launchpad-buildd

Merge ~cjwatson/launchpad-buildd:systemd-service into launchpad-buildd:master

  1. Git
  2. lp:~cjwatson/launchpad-buildd
  3. systemd-service
  4. Merge into master
Proposed by Colin Watson
Status: Merged
Approved by: Colin Watson
Approved revision: 1f96833fb1608fd2d497d5c3447077c836a8f7c1
Merge reported by: Otto Co-Pilot
Merged at revision: not available
Proposed branch: ~cjwatson/launchpad-buildd:systemd-service
Merge into: launchpad-buildd:master
Diff against target: 311 lines (+74/-152)
10 files modified
debian/changelog (+1/-0)
debian/control (+1/-1)
debian/launchpad-buildd-generator (+19/-0)
debian/launchpad-buildd.install (+1/-0)
debian/launchpad-buildd.maintscript (+1/-0)
debian/launchpad-buildd.service (+15/-0)
debian/launchpad-buildd@.service (+26/-0)
debian/postrm (+4/-0)
debian/rules (+6/-1)
dev/null (+0/-150)
Reviewer Review Type Date Requested Status
Ioana Lasc (community) Approve
Review via email: mp+416757@code.launchpad.net

Commit message

Convert daemon startup to systemd

Description of the change

As well as simplifying away 150 lines of shell script, this avoids relying on su(1) to run the daemon as the `buildd` user, which in turn avoids accidental pollution of the daemon's environment by whatever su(1) thinks is appropriate in interactive environments.

There's a bit of extra complexity due to supporting multiple daemon instances, which is mostly historical at this point, but it was easy enough to handle using a template unit and a generator.

I dropped the explicit hostname condition, since all our builders already have `RUN_NETWORK_REQUESTS_AS_ROOT=yes` set in `/etc/default/launchpad-buildd`.

To post a comment you must log in.
Revision history for this message
Ioana Lasc (ilasc) :
review: Approve
Revision history for this message
Otto Co-Pilot (otto-copilot) wrote :

Merging failed
https://jenkins.ols.canonical.com/online-services/job/launchpad-buildd/133/

