Am 12.02.2014 03:09, schrieb Uoti Urpala:
> On Tue, 2014-02-11 at 17:33 -0800, Russ Allbery wrote:
>> Colin Watson <cjwatson@debian.org> writes:
>>> Aha, I see. Just inverting the check wouldn't be the right fix, IMO,
>>> but I'll retest this and sort out a proper fix. Thanks for the
>>> clarification.
>
> Not quite right, as in it would enter the inconsistent state I mentioned
> - for example if the admin for some reason ran "systemctl stop ssh" in
> that state, systemd would "stop" it but not actually manage to kill the
> process, and then start-stop-daemon wouldn't be called either because it
> would no longer be in "active" state.
>
>> Is it as simple as just stopping and starting sshd once the systemd unit
>> file is installed and systemd has been reloaded? Does systemd remember
>> that the service was started via an init script so that it will stop via
>> the init script and then start via the unit?
>
> I don't think it has any feature to keep two sets of configuration like
> that. After ssh.service has been installed and daemon-reload called,
> stopping initscript-started ssh through systemd will no longer work -
> it'll try to stop it with "KillMode=process", without having the correct
> main PID.
>
> Simplest fix would be to stop sshd in preinst, but then it would of
> course be nice to have a way to tell dpkg to not wait arbitrarily long
> after that before running postinst...
I'm copying here the relevant postinst bits:
if dpkg --compare-versions "$2" lt 1:6.5p1-1 && \
[ -d /run/systemd/system ] && \
! systemctl --quiet is-active ssh; then
# We must stop the sysvinit-controlled sshd before we can
# restart it under systemd.
start-stop-daemon --stop --quiet --oknodo --pidfile
/var/run/sshd.pid || true
fi
The problem here is special to ssh indeed, since it uses
KillMode=process in the native service file, i.e. not all processes in
the cgroup are killed on stop, only the main PID.
Since MainPID won't be set, when the ssh service was started with the
SysV init script, you can't use systemctl stop when migrating to a
native service file.
For a simpler daemon, which doesn't use KillMode=process, shipping a
native systemd service file usually doesn't require special handling in
the maintainer scripts to stop the old process.
Uoti's observation is also correct, that the admin could issue systemctl
stop during the middle of the upgrade, thus systemd no longer
considering the ssh service in active state although there is still a
running sshd process. The chances to trigger that are probably very
small, but it can happen nonetheless.
Instead of moving the stop into preinst though, my suggestion would be
to remove the check "! systemctl --quiet is-active ssh" completely.
This obviously has the downside, that sshd could not actually be running
and in case there is a stale pid file, we might end up killing a wrong
process. To avoid that, I'd probably use and additional --exec test like
start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid
--exec /usr/sbin/sshd || true
Regards,
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
Attachment:
signature.asc
Description: OpenPGP digital signature