Author Topic: Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021  (Read 194 times)

grolon

  • Zen Apprentice
  • *
  • Posts: 33
  • Karma: +1/-0
    • View Profile
Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021
« on: March 29, 2021, 04:50:44 pm »
Hi guys, any idea what is going on ?

Thanks before hand

10:36:55 > aptitude upgrade -y;
Se configurarán los siguientes paquetes que están ahora parcialmente instalados:
  zentyal-dhcp
No se instalará, actualizará o eliminará ningún paquete.
0 paquetes actualizados, 0 nuevos instalados, 0 para eliminar y 0 sin actualizar.
Necesito descargar 0 B de ficheros. Después de desempaquetar se usarán 0 B.
Configurando zentyal-dhcp (7.0.2) ...
 * Restarting Zentyal module: dhcp                                                                                                                                                             [ OK ]
ln: failed to create symbolic link '/etc/apparmor.d/disable/usr.sbin.dhcpd': File exists
dpkg: error al procesar el paquete zentyal-dhcp (--configure):
 el subproceso instalado paquete zentyal-dhcp script post-installation devolvió el código de salida de error 1
Procesando disparadores para zentyal-core (7.0.3) ...
 * Restarting Zentyal module: webadmin                                                                                                                                                         [ OK ]
 * Restarting Zentyal module: logs                                                                                                                                                             [ OK ]
Se encontraron errores al procesar:
 zentyal-dhcp
E: Sub-process /usr/bin/dpkg returned an error code (1)
Configurando zentyal-dhcp (7.0.2) ...
 * Restarting Zentyal module: dhcp                                                                                                                                                             [ OK ]
ln: failed to create symbolic link '/etc/apparmor.d/disable/usr.sbin.dhcpd': File exists
dpkg: error al procesar el paquete zentyal-dhcp (--configure):
 el subproceso instalado paquete zentyal-dhcp script post-installation devolvió el código de salida de error 1
Procesando disparadores para zentyal-core (7.0.3) ...
 * Restarting Zentyal module: webadmin                                                                                                                                                         [ OK ]
 * Restarting Zentyal module: logs                                                                                                                                                             [ OK ]
Se encontraron errores al procesar:
 zentyal-dhcp

This is a virtual machine, zentyal 5 upgraded to 6.2 upgraded to 7.0

My VM Zentyal 7.0 installed brand new, no problem at all

Thanks, Regards

Daniel Joven

  • Zentyal Staff
  • Zen Apprentice
  • *****
  • Posts: 21
  • Karma: +14/-0
    • View Profile
Re: Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021
« Reply #1 on: March 29, 2021, 06:13:05 pm »
Hi grolon,

The error is:

Code: [Select]
ln: failed to create symbolic link '/etc/apparmor.d/disable/usr.sbin.dhcpd': File exists

Try to unlink/move/remove that file.

Then, fix the broken packages with the following command:

Code: [Select]
sudo dpkg --configure -a

NOTE: Sometimes, the above command must be executed a few times.

Best regards, Daniel Joven.

grolon

  • Zen Apprentice
  • *
  • Posts: 33
  • Karma: +1/-0
    • View Profile
Re: Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021
« Reply #2 on: March 29, 2021, 07:28:06 pm »
13:26:11 > rm /etc/apparmor.d/disable/usr.sbin.dhcpd

13:26:29 > dpkg --configure -a
Configurando zentyal-dhcp (7.0.2) ...
 * Restarting Zentyal module: dhcp                                                                                                                                                             [ OK ]
apparmor_parser: Unable to remove "/usr/sbin/dhcpd".  Profile doesn't exist
dpkg: error al procesar el paquete zentyal-dhcp (--configure):
 el subproceso instalado paquete zentyal-dhcp script post-installation devolvió el código de salida de error 254
Procesando disparadores para zentyal-core (7.0.3) ...
 * Restarting Zentyal module: webadmin                                                                                                                                                         [ OK ]
 * Restarting Zentyal module: logs                                                                                                                                                             [ OK ]
Se encontraron errores al procesar:
 zentyal-dhcp

I dont know what is error 254

Zenks

Daniel Joven

  • Zentyal Staff
  • Zen Apprentice
  • *****
  • Posts: 21
  • Karma: +14/-0
    • View Profile
Re: Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021
« Reply #3 on: March 30, 2021, 02:03:43 pm »
Hi,

The cause of the error is that the DHCP profile doesn't exist. Confirm that the profile '/etc/apparmor.d/usr.sbin.dhcpd' doesn't exists. If this is the case, do the following:

1. Create the profile '/etc/apparmor.d/usr.sbin.dhcpd' with the following content:

Code: [Select]
# vim:syntax=apparmor
# Last Modified: Mon Jan 25 11:06:45 2016
# Author: Jamie Strandboge <jamie@canonical.com>

#include <tunables/global>

/usr/sbin/dhcpd {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/ssl_keys>

  capability chown,
  capability net_bind_service,
  capability net_raw,
  capability setgid,
  capability setuid,

  network inet raw,
  network packet packet,
  network packet raw,

  @{PROC}/[0-9]*/net/dev r,
  @{PROC}/[0-9]*/net/{dev,if_inet6} r,
  owner @{PROC}/@{pid}/comm rw,
  owner @{PROC}/@{pid}/task/[0-9]*/comm rw,

  /etc/hosts.allow r,
  /etc/hosts.deny r,

  /etc/dhcp/ r,
  /etc/dhcp/** r,
  /etc/dhcpd{,6}.conf r,
  /etc/dhcpd{,6}_ldap.conf r,

