir /tmp/imagedisk
$ sudo mount /dev/nbd0p1 /tmp/imagedisk
$ sudo chroot /tmp/imagedisk
root@Keschdeichel:/# ll /var/cache/pollinate/
total 8
drwxr-xr-x 2 pollinate daemon 4096 Feb 7 11:32 ./
drwxr-xr-x 12 root root 4096 Feb 7 11:32 ../
root@Keschdeichel:/# exit

Could that be an issue in the creation of the cockpit images that you mentioned?
Where could we download one of them to check the state of that path in there?

Revision history for this message
Martin Pitt (pitti) wrote :

Indeed all our images clear up /var/cache [1]. Sorry, I forgot about this bit before! An admin should always be able to rm -rf /var/cache, reboot, and get a fully working system [2]. So if the pollinate data is in any way precious, it should better be in /var/lib/pollinate then (similar to /var/lib/systemd/random-seed).

So indeed it seems that CacheDirectory= will be at least *a* fix, or moving to StateDirectory= and moving the file to /var/lib/pollinate/ if it's precious.

Thanks Christian for your help here! And sorry for my unnecessarily harsh words in comment #5, I should not have assumed that it was broken everywhere. 🤭

[1] https://github.com/cockpit-project/bots/blob/master/images/scripts/lib/zero-disk.setup#L42
[2] https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s05.html

Revision history for this message
Martin Pitt (pitti) wrote :

> Where could we download one of them to check the state of that path in there?

See comment #7:

  git clone https://github.com/cockpit-project/bots/
  bots/vm-run ubuntu-stable

But I suppose that's moot now :)

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

That path is used to detect if it has run before and skip re-execution as it isn't needed anymore then. A path change might be wanted, but would either need all sorts of maintscript magic to carry from old to new location if that has happened on a given system.

The option to use:
  CacheDirectory=pollinate
is very tempting.
Because if the path is there already this does nothing => no re-execution even on reboots.

But if running in an environment that has cleaned /var/cache then this will ensure it is "fine again". I think we can at this time also remove the mkdir from the postinst.

I'll prep that tomorrow and experiment with it ....

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :
Martin Pitt (pitti)
Changed in pollinate (Ubuntu):
status: Confirmed → In Progress
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

I needed a little tweak for the permissions, but other than that the suggestion worked fine.
I've prepared that in the PPA and MP for test/review.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

MP review complete, uploaded with minor modifications to Hirsute and submitted the same to Debian.
Once complete in 21.04 we can think about how far we want to backport this.

description: updated
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

SRU Template added.
For backport planning I'll add B/F/G since the solution on't help Xenial and that really is old enough by now to have more people complain about this issue there to make it super-important.

Changed in pollinate (Ubuntu Xenial):
status: New → Won't Fix
Changed in pollinate (Ubuntu Bionic):
status: New → Triaged
Changed in pollinate (Ubuntu Focal):
status: New → Triaged
Changed in pollinate (Ubuntu Groovy):
status: New → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pollinate - 4.33-3ubuntu2

---------------
pollinate (4.33-3ubuntu2) hirsute; urgency=medium

  * d/pollinate.service: ensure cache directory is recreated (LP: #1848923)

 -- Christian Ehrhardt <email address hidden> Tue, 09 Feb 2021 10:57:54 +0100

Changed in pollinate (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

@Martin - since you made me think about that "/var/cache should be removable without impact" I was looking around a bit and I think there would be many more packages that are possible affected.
I mean each of them might be an individual case and have or ahve not an impact, but this looks like a huge list.

  => https://codesearch.debian.net/search?q=mkdir.*%2Fvar%2Fcache+path%3Adebian%2F*&literal=0

@Martin - With your DD-hat on, would that need a mass bug filing in Debian? Also could you link here to where the quote about /var/cache being removable was from?

Revision history for this message
Martin Pitt (pitti) wrote :

@Christian: Debian still needs/wants to support sysvinit. Of course init.d scripts ought to create cache directories too (like munin, mopidy, and others already do, but probably not all of them), but that will be a bit more work. FHS applies to SysV init as well, so the same reasoning still holds. Also, some postinsts seem to do legitimate work, like fontconfig which also creates an initial font cache.