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index 3b85725..27d5603 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ launchpad-buildd (210) UNRELEASED; urgency=medium
5 * Make more loop device nodes available in LXD containers (LP: #1963706).5 * Make more loop device nodes available in LXD containers (LP: #1963706).
6 * Drop pre-Python-3.6 code using pyupgrade.6 * Drop pre-Python-3.6 code using pyupgrade.
7 * Fix gathering the output of charm recipe builds that use --build-path.7 * Fix gathering the output of charm recipe builds that use --build-path.
8 * Convert daemon startup to systemd (LP: #1964615).
89
9 -- Colin Watson <cjwatson@ubuntu.com> Mon, 28 Feb 2022 11:27:20 +000010 -- Colin Watson <cjwatson@ubuntu.com> Mon, 28 Feb 2022 11:27:20 +0000
1011
diff --git a/debian/control b/debian/control
index 6bbe218..5938781 100644
--- a/debian/control
+++ b/debian/control
@@ -8,7 +8,7 @@ Standards-Version: 3.9.5
8Build-Depends: apt-utils,8Build-Depends: apt-utils,
9 bzr,9 bzr,
10 curl,10 curl,
11 debhelper (>= 9~),11 debhelper (>= 9.20160709~),
12 dh-exec,12 dh-exec,
13 dh-python,13 dh-python,
14 git,14 git,
diff --git a/debian/launchpad-buildd-generator b/debian/launchpad-buildd-generator
15new file mode 10075515new file mode 100755
index 0000000..797f453
--- /dev/null
+++ b/debian/launchpad-buildd-generator
@@ -0,0 +1,19 @@
1#! /bin/sh
2set -e
3
4# Generate systemd unit dependency symlinks for all configured
5# launchpad-buildd instances.
6
7wantdir="$1/launchpad-buildd.service.wants"
8template=/lib/systemd/system/launchpad-buildd@.service
9
10mkdir -p "$wantdir"
11
12for conf in /etc/launchpad-buildd/*; do
13 # Skip nonexistent files (perhaps due to the glob matching no files).
14 [ -e "$conf" ] || continue
15 # Skip backup files.
16 case $conf in -*|*~) continue ;; esac
17
18 ln -s "$template" "$wantdir/launchpad-buildd@${conf##*/}.service"
19done
diff --git a/debian/launchpad-buildd.init b/debian/launchpad-buildd.init
0deleted file mode 10075520deleted file mode 100755
index b92d911..0000000
--- a/debian/launchpad-buildd.init
+++ /dev/null
@@ -1,150 +0,0 @@
1#!/bin/sh
2#
3# Copyright 2009,2011 Canonical Ltd. This software is licensed under the
4# GNU Affero General Public License version 3 (see the file LICENSE).
5#
6# launchpad-buildd
7# This file is used to start and stop launchpad buildds
8
9### BEGIN INIT INFO
10# Provides: launchpad_buildd
11# Required-Start: $local_fs $network $syslog $time $remote_fs
12# Required-Stop: $local_fs $network $syslog $time $remote_fs
13# Should-Start: cloud-init
14# Default-Start: 2 3 4 5
15# Default-Stop: 0 1 6
16# X-Interactive: false
17# Short-Description: Start/stop launchpad buildds
18### END INIT INFO
19
20set -e
21
22PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
23DESC="launchpad build slaves"
24
25TACFILE="/usr/lib/launchpad-buildd/buildd-slave.tac"
26
27PIDROOT="/var/run/launchpad-buildd"
28LOGROOT="/var/log/launchpad-buildd"
29CONFROOT="/etc/launchpad-buildd"
30
31# Gracefully exit if the package has been removed.
32test -e $TACFILE || exit 0
33
34
35d_check_enabled() {
36RUN_NETWORK_REQUESTS_AS_ROOT=no # Good idea generally
37
38[ -f /etc/default/launchpad-buildd ] && . /etc/default/launchpad-buildd
39
40hostname="`hostname -f`"
41case "$hostname" in
42*.ppa|*.buildd)
43 cat <<END
44
45launchpad-buildd: starting automatically because $hostname seems to be a buildd machine.
46
47CAUTION: this service accepts network commands and runs them as root.
48END
49 return
50 ;;
51*)
52 echo "launchpad-buildd: not starting automatically on $hostname"
53 ;;
54esac
55
56if [ "$RUN_NETWORK_REQUESTS_AS_ROOT" != yes ]
57then
58 cat <<END
59
60launchpad-buildd is disabled.
61When enabled, launchpad-buildd accepts network commands and runs them as root.
62If you are sure this server will only be reachable by trusted machines, edit
63/etc/default/launchpad-buildd.
64
65END
66 exit 0
67fi
68}
69
70
71#
72# Function that starts a buildd slave
73#
74d_start() {
75 CONF=$1
76 PIDFILE="$PIDROOT"/"$CONF".pid
77 LOGFILE="$LOGROOT"/"$CONF".log
78
79 # Useful for certain kinds of image builds.
80 modprobe nbd || true
81
82 su - buildd -c "BUILDD_CONFIG=$CONFROOT/$CONF twistd3 --no_save --pidfile $PIDFILE --python $TACFILE --logfile $LOGFILE --umask 022"
83}
84
85#
86# Function that stops a buildd slave
87#
88d_stop() {
89 CONF=$1
90 PIDFILE="$PIDROOT"/"$CONF".pid
91 test -r $PIDFILE && kill -TERM $(cat $PIDFILE) || true
92}
93
94#
95# Function that reloads a buildd slave
96#
97d_reload() {
98 CONF=$1
99 PIDFILE="$PIDROOT"/"$CONF".pid
100 test -r $PIDFILE && kill -HUP $(cat $PIDFILE) || true
101}
102
103CONFS=$(cd $CONFROOT; ls|grep -v "^-"|grep -v "~$")
104
105case "$1" in
106 start)
107 d_check_enabled
108
109 echo -n "Starting $DESC:"
110 install -m 755 -o buildd -g buildd -d $PIDROOT
111
112 # Create any missing directories and chown them appropriately
113 install -d -o buildd -g buildd /home/buildd/filecache-default
114
115 for conf in $CONFS; do
116 echo -n " $conf"
117 d_start $conf
118 done
119 echo "."
120 ;;
121 stop)