  /usr/sbin/dhcpd mr,

  /var/lib/dhcp/dhcpd{,6}.leases* lrw,
  /var/log/ r,
  /var/log/** rw,
  /{,var/}run/{,dhcp-server/}dhcpd{,6}.pid rw,

  # isc-dhcp-server-ldap
  /etc/ldap/ldap.conf r,

  # LTSP. See:
  # http://www.ltsp.org/~sbalneav/LTSPManual.html
  # https://wiki.edubuntu.org/
  /etc/ltsp/ r,
  /etc/ltsp/** r,
  /etc/dhcpd{,6}-k12ltsp.conf r,
  /etc/dhcpd{,6}.leases* lrw,
  /ltsp/ r,
  /ltsp/** r,

  # Eucalyptus
  /{,var/}run/eucalyptus/net/ r,
  /{,var/}run/eucalyptus/net/** r,
  /{,var/}run/eucalyptus/net/*.pid lrw,
  /{,var/}run/eucalyptus/net/*.leases* lrw,
  /{,var/}run/eucalyptus/net/*.trace lrw,

  # wicd
  /var/lib/wicd/* r,

  # access to bind9 keys for dynamic update
  # It's expected that users will generate one key per zone and have it
  # stored in both /etc/bind9 (for bind to access) and /etc/dhcp/ddns-keys
  # (for dhcpd to access).
  /etc/dhcp/ddns-keys/** r,

  # allow packages to re-use dhcpd and provide their own specific directories
  #include <dhcpd.d>

  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.sbin.dhcpd>
}

2. Set the right permission to the file:

Code: [Select]
sudo chmod 0644 /etc/apparmor.d/usr.sbin.dhcpd
sudo root:root /etc/apparmor.d/usr.sbin.dhcpd

3. Unlink the disabled profile:

Code: [Select]
sudo unlink /etc/apparmor.d/disable/usr.sbin.dhcpd

3. Try to fix the broken packages again:

Code: [Select]
sudo dpkg --configure -a

Best regards, Daniel Joven.

grolon

  • Zen Apprentice
  • *
  • Posts: 33
  • Karma: +1/-0
    • View Profile
Re: Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021
« Reply #4 on: March 30, 2021, 02:15:31 pm »
Hi, Hola

The file exists

08:06:13 > ls -la /etc/apparmor.d/usr.sbin.dhcpd
-rw-r--r-- 1 root root 1838 abr 10  2020 /etc/apparmor.d/usr.sbin.dhcpd

File permissions are OK

Anyway, what i did

> mv /etc/apparmor.d/usr.sbin.dhcpd . (my HOME)

Created a new one
> vim /etc/apparmor.d/usr.sbin.dhcpd

Set permission
> chmod 0644 /etc/apparmor.d/usr.sbin.dhcpd

Set owner and group
chown root:root /etc/apparmor.d/usr.sbin.dhcpd

> unlink /etc/apparmor.d/disable/usr.sbin.dhcpd

 > dpkg --configure -a

Same result

apparmor_parser: Unable to remove "/usr/sbin/dhcpd".  Profile doesn't exist

Thanks !, Gracias !

Daniel Joven

  • Zentyal Staff
  • Zen Apprentice
  • *****
  • Posts: 21
  • Karma: +14/-0
    • View Profile
Re: Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021
« Reply #5 on: March 30, 2021, 05:25:19 pm »
Hi grolon (Buenas tardes :D),

Probably, you will need to load the profile before fixing the packages. Please, try the following:

1. Unlink the disabled profile:

Code: [Select]
sudo unlink /etc/apparmor.d/disable/usr.sbin.dhcpd

2. Load the DHCP profile

Code: [Select]
apparmor_parser -r /etc/apparmor.d/usr.sbin.dhcpd

3. Check that it was correctly loaded:

Code: [Select]
aa-status

The output that should be displayed:

Code: [Select]
apparmor module is loaded.
4 profiles are loaded.
4 profiles are in enforce mode.
   /usr/sbin/dhcpd
...

4. Try one more time to repair the broken packages.

Best regards, Daniel Joven.

grolon

  • Zen Apprentice
  • *
  • Posts: 33
  • Karma: +1/-0
    • View Profile
Re: Zentyal 7.0.3 : zentyal-dhcp broken after update 03/29/2021
« Reply #6 on: March 30, 2021, 07:35:35 pm »
Hi, Hola Daniel

Now is OK

root@zserver:~# unlink /etc/apparmor.d/disable/usr.sbin.dhcpd

root@zserver:~# apparmor_parser -r /etc/apparmor.d/usr.sbin.dhcpd

root@zserver:~# aa-status
apparmor module is loaded.
5 profiles are loaded.
5 profiles are in enforce mode.
   /usr/bin/freshclam
   /usr/sbin/dhcpd
   /usr/sbin/mysqld
   /usr/sbin/named
   /usr/sbin/ntpd
0 profiles are in complain mode.
3 processes have profiles defined.
2 processes are in enforce mode.
   /usr/sbin/named (1702)
   /usr/sbin/ntpd (2079)
0 processes are in complain mode.
1 processes are unconfined but have a profile defined.
   /usr/sbin/mysqld (868)
root@zserver:~#

root@zserver:~# dpkg --configure -a
Configurando zentyal-dhcp (7.0.2) ...
 * Restarting Zentyal module: dhcp                                                                                                                                                             [ OK ]
Procesando disparadores para zentyal-core (7.0.3) ...
 * Restarting Zentyal module: webadmin                                                                                                                                                         [ OK ]
 * Restarting Zentyal module: logs                                                                                                                                                             [ OK ]
root@zserver:~#

Now everything is fine.

Two servers have the same simptom

Same problem, SOLVED

Thanks for your help, Gracias por tu ayuda.