If you want to start an MBF, it first needs some initial discussion, or at least announcement, on debian-devel@ [1]. And then it needs checking which packages actually have that problem, as I don't think it's actually *that* many -- two dozens tops? But in general I think this is a nice goal for sure. (For the record, we have not detected any problems related to this in the Cockpit test suite on any Debian or Ubuntu image, except for pollinate)

The "/var/cache/ should be removable" reference is [2], it was already in comment #9:

[1] https://www.debian.org/doc/manuals/developers-reference/beyond-pkging.en.html#reporting-lots-of-bugs-at-once-mass-bug-filing
[2] https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s05.html

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks for your advice Martin, does not like a can-of-worms I'd want/need to open today then.
I've myself checked a few cases and indeed many don't fail (or not as hard) like pollinate.
So for now let us just fix this.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

All MPs got approved and I've uploaded this to B/F/G-unapproved.

Revision history for this message
Robie Basak (racb) wrote : Please test proposed package

Hello Martin, or anyone else affected,

Accepted pollinate into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pollinate/4.33-3ubuntu1.20.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in pollinate (Ubuntu Groovy):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-groovy
Changed in pollinate (Ubuntu Focal):
status: Triaged → Fix Committed
tags: added: verification-needed-focal
Revision history for this message
Robie Basak (racb) wrote :

Hello Martin, or anyone else affected,

Accepted pollinate into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pollinate/4.33-3ubuntu1.20.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in pollinate (Ubuntu Bionic):
status: Triaged → Fix Committed
tags: added: verification-needed-bionic
Revision history for this message
Robie Basak (racb) wrote :

Hello Martin, or anyone else affected,

Accepted pollinate into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/pollinate/4.33-0ubuntu1~18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Revision history for this message
Martin Pitt (pitti) wrote :

Verification for groovy:

I took a 20.10 VM with current pollinate 4.33-3ubuntu1, and after booting, pollinate.service is in state failed as per the bug description.

I then updated to 4.33-3ubuntu1.20.10.1. The package update auto-restarted pollinate.service, and it looked successful:

# systemctl status pollinate
● pollinate.service - Pollinate to seed the pseudo random number generator
     Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
     Active: inactive (dead) since Tue 2021-02-16 06:03:56 UTC; 1min 45s ago
       Docs: https://launchpad.net/pollinate
    Process: 2815 ExecStart=/usr/bin/pollinate (code=exited, status=0/SUCCESS)
   Main PID: 2815 (code=exited, status=0/SUCCESS)

Feb 16 06:03:56 ubuntu systemd[1]: Starting Pollinate to seed the pseudo random number generator...
Feb 16 06:03:56 ubuntu pollinate[2830]: client sent challenge to [https://entropy.ubuntu.com/]
Feb 16 06:03:56 ubuntu pollinate[2844]: client verified challenge/response with [https://entropy.ubuntu.com/]
Feb 16 06:03:56 ubuntu pollinate[2851]: client hashed response from [https://entropy.ubuntu.com/]
Feb 16 06:03:56 ubuntu pollinate[2852]: client successfully seeded [/dev/urandom]
Feb 16 06:03:56 ubuntu systemd[1]: pollinate.service: Succeeded.
Feb 16 06:03:56 ubuntu systemd[1]: Finished Pollinate to seed the pseudo random number generator.

It does not have RemainAfterExit=, so that is as expected. I rebooted the VM, and the unit skipped cleanly, again as expected:

# systemctl status pollinate
● pollinate.service - Pollinate to seed the pseudo random number generator
     Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
     Active: inactive (dead)
  Condition: start condition failed at Tue 2021-02-16 06:06:58 UTC; 6s ago
             └─ ConditionPathExists=!/var/cache/pollinate/seeded was not met
       Docs: https://launchpad.net/pollinate

Feb 16 06:06:58 ubuntu systemd[1]: Condition check resulted in Pollinate to seed the pseudo random number generator being skipped.

# ls -l /var/cache/pollinate/
total 0
-rw-r--r-- 1 pollinate daemon 0 Feb 16 06:03 seeded

Now let's re-try the cleanup:

# rm -rf /var/cache/*
# reboot

This causes the shutdown process to last a little longer, presumably because running daemons got their files ripped away underneath them, but it does succeed. After it came back up, pollinate.service once again ran successfully like above.

tags: added: verification-done-groovy
removed: verification-needed-groovy
Revision history for this message
Martin Pitt (pitti) wrote :

I now did exactly the same steps as above on an Ubuntu 20.04 VM, with exactly the same results. This verifies 4.33-3ubuntu1.20.04.1.

tags: added: verification-done-focal
removed: verification-needed-focal
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :
Download full text (4.9 KiB)

For Bionic I have spawned a guest and checked how as-of today it responds to deleting it's /var/cache/pollinate.

