I expected that if puppet manages a systemd unit, e.g. mediawiki::periodic::job, it will ensure the unit actually runs, which would mean unmasking it if it's masked.
If we do want to do this, before rolling this out we should probably find all manually masked units, e.g. T222874 suggests that some units have intentionally been manually masked.
| Subject | Repo | Branch | Lines +/- | |
|---|---|---|---|---|
| systemd: Ensure units are unmasked | operations/puppet | production | +13 -0 |
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Open | None | T294906 Puppet Improvements | |||
| Open | None | T285425 Puppet does not undo manual "systemctl mask $unit" |
Change 701171 had a related patch set uploaded (by Legoktm; author: Legoktm):
[operations/puppet@production] systemd: Ensure units are unmasked
Change 701171 abandoned by Legoktm:
[operations/puppet@production] systemd: Ensure units are unmasked
Reason:
Not actively pursuing this currently
I expected that if puppet manages a systemd unit, e.g. mediawiki::periodic::job, it will ensure the unit actually runs,
I think we may need to add some additional testing specific to systemd timers as the normal services seem to start fine
$ sudo systemctl stop exim4 $ sudo systemctl status exim4 ● exim4.service - LSB: exim Mail Transport Agent Loaded: loaded (/etc/init.d/exim4; generated) Active: inactive (dead) since Mon 2023-07-03 18:04:48 CEST; 3s ago Docs: man:systemd-sysv-generator(8) Process: 2040172 ExecStart=/etc/init.d/exim4 start (code=exited, status=0/SUCCESS) Process: 2041278 ExecStop=/etc/init.d/exim4 stop (code=exited, status=0/SUCCESS) CPU: 104ms Jul 03 18:04:15 storage systemd[1]: Starting LSB: exim Mail Transport Agent... Jul 03 18:04:15 storage exim4[2040172]: Starting MTA: exim4. Jul 03 18:04:15 storage systemd[1]: Started LSB: exim Mail Transport Agent. Jul 03 18:04:48 storage systemd[1]: Stopping LSB: exim Mail Transport Agent... Jul 03 18:04:48 storage exim4[2041278]: Stopping MTA: exim4_listener. Jul 03 18:04:48 storage systemd[1]: exim4.service: Succeeded. Jul 03 18:04:48 storage systemd[1]: Stopped LSB: exim Mail Transport Agent. $ sudo systemctl mask exim4 Created symlink /etc/systemd/system/exim4.service → /dev/null. $ sudo systemctl start exim4 Failed to start exim4.service: Unit exim4.service is masked. $ sudo puppet apply -e "service {'exim4': ensure => running}" Notice: Compiled catalog for storage.home.arpa in environment production in 0.15 seconds Notice: /Stage[main]/Main/Service[exim4]/ensure: ensure changed 'stopped' to 'running' Notice: Applied catalog in 0.46 seconds $ sudo systemctl status exim4 ● exim4.service - LSB: exim Mail Transport Agent Loaded: loaded (/etc/init.d/exim4; generated) Active: active (running) since Mon 2023-07-03 18:07:05 CEST; 3s ago Docs: man:systemd-sysv-generator(8) Process: 2044543 ExecStart=/etc/init.d/exim4 start (code=exited, status=0/SUCCESS) Tasks: 1 (limit: 18897) Memory: 1.6M CPU: 97ms CGroup: /system.slice/exim4.service └─2044793 /usr/sbin/exim4 -bd -q30m Jul 03 18:07:05 storage systemd[1]: Starting LSB: exim Mail Transport Agent... Jul 03 18:07:05 storage exim4[2044543]: Starting MTA: exim4. Jul 03 18:07:05 storage systemd[1]: Started LSB: exim Mail Transport Agent.
And i the debug i see the following
Debug: Executing: '/usr/bin/systemctl is-active -- exim4' Debug: Executing: '/usr/bin/systemctl unmask -- exim4' Debug: Executing: '/usr/bin/systemctl start -- exim4'