<html><body><div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; direction: null; color: #000000;" data-attr="forced_root_block_attrs">
<div>Hi,</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">thank you for your effort on this. you might be right:</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">in memfile_lease_mgr.cc:</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> process_.reset(new ProcessSpawn(ProcessSpawn::ASYNC, executable, args));</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">in process_spawn.h:</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">
<div> ProcessSpawn(const SpawnMode mode,</div>
<div> const std::string& executable,</div>
<div> const ProcessArgs& args = ProcessArgs(),</div>
<div> const ProcessEnvVars& vars = ProcessEnvVars(),</div>
<div> const bool inherit_env = false);</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">so by default the lfc is spawned with empty environment, so unless called explicitly by the service, kea spawns it with empty environment.</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">this is indeed an issue.</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">opened issue:</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"><a href="https://gitlab.isc.org/isc-projects/kea/-/issues/3450">https://gitlab.isc.org/isc-projects/kea/-/issues/3450</a></div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">Regards,</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs">Razvan</div>
<div style="font-size: 12pt; font-family: arial, helvetica, sans-serif; color: #000000;" data-attr="forced_root_block_attrs"> </div>
</div>
<div> </div>
<div id="signature-content-no-signature" data-marker="__SIG_PRE__"></div>
<div>
<div id="OLK_SRC_BODY_SECTION">
<div id="OLK_SRC_BODY_SECTION">
<blockquote style="margin: 0 0 0 .8em; border-left: 1px #ccc solid; padding-left: 1em;"><hr id="MESSAGE_DATA_MARKER"><strong>From: </strong>Martijn <kea-users@lists.isc.org><br><strong>To: </strong>Kea <kea-users@lists.isc.org><br><strong>Cc: </strong>Martijn <martijnremmen@icloud.com><br><strong>Date: </strong>Tuesday, 11 June 2024 2:54 PM EEST<br><strong>Subject: </strong>Re: [Kea-users] kea-lfc not using KEA_LOCKFILE_DIR<br><br>Thanks for your replies<br><br>@Darren, documentation seems quite sparse regarding this, which is why <br>I opted to read through the source code (by searching for the error <br>string). This indicated that kea-lfc uses the environment variable, if <br>it is set. There seems to be no other way to define this configuration <br>for kea-lfc.<br><br>@Razvan, this indeed seems to be the issue. Upon reading man sudoers:<br>> By default, the env_reset flag is enabled. This causes commands to <br>be executed with a new, minimal environment.<br><br>I did check this before writing, but I might have made a syntax error, <br>causing bash to interpret the command in the current context instead of <br>inside a forked process.<br>$ export FOO=bar<br>$ echo $FOO<br>bar<br>$ sudo -u _kea echo $FOO<br>bar<br><br>For the record, the correct command seems to be:<br>$ sudo -u _kea bash -c 'echo $FOO'<br><br>I confirmed kea-lfc to be using the specified location for the logger <br>lock like this:<br><br>$ sudo -u _kea bash<br>_kea$ export KEA_LOCKFILE_DIR=/run/lock/kea-VRF039<br>_kea$ echo $KEA_LOCKFILE_DIR<br>/run/lock/kea-VRF039<br>_kea$ kea-lfc ...<br>(no output, it seems to direct logs to /dev/log)<br>_kea$ strace !!<br>...<br>openat(AT_FDCWD, "/run/lock/kea-VRF039/logger_lockfile", <br>O_RDWR|O_CREAT, 0660)<br>...