polkit keeps failing to start after fresh builds beginning with RHEL 7.6 to RHEL 7.7 (not consistently)
UPDATE: I'm told that there may be a fix included with the rpms with RHEL 7.8 resolving a bug. Apologies for the purposeful ambiguity here.
I'm curious if anyone else besides this example with RHEL 7.x is experiencing issues with the polkit service not starting on RHEL 7.6 servers.
UPDATE this solution is vital at times. https://access.redhat.com/solutions/3900301
When the polkit service doesn't start, we can still log into the server, however logins are horribly slow (go figure) and there's a number of delays.
I've had this issue with no less than eight RHEL 7.6 servers. I found this solution https://access.redhat.com/solutions/1543343 which basically says to check/validate 3 things:
1) Ensure the existence of a polkitd system user & group
getent group polkitd >/dev/null && echo -e "\e[1;32mpolkitd group already exists\e[0m" || { groupadd -r polkitd && echo -e "\e[1;33mAdded missing polkitd group\e[0m" || echo -e "\e[1;31mAdding polkitd group FAILED\e[0m"; }
getent passwd polkitd >/dev/null && echo -e "\e[1;32mpolkitd user already exists\e[0m" || { useradd -r -g polkitd -d / -s /sbin/nologin -c "User for polkitd" polkitd && echo -e "\e[1;33mAdded missing polkitd user\e[0m" || echo -e "\e[1;31mAdding polkitd user FAILED\e[0m"; }
2) Reset the permissions and user/group ownership for all files provided by the polkit and polkit-pkla-compat packages
rpm -Va polkit\* && echo -e "\e[1;32mpolkit* rpm verification passed\e[0m" || { echo -e "\e[1;33mResetting polkit* rpm user/group ownership & perms\e[0m"; rpm --setugids polkit polkit-pkla-compat; rpm --setperms polkit polkit-pkla-compat; }
and
3) Reboot
(side note) Now I have in some cases done a yum -y reinstall polkit
which only in 2 occasions fixed the issue with a reboot.
However, generally, I've had to reset the permissions and setugids and I used something close to what the solution above I cited stated.
Ok, I keep running into this, but it has not been an issue on all my systems, just a small amount of systems, and on separate networks with different satellite servers.
- Yes, I checked the sha256sum of the rpm in question, it is fine on every Satellite server.
I keep running into this on various systems and am curious if anyone else is. I suspect not, but I thought I'd ask.
Regards
RJ