122 echo -n "Stopping $DESC:"
123 for conf in $CONFS; do
124 echo -n " $conf"
125 d_stop $conf
126 done
127 echo "."
128 ;;
129 restart|force-reload)
130 #
131 # If the "reload" option is implemented, move the "force-reload"
132 # option to the "reload" entry above. If not, "force-reload" is
133 # just the same as "restart".
134 #
135 $0 stop
136 sleep 1
137 $0 start
138 ;;
139 reload)
140 for conf in $CONFS; do
141 d_reload $conf
142 done
143 ;;
144 *)
145 echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload}" >&2
146 exit 1
147 ;;
148esac
149
150exit 0
diff --git a/debian/launchpad-buildd.install b/debian/launchpad-buildd.install
index 95db295..208bfde 100644
--- a/debian/launchpad-buildd.install
+++ b/debian/launchpad-buildd.install
@@ -5,6 +5,7 @@ bin/in-target usr/share/launchpad-buildd/bin
5bin/lpbuildd-git-proxy usr/share/launchpad-buildd/bin5bin/lpbuildd-git-proxy usr/share/launchpad-buildd/bin
6bin/sbuild-package usr/share/launchpad-buildd/bin6bin/sbuild-package usr/share/launchpad-buildd/bin
7buildd-genconfig usr/share/launchpad-buildd7buildd-genconfig usr/share/launchpad-buildd
8debian/launchpad-buildd-generator lib/systemd/system-generators
8debian/upgrade-config usr/share/launchpad-buildd9debian/upgrade-config usr/share/launchpad-buildd
9default/launchpad-buildd etc/default10default/launchpad-buildd etc/default
10sbuildrc usr/share/launchpad-buildd11sbuildrc usr/share/launchpad-buildd
diff --git a/debian/launchpad-buildd.maintscript b/debian/launchpad-buildd.maintscript
11new file mode 10064412new file mode 100644
index 0000000..cfeedce
--- /dev/null
+++ b/debian/launchpad-buildd.maintscript
@@ -0,0 +1 @@
1rm_conffile /etc/init.d/launchpad-buildd 210~
diff --git a/debian/launchpad-buildd.service b/debian/launchpad-buildd.service
0new file mode 1006442new file mode 100644
index 0000000..ca425b3
--- /dev/null
+++ b/debian/launchpad-buildd.service
@@ -0,0 +1,15 @@
1# This service is really a systemd target, but we use a service since
2# targets cannot be reloaded. See launchpad-buildd@.service for instance
3# configuration.
4
5[Unit]
6Description=Launchpad build daemon
7
8[Service]
9Type=oneshot
10RemainAfterExit=yes
11ExecStart=/bin/true
12ExecReload=/bin/true
13
14[Install]
15WantedBy=multi-user.target
diff --git a/debian/launchpad-buildd@.service b/debian/launchpad-buildd@.service
0new file mode 10064416new file mode 100644
index 0000000..690e0fd
--- /dev/null
+++ b/debian/launchpad-buildd@.service
@@ -0,0 +1,26 @@
1[Unit]
2Description=Launchpad build daemon (%i)
3PartOf=launchpad-buildd.service
4Before=launchpad-buildd.service
5ReloadPropagatedFrom=launchpad-buildd.service
6After=network.target time-sync.target cloud-init.service
7# Useful for certain kinds of image builds.
8After=modprobe@nbd.service
9Requires=modprobe@nbd.service
10
11[Service]
12Type=simple
13RuntimeDirectory=launchpad-buildd
14LogsDirectory=launchpad-buildd
15User=buildd
16EnvironmentFile=-/etc/default/launchpad-buildd
17Environment=BUILDD_CONFIG=/etc/launchpad-buildd/%i
18# When enabled, launchpad-buildd accepts network commands and runs them as
19# root. If you are sure this server will only be reachable by trusted
20# machines, edit /etc/default/launchpad-buildd.
21ExecStartPre=/usr/bin/test ${RUN_NETWORK_REQUESTS_AS_ROOT} = yes
22ExecStartPre=/usr/bin/install -d /home/buildd/filecache-default
23ExecStart=/usr/bin/twistd3 --no_save --pidfile /run/launchpad-buildd/%i.pid --python /usr/lib/launchpad-buildd/buildd-slave.tac --logfile /var/log/launchpad-buildd/%i.log --umask 022 --nodaemon
24
25[Install]
26WantedBy=multi-user.target
diff --git a/debian/postrm b/debian/postrm
index 7d847de..a331fa2 100644
--- a/debian/postrm
+++ b/debian/postrm
@@ -9,3 +9,7 @@ if [ "$1" = purge ]; then
9 rmdir -p --ignore-fail-on-non-empty /etc/systemd/timesyncd.conf.d9 rmdir -p --ignore-fail-on-non-empty /etc/systemd/timesyncd.conf.d
10 fi10 fi
11fi11fi
12
13#DEBHELPER#
14
15exit 0
diff --git a/debian/rules b/debian/rules
index ebf0618..be006d8 100755
--- a/debian/rules
+++ b/debian/rules
@@ -9,10 +9,15 @@ export PYBUILD_NAME := lpbuildd
9export LIBDIR := $(shell python3 -c 'import distutils.sysconfig; print(distutils.sysconfig.get_python_lib())')9export LIBDIR := $(shell python3 -c 'import distutils.sysconfig; print(distutils.sysconfig.get_python_lib())')
1010
11%:11%:
12 dh $@ --with=python3 --buildsystem=pybuild12 dh $@ --with=python3,systemd --buildsystem=pybuild
1313
14override_dh_auto_build:14override_dh_auto_build:
15 dh_auto_build15 dh_auto_build
16 python3 buildd-genconfig --template=template-buildd-slave.conf \16 python3 buildd-genconfig --template=template-buildd-slave.conf \
17 --arch=i386 --port=8221 --name=default --host=buildd.buildd \17 --arch=i386 --port=8221 --name=default --host=buildd.buildd \
18 > buildd-slave-example.conf18 > buildd-slave-example.conf
19
20# Required in debhelper compatibility level <=10 to avoid generating
21# postinst fragments to register a nonexistent init.d script.
22override_dh_installinit:
23 dh_installinit -n

Subscribers

People subscribed via source and target branches