<br><br>Anyways, it is still not clear to me why the environment variable set <br>in the systemd unit file isn't coming through to the forked kea-lfc <br>process. kea-dhcp4 uses it just fine. And I can confirm the variable <br>exists in the context of the process by `cat /proc/{kea PID}/environ`, <br>which lists KEA_LOCKFILE_DIR with the correct value.<br><br>I guess this could either have to do with similar env_reset behaviour <br>for forked processes by systemd managed services or the way kea-dhcp4 <br>spawns kea-lfc.<br><br>I will investigate further. Thank you for your assistance.<br><br><br>Regards,<br>Martijn<br><br><br>On ma, jun 10 2024 at 20:07:14 +00:00:00, Razvan Becheriu <br><razvan@isc.org> wrote:<br>> Hi,<br>> <br>> some clarifications:<br>> the -p command line parameter in lfc executable is referring to the <br>> pid file used for lease file operations, while the KEA_LOCKFILE_DIR <br>> is used for the lockfile used for logging.<br>> <br>> I have tested your scenario and it seems to be working. I guess the <br>> problem on your side is that the exported environment variable is not <br>> inherited by the root environment when doing sudo -u ...<br>> <br>> the easiest way to pass the environment variable is to add it just <br>> before the executable:<br>> <br>> sudo -u ... KEA_LOCKFILE_DIR=/var/lib/kea-VRF039/ /usr/sbin/kea-lfc <br>> -4 ...<br>> <br>> to achieve this using services, please consult the man for options <br>> regarding environment variables in the service file.<br>> <br>> I hope this helps.<br>> <br>> Razvan<br>> <br>> <br>> <br>> <br>>> From:Darren <darren.ankney@gmail.com><br>>> To:Kea <kea-users@lists.isc.org><br>>> Date:Monday, 10 June 2024 10:01 PM EEST<br>>> Subject:Re: [Kea-users] kea-lfc not using KEA_LOCKFILE_DIR<br>>> <br>>> Hi Martijn,<br>>> <br>>> Looking in the ARM, I only find KEA_LOCKFILE_DIR mentioned here:<br>>> https://kea.readthedocs.io/en/kea-2.4.1/arm/logging.html#logging-during-kea-startup<br>>> which pertains only to controlling destination of logging while Kea <br>>> is<br>>> starting up (before it has read the configuration file completely).<br>>> These environment variables don't seem to have anything to do with<br>>> `kea-lfc`. Can you point to where you saw that `kea-lfc` should<br>>> respect these environment variables?<br>>> <br>>> Thank you,<br>>> Darren Ankney<br>>> <br>>> On Tue, Jun 4, 2024 at 10:43 AM Martijn via Kea-users<br>>> <kea-users@lists.isc.org> wrote:<br>>> ><br>>> > Hi,<br>>> ><br>>> > We are currently implementing Kea for a multi tenant/VRF scenario. <br>>> We do this by running multiple instances of kea-dhcp4 with a systemd <br>>> unit template. Because we have multiple Kea instances running, we <br>>> need separate folders for storing PIDs, lock files and configs. So <br>>> far, this is working fine. The Kea service is running, establishing <br>>> HA session and serving requests.<br>>> ><br>>> > We just have a problem with the periodic lease file cleaning <br>>> performed by kea-lfc, while the lease file cleanup seems to be <br>>> successful. It is logging errors relating to using a lock file for <br>>> the logger.<br>>> ><br>>> > Jun 04 15:49:27 dhcp-01 kea-dhcp4-VRF039[1395]: INFO <br>>> DHCPSRV_MEMFILE_LFC_START starting Lease File Cleanup<br>>> > Jun 04 15:49:27 dhcp-01 kea-dhcp4-VRF039[1395]: INFO <br>>> DHCPSRV_MEMFILE_LFC_EXECUTE executing Lease File Cleanup using: <br>>> /usr/sbin/kea-lfc -4 -x /var/lib/kea-VRF039/dhcp4.leases.2 -i <br>>> /var/lib/kea-VRF039/dhcp4.leases.1 -o <br>>> /var/lib/kea-VRF039/dhcp4.leases.output -f <br>>> /var/lib/kea-VRF039/dhcp4.leases.completed -p <br>>> /var/lib/kea-VRF039/dhcp4.leases.pid -c ignored-path<br>>> > Jun 04 15:49:28 