diff options
| author | Dimitrios Apostolou <jimis@qt.io> | 2020-04-15 11:28:03 +0200 |
|---|---|---|
| committer | Dimitrios Apostolou <jimis@qt.io> | 2020-04-15 12:13:32 +0000 |
| commit | 29ac0f279c8c874585b2af172e52eff4251c431e (patch) | |
| tree | 729ba65d927faf1b3b10f824d01e59f0128a25be | |
| parent | ba38215cbb4b56a3bbb1e2ca59c792ad0932e1af (diff) | |
Fix policy failing sometimes to start danted
The policy starts several processes, of two types:
/usr/sbin/danted -f /etc/danted.conf
/usr/sbin/danted -f /etc/danted-authenticating.conf
If it happened that danted-authenticating was started first, then puppet
found a match for "danted" in the process table and assumed "danted"
was running, falsely.
By adding a specific "pattern" to search for in the process table,
the two services can now start in any order.
Additionally, when rebooting the system, stopping "danted" left
the PIDfile in /var/run. After reboot, the stale PIDfile happened
sometimes to match an existing process, and the "start-stop-daemon"
program as invoked by the initscript would refuse to start the
program, complaining it's already running.
Now we clean up the PIDfile after stopping the service,
to make sure this will never happen again.
Finally we moved the PIDfiles that start-stop-server writes
to their own directory, because danted always writes
to danted.pid, even when started multiple times with
different configuration files! Like that, danted used to
overwrite the PIDfiles of start-stop-server, and the
initscript got confused.
Last, remove the quiet flag from start-stop-server, so that we
get a message like "process already running" in the log,
if a failure occurs again.
Change-Id: I2cd996eb5ef2f14e571785221319f0c98e936fde
Reviewed-by: Tony Sarajärvi <tony.sarajarvi@qt.io>
| -rwxr-xr-x | puppet/modules/network_test_server/files/init/danted | 27 | ||||
| -rw-r--r-- | puppet/modules/network_test_server/manifests/linux/danted.pp | 2 |
2 files changed, 18 insertions, 11 deletions
diff --git a/puppet/modules/network_test_server/files/init/danted b/puppet/modules/network_test_server/files/init/danted index 26c20b6..9d021ff 100755 --- a/puppet/modules/network_test_server/files/init/danted +++ b/puppet/modules/network_test_server/files/init/danted @@ -7,40 +7,45 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/danted NAME=$(basename $0) # may be `danted', `danted-authenticating', etc. DESC="Dante SOCKS daemon" -PIDFILE=/var/run/$NAME.pid CONFFILE=/etc/$NAME.conf +# danted always writes PIDFILE to /var/run/danted.pid, even when started +# multiple times with different config files! So we need to keep our own +# lockfiles separately. +PIDFILE=/var/run/initscript-lockfiles/$NAME.pid + + test -f $DAEMON || exit 0 test -f $CONFFILE || { echo "error: $CONFFILE does not exist" 1>&2; exit 2; } +test -d `dirname "$PIDFILE"` || mkdir -p `dirname "$PIDFILE"` set -e case "$1" in start) - echo -n "Starting $DESC: " - start-stop-daemon --start --quiet --pidfile $PIDFILE \ + echo "Starting $DESC: $NAME" + start-stop-daemon --start --pidfile $PIDFILE \ --startas $DAEMON --make-pidfile --background \ -- -f $CONFFILE - echo "$NAME." ;; stop) - echo -n "Stopping $DESC: " + echo "Stopping $DESC: $NAME" start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE - echo "$NAME." + rm -f "$PIDFILE" ;; reload|force-reload) - echo "Reloading $DESC configuration files." - start-stop-daemon --stop --signal 1 --quiet --pidfile \ - $PIDFILE + echo "Reloading $DESC: $NAME configuration files." + start-stop-daemon --stop --signal 1 --quiet \ + --pidfile $PIDFILE ;; restart) - echo -n "Restarting $DESC: " + echo "Restarting $DESC: $NAME" start-stop-daemon --stop --quiet --pidfile $PIDFILE || : + rm -f "$PIDFILE" sleep 1 start-stop-daemon --start --quiet --pidfile $PIDFILE \ --startas $DAEMON --make-pidfile --background \ -- -f $CONFFILE - echo "$NAME." ;; *) N=/etc/init.d/$NAME diff --git a/puppet/modules/network_test_server/manifests/linux/danted.pp b/puppet/modules/network_test_server/manifests/linux/danted.pp index de89e62..aeac339 100644 --- a/puppet/modules/network_test_server/manifests/linux/danted.pp +++ b/puppet/modules/network_test_server/manifests/linux/danted.pp @@ -39,12 +39,14 @@ class network_test_server::linux::danted { ensure => running, hasstatus=> false, require => Package["dante-server"], + pattern => "danted.conf", ; "danted-authenticating": enable => true, ensure => running, hasstatus=> false, require => Package["dante-server"], + pattern => "danted-authenticating.conf", ; } |