CNTLM fails after reboot on newer Linux distributions

Question

CNTLM fails after reboot on newer Linux distributions

Opened this issue 9 years ago · 4 comments

On newer Linux distributions, /var/run links to /run which is a tmpfs directory cleared on each restart. This means that the /var/run/cntlm is deleted on reboot.

When the machine restarts, CNTLM first changes to the cntlm user, and then tries to create the pid file in this directory. Since the directory no longer exists, and /run is only writable by root, this fails.

The simplest solution would be for the daemon to write the pid-file as root, before changing to the non-privileged account.

A workaround is to modify /etc/sysconfig/cntlmd to point PIDFILE to a different location (e.g. PIDFILE="/tmp/cntlmd.pid").

Answer 1 · 2016-08-26T11:13:35.000Z

In addition, the DEB and RPM packages set /var/run/cntlm as the cntlm user home directory, so it is probably a good idea to run usermod --home /home/cntlm --move-home cntlm to move the home directory.

Answer 2 · 2016-11-22T14:41:19.000Z

Another fix is to re-create the directory structure before starting CNTLM.

For CentOS 7, see https://www.centos.org/forums/viewtopic.php?p=230529#p230529

Answer 3 · 2017-12-13T12:39:27.000Z

Another fix is to re-create the directory structure before starting CNTLM.

Wouldn't that need to be arranged in the systemd service definition so that the service can still successfully start after boot? It sounds unnecessarily complicated.

This whole package seems to be a mess and basically broken on modern Linux...?

Answer 4 · 2020-04-08T06:58:37.000Z

Wouldn't that need to be arranged in the systemd service definition so that the service can still successfully start after boot?

Indeed. I've done that by creating /usr/lib/tmpfiles.d/cntlm.conf with the following content:

d /run/cntlm 0775 root cntlm -