dhcp-01 kea-dhcp4-VRF039[2571]: Unable to use <br>>> interprocess sync lockfile (No such file or directory): <br>>> /var/run/kea/logger_lockfile<br>>> > Jun 04 15:49:28 dhcp-01 kea-dhcp4-VRF039[2571]: Unable to use <br>>> interprocess sync lockfile (No such file or directory): <br>>> /var/run/kea/logger_lockfile<br>>> > ---- 6 more identical messages ----<br>>> ><br>>> > I have tried manually running the process with the specified <br>>> arguments from the log message and setting the KEA_LOCKFILE_DIR <br>>> environment variable. However, kea-lfc still doesn’t seem to use <br>>> the environment variable.<br>>> ><br>>> > $ export KEA_LOCKFILE_DIR=/run/lock/kea-VRF039<br>>> > $ echo $KEA_LOCKFILE_DIR<br>>> > /run/lock/kea-VRF039<br>>> ><br>>> > $ sudo -u _kea -g _kea \<br>>> > /usr/sbin/kea-lfc -4 \<br>>> > -x /var/lib/kea-VRF039/dhcp4.leases.2 \<br>>> > -i /var/lib/kea-VRF039/dhcp4.leases.1 \<br>>> > -o /var/lib/kea-VRF039/dhcp4.leases.output \<br>>> > -f /var/lib/kea-VRF039/dhcp4.leases.completed \<br>>> > -p /var/lib/kea-VRF039/dhcp4.leases.pid \<br>>> > -c ignored-path<br>>> ><br>>> > Unable to use interprocess sync lockfile (No such file or <br>>> directory): /var/run/kea/logger_lockfile<br>>> > Unable to use interprocess sync lockfile (No such file or <br>>> directory): /var/run/kea/logger_lockfile<br>>> > Unable to use interprocess sync lockfile (No such file or <br>>> directory): /var/run/kea/logger_lockfile<br>>> > Unable to use interprocess sync lockfile (No such file or <br>>> directory): /var/run/kea/logger_lockfile<br>>> > Unable to use interprocess sync lockfile (No such file or <br>>> directory): /var/run/kea/logger_lockfile<br>>> > Unable to use interprocess sync lockfile (No such file or <br>>> directory): /var/run/kea/logger_lockfile<br>>> > Unable to use interprocess sync lockfile (No such file or <br>>> directory): /var/run/kea/logger_lockfile<br>>> ><br>>> ><br>>> > I have read through the code and it seems like the environment <br>>> variable should be used. So I am not sure what’s going wrong. I <br>>> have found an issue on the nixpkgs GitHub which seems to describe <br>>> the same issue (kea-lfc not using KEA_LOCKFILE_DIR) <br>>> https://github.com/NixOS/nixpkgs/issues/265826<br>>> ><br>>> > Is this a known issue or am I doing something wrong?<br>>> ><br>>> > Some additional info:<br>>> > Distro: Ubuntu 24.04 LTS<br>>> > Using the package from ubuntu APT sources:<br>>> > Package: kea-dhcp4-server<br>>> > Version: 2.4.1-3build3<br>>> ><br>>> ><br>>> > Regards,<br>>> ><br>>> > Martijn<br>>> > --<br>>> > ISC funds the development of this software with paid support <br>>> subscriptions. Contact us at https://www.isc.org/contact/ for more <br>>> information.<br>>> ><br>>> > To unsubscribe visit <br>>> https://lists.isc.org/mailman/listinfo/kea-users.<br>>> ><br>>> > Kea-users mailing list<br>>> > Kea-users@lists.isc.org<br>>> > https://lists.isc.org/mailman/listinfo/kea-users<br>>> --<br>>> ISC funds the development of this software with paid support <br>>> subscriptions. Contact us at https://www.isc.org/contact/ for more <br>>> information.<br>>> <br>>> To unsubscribe visit <br>>> https://lists.isc.org/mailman/listinfo/kea-users.<br>>> <br>>> Kea-users mailing list<br>>> Kea-users@lists.isc.org<br>>> https://lists.isc.org/mailman/listinfo/kea-users<br><br><br>-- <br>ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.<br><br>To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.<br><br>Kea-users mailing list<br>Kea-users@lists.isc.org<br>https://lists.isc.org/mailman/listinfo/kea-users</blockquote>
</div>
</div></div>
</div></body></html>