Initially:
$ systemctl status pollinate
● pollinate.service - Pollinate to seed the pseudo random number generator
   Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Tue 2021-02-16 09:13:12 UTC; 47s ago
  Process: 775 ExecStart=/usr/bin/pollinate (code=exited, status=0/SUCCESS)
 Main PID: 775 (code=exited, status=0/SUCCESS)

Feb 16 09:13:11 h-qemu-modules systemd[1]: Starting Pollinate to seed the pseudo random number generator...
Feb 16 09:13:11 h-qemu-modules pollinate[841]: client sent challenge to [https://entropy.ubuntu.com/]
Feb 16 09:13:12 h-qemu-modules pollinate[885]: client verified challenge/response with [https://entropy.ubuntu.com/]
Feb 16 09:13:12 h-qemu-modules pollinate[896]: client hashed response from [https://entropy.ubuntu.com/]
Feb 16 09:13:12 h-qemu-modules pollinate[897]: client successfully seeded [/dev/urandom]
Feb 16 09:13:12 h-qemu-modules systemd[1]: Started Pollinate to seed the pseudo random number generator.

After
$ rm -rf /var/cache/pollinate
$ reboot
...
$ systemctl status pollinate
● pollinate.service - Pollinate to seed the pseudo random number generator
   Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Tue 2021-02-16 09:14:43 UTC; 7s ago
  Process: 750 ExecStart=/usr/bin/pollinate (code=exited, status=1/FAILURE)
 Main PID: 750 (code=exited, status=1/FAILURE)

Feb 16 09:14:43 h-qemu-modules systemd[1]: Starting Pollinate to seed the pseudo random number generator...
Feb 16 09:14:43 h-qemu-modules systemd[1]: pollinate.service: Main process exited, code=exited, status=1/FAILURE
Feb 16 09:14:43 h-qemu-modules systemd[1]: pollinate.service: Failed with result 'exit-code'.
Feb 16 09:14:43 h-qemu-modules systemd[1]: Failed to start Pollinate to seed the pseudo random number generator

Then Install the new version

$ sudo apt install pollinate
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
  pollinate
1 upgraded, 0 newly installed, 0 to remove and 34 not upgraded.
Need to get 11.8 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 pollinate all 4.33-0ubuntu1~18.04.2 [11.8 kB]
Fetched 11.8 kB in 0s (219 kB/s)
(Reading database ... 60178 files and directories currently installed.)
Preparing to unpack .../pollinate_4.33-0ubuntu1~18.04.2_all.deb ...
Unpacking pollinate (4.33-0ubuntu1~18.04.2) over (4.33-0ubuntu1~18.04.1) ...
Setting up pollinate (4.33-0ubuntu1~18.04.2) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
ubuntu@h-qemu-modules:~$ systemctl status pollinate
● pollinate.service - Pollinate to seed the pseudo random number generator
   Loaded: loaded (/lib/systemd/system/pollinate.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Tue 2021-02-16 09:16:12 UTC; 6s ago
  Process: 1569 ExecStart=/usr/bin/pollinate (code=exited,...

Read more...

tags: added: verification-done verification-done-bionic
removed: verification-needed verification-needed-bionic
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pollinate - 4.33-3ubuntu1.20.10.1

---------------
pollinate (4.33-3ubuntu1.20.10.1) groovy; urgency=medium

  * d/pollinate.service: ensure cache directory is recreated (LP: #1848923)

 -- Christian Ehrhardt <email address hidden> Tue, 09 Feb 2021 10:57:54 +0100

Changed in pollinate (Ubuntu Groovy):
status: Fix Committed → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote : Update Released

The verification of the Stable Release Update for pollinate has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pollinate - 4.33-3ubuntu1.20.04.1

---------------
pollinate (4.33-3ubuntu1.20.04.1) focal; urgency=medium

  * d/pollinate.service: ensure cache directory is recreated (LP: #1848923)

 -- Christian Ehrhardt <email address hidden> Tue, 09 Feb 2021 10:57:54 +0100

Changed in pollinate (Ubuntu Focal):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pollinate - 4.33-0ubuntu1~18.04.2

---------------
pollinate (4.33-0ubuntu1~18.04.2) bionic; urgency=medium

  * d/pollinate.service: ensure cache directory is recreated (LP: #1848923)

 -- Christian Ehrhardt <email address hidden> Tue, 09 Feb 2021 10:57:54 +0100

Changed in pollinate (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers