systemd / active (exited)

classic Classic list List threaded Threaded
27 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Re: systemd / active (exited)

Colin Watson
On Mon, Sep 02, 2019 at 11:19:04AM -0000, Helmut Schneider wrote:
> helmut@h2786452:~$ sudo systemctl show -p MainPID
> clamav-daemon-chroot.service
> MainPID=0
> helmut@h2786452:~$ pgrep clamd
> 3353
> helmut@h2786452:~$
>
> Any way to control MainPID?

See my reply elsewhere in this thread suggesting switching to a native
systemd service for this.  You aren't likely to have a good time trying
to fix this with systemd-sysv-generator based on an init script.  (It
might be possible to do something with a drop-in file that sets
PIDFile=, but you're going to be layering more complexity on top of
something you already don't understand.)

--
Colin Watson                                       [[hidden email]]

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: systemd / active (exited)

Helmut Schneider
Colin Watson wrote:

> From: "Colin Watson" <[hidden email]>
> On Mon, Sep 02, 2019 at 11:19:04AM -0000, Helmut Schneider wrote:
> > helmut@h2786452:~$ sudo systemctl show -p MainPID
> > clamav-daemon-chroot.service
> > MainPID=0
> > helmut@h2786452:~$ pgrep clamd
> > 3353
> > helmut@h2786452:~$
> >
> > Any way to control MainPID?
>
> See my reply elsewhere in this thread suggesting switching to a native
> systemd service for this.

I'm open for improvements but I still haven't found a way to

- provide variables (here $(id amavis)) in the service file
- start something chrooted with systemd

If I understood Tom correct "ExecStart=/usr/sbin/chroot something" will
also fail.


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: systemd / active (exited)

Colin Watson
On Mon, Sep 02, 2019 at 12:16:22PM -0000, Helmut Schneider wrote:
> I'm open for improvements but I still haven't found a way to
>
> - provide variables (here $(id amavis)) in the service file

Why do you need that?  "User=amavis" would work fine.

> - start something chrooted with systemd

I already answered that in my post: RootDirectory=

--
Colin Watson                                       [[hidden email]]

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: systemd / active (exited)

Helmut Schneider
Colin Watson wrote:

> On Mon, Sep 02, 2019 at 12:16:22PM -0000, Helmut Schneider wrote:
> > I'm open for improvements but I still haven't found a way to
> >
> > - provide variables (here $(id amavis)) in the service file
>
> Why do you need that?  "User=amavis" would work fine.
>
> > - start something chrooted with systemd
>
> I already answered that in my post: RootDirectory=

I missed that posting, sorry. Will check. Thank you.


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: systemd / active (exited)

Tom H-4
In reply to this post by Helmut Schneider
On Mon, Sep 2, 2019 at 1:21 PM Helmut Schneider <[hidden email]> wrote:

> Tom H wrote:
>> On Sat, Aug 31, 2019 at 12:35 PM Helmut Schneider <[hidden email]>
>> wrote:
>>> Tom H wrote:
>>>>
>>>> Does running this manually
>>>>
>>>> chroot --userspec amavis:amavis /var/amavis /usr/sbin/clamd
>>>> --config-file /etc/clamav/clamd.conf
>>>>
>>>> work?
>>>
>>> Yes, the whole init script runs fine but if the daemon dies for
>>> some reason systemd still happily reports "active". I use puppet
>>> and it does then not see a reason to restart clamd.
>>>
>>> I have to run
>>>
>>> sudo /etc/init.d/clamav-daemon-chroot stop
>>>
>>> in that case.
>>
>> It's probably the chroot via a sysvrc script that's confusing systemd.
>>
>> You can check what systemd thinks that it's supervising with
>> "systemctl show -p MainPID clamav-daemon-chroot.service".
>
> helmut@h2786452:~$ sudo systemctl show -p MainPID
> clamav-daemon-chroot.service
> MainPID=0
> helmut@h2786452:~$ pgrep clamd
> 3353
> helmut@h2786452:~$

It looks like there's a bug (or an impossibility).

sysvrc scripts generate "Type=forking" service units, so MainPID
shouldn't be "0".

But it looks like that's what happens.

apport is a sysvrc script and a .service unit is generated for it.

# systemctl cat apport
# /run/systemd/generator.late/apport.service
# Automatically generated by systemd-sysv-generator

[Unit]
Documentation=man:systemd-sysv-generator(8)
SourcePath=/etc/init.d/apport
Description=LSB: automatic crash report generation
After=remote-fs.target

[Service]
Type=forking
Restart=no
TimeoutSec=5min
IgnoreSIGPIPE=no
KillMode=process
GuessMainPID=no
RemainAfterExit=yes
SuccessExitStatus=5 6
ExecStart=/etc/init.d/apport start
ExecStop=/etc/init.d/apport stop

# systemctl show -p MainPID apport
MainPID=0

apache2 is a native Forking service unit.

# systemctl cat apache2
# /lib/systemd/system/apache2.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=https://httpd.apache.org/docs/2.4/

[Service]
Type=forking
Environment=APACHE_STARTED_BY_SYSTEMD=true
ExecStart=/usr/sbin/apachectl start
ExecStop=/usr/sbin/apachectl stop
ExecReload=/usr/sbin/apachectl graceful
PrivateTmp=true
Restart=on-abort

[Install]
WantedBy=multi-user.target

# systemctl show -p MainPID apache2
MainPID=1186

#

Using the service unit that Colin W posted is your best bet.


> Any way to control MainPID?

No. It's what systemd determines it to be according to "ExecStart=".

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: systemd / active (exited)

Tom H-4
In reply to this post by Helmut Schneider
On Mon, Sep 2, 2019 at 2:18 PM Helmut Schneider <[hidden email]> wrote:

> Colin Watson wrote:
> > From: "Colin Watson" <[hidden email]>
> > On Mon, Sep 02, 2019 at 11:19:04AM -0000, Helmut Schneider wrote:
> > > helmut@h2786452:~$ sudo systemctl show -p MainPID
> > > clamav-daemon-chroot.service
> > > MainPID=0
> > > helmut@h2786452:~$ pgrep clamd
> > > 3353
> > > helmut@h2786452:~$
> > >
> > > Any way to control MainPID?
> >
> > See my reply elsewhere in this thread suggesting switching to a native
> > systemd service for this.
>
> I'm open for improvements but I still haven't found a way to
>
> - provide variables (here $(id amavis)) in the service file
> - start something chrooted with systemd
>
> If I understood Tom correct "ExecStart=/usr/sbin/chroot something" will
> also fail.

I didn't say that.

The way that you chroot in a systemd unit is via "RootDirectory=". I'm
pretty sure that Colin W's unit had that. If you need to run something
in "ExecPre=" before chrooting, you have to add
"RootDirectoryStartOnly=yes".

You can set the user under which to run the service with "User=". I'm
pretty sure that Colin W's unit had that too.

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: systemd / active (exited)

Helmut Schneider
In reply to this post by Helmut Schneider
Helmut Schneider wrote:

> what do I have to do that systemd shows correctly if a daemon is
> running or not?
>
> helmut@h2786452:~$ sudo /etc/init.d/clamav-daemon-chroot status; echo
> $?  _ clamav-daemon-chroot.service - LSB: ClamAV daemon
>    Loaded: loaded (/etc/init.d/clamav-daemon-chroot; bad; vendor
> preset: enabled)
>    Active: active (exited) since Thu 2019-08-29 12:33:49 CEST; 1h
> 23min ago
>      Docs: man:systemd-sysv-generator(8)
>
> Aug 29 12:32:58 h2786452 clamav-daemon-chroot[8654]:  * Starting
> ClamAV daemon...
> Aug 29 12:33:49 h2786452 clamav-daemon-chroot[8654]:  * ClamAV daemon
> is now up and ...!
> Hint: Some lines were ellipsized, use -l to show in full.
> 0
> helmut@h2786452:~$

Thanks to all, works now like a charm now. Will do some tweaking but
you helped me to break some seals!

---

[Unit]
Description=Clam AntiVirus userspace daemon
Documentation=man:clamd(8) man:clamd.conf(5)
https://www.clamav.net/documents/
# Check for database existence
ConditionPathExistsGlob=/var/amavis/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/amavis/var/lib/clamav/daily.{c[vl]d,inc}

[Service]
User=amavis
Group=amavis
RootDirectory=/var/amavis
ExecStart=/usr/sbin/clamd --config-file /etc/clamav/clamd.conf
--foreground=true
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
StandardOutput=syslog

[Install]
WantedBy=multi-user.target

---

# This file is managed by Puppet, don't edit it by hand.
# All changes will be overwritten!

[Unit]
Description=ClamAV virus database updater
Documentation=man:freshclam(1) man:freshclam.conf(5)
https://www.clamav.net/documents
# If user wants it run from cron, don't start the daemon.
ConditionPathExists=!/etc/cron.d/clamav-freshclam

[Service]
User=amavis
Group=amavis
RootDirectory=/var/amavis
ExecStart=/usr/bin/freshclam -d --config-file
/etc/clamav/freshclam.conf --daemon-notify=/etc/clamav/clamd.conf
--foreground=true
StandardOutput=syslog

[Install]
WantedBy=multi-user.target


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12