PID file ... not readable (yet?)

Benjamin Kaduk kaduk at
Sun Nov 5 19:56:57 EST 2017

On Sun, Nov 05, 2017 at 09:57:30AM -0500, Greg Hudson wrote:
> On 11/05/2017 05:36 AM, Jaap Winius wrote:
> >    systemd[1]: krb5-kdc.service: PID file /run/ \
> >      not readable (yet?) after start: No such file or directory
> Does everything seem to work aside from this warning message being
> produced, or is there an accompanying problem?
> There can be a very brief window of time between krb5kdc exiting on
> startup and its child process writing the pid file.  That window is
> normal for traditional Unix daemon programs (because of the way the
> daemon() function works) and isn't a problem as long as nothing wants to
> restart the KDC service in the first second of its life.  But it might
> be enough for systemd to complain.

I'd also add that Jaap (and everyone) should feel free to file Debian
bugs for issues, especially with the systemd configuration, since that
comes from the Debian packaging and is not part of upstream.  (That said,
it's certainly not wrong to ask about it here.)

I suspect that we would be a little friendlier to systemd if we passed
-n to krb5kdc and adjusted the unit file accordingly.  There would still
be a race window between when systemd thinks krb5kdc is started and
ready to accept connections and when that is actually the case, but
in both cases that window is small, and we cannot eliminate it entirely
without patching the code to call systemd-specific functions.


More information about the Kerberos mailing list