Unit tmp.mount is masked on restart of services such as mysql and NIS/ypbind

rkudyba · April 7, 2020, 3:00am

The exact same issue noted in this systemd-devel list is happening.

When I try to restart services such as:

systemctl restart mysql
Failed to restart mysql.service: Unit var.mount is masked.

systemctl restart ypbind
Failed to restart ypbind.service: Unit tmp.mount is masked.

When I try to unmask tmp.mount it always returns the same:

systemctl status tmp.mount
● tmp.mount - /tmp
   Loaded: masked (Reason: Unit tmp.mount is masked.)
   Active: active (mounted) since Wed 2020-03-18 13:40:03 EDT; 2 weeks 5 days ago
    Where: /tmp
     What: tmpfs
    Tasks: 0 (limit: 57833)
   Memory: 56.0K
      CPU: 1ms
   CGroup: /system.slice/tmp.mount

Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.

Then I saw a lot of RPC: Timed out from the NIS primary and slave servers.

Other errors:

Apr  6 21:06:25 ourserver kernel: rpc-srv/tcp: nfsd: got error -32 when sending 24 bytes - shutting down socket
Apr  6 21:06:25 ourserver automount[3945]: set_tsd_user_vars: failed to get passwd info from getpwuid_r

I do see a lot of cockpit errors such as the below but there are probably a symptom but not related to the cause:

Apr  6 20:25:41 ourserver cockpit-ws[2749919]: received unsupported HTTP method
Apr  6 20:25:41 ourserver cockpit-ws[2749919]: received invalid HTTP request line
Apr  6 20:25:41 ourserver cockpit-ws[2749919]: received invalid HTTP request line
Apr  6 20:25:44 ourserver cockpit-tls[2736293]: cockpit-tls: gnutls_handshake failed: The TLS connection was non-properly terminated.
Apr  6 20:25:44 ourserver cockpit-tls[2736293]: cockpit-tls: gnutls_handshake failed: An unexpected TLS packet was received.
Apr  6 20:25:44 ourserver cockpit-tls[2736293]: cockpit-tls: gnutls_handshake failed: A connection with inappropriate fallback was at
tempted.
Apr  6 20:25:51 ourserver cockpit-tls[2736293]: cockpit-tls: gnutls_handshake failed: The TLS connection was non-properly terminated.

I uninstalled cockpit-ws for now.

And just like in the systemd-devel thread, all of the systemctl status *.mount are showing masked.

Is this something new that could break NIS?

Edit: I may have found a work-around, as suggested here, I set PrivateTmp=false in /usr/lib/systemd/system/ypbind.service and ran systemctl daemon-reload, and am waiting until there are less users logged in to restart ypbind.

I believe this could be a part of Features/ServicesPrivateTmp.

rkudyba · April 20, 2020, 12:59am

Ihttps://bugzilla.redhat.com/show_bug.cgi?id=1821530 but it looks like this is an issue with Gparted.

See this quote:

I quickly checked the gparted sources and noticed that it still does
mask all .mount units.

gparted.in: | grep -v masked | cut -f1 -d’ ’
gparted.in: systemctl --runtime mask --quiet – $MOUNTLIST
gparted.in: systemctl --runtime unmask --quiet – $MOUNTLIST