Ubuntu
fwknop package

Merge lp:~kampka/ubuntu/quantal/fwknop/upstart-support into lp:ubuntu/quantal/fwknop

  1. Quantal (12.10)
  2. upstart-support
  3. Merge into quantal
Proposed by Christian Kampka
Status: Merged
Merge reported by: Martin Pitt
Merged at revision: not available
Proposed branch: lp:~kampka/ubuntu/quantal/fwknop/upstart-support
Merge into: lp:ubuntu/quantal/fwknop
Diff against target: 58 lines (+39/-0) (has conflicts)
2 files modified
debian/changelog (+9/-0)
debian/fwknop-server.upstart (+30/-0)
Text conflict in debian/changelog
To merge this branch: bzr merge lp:~kampka/ubuntu/quantal/fwknop/upstart-support
Reviewer Review Type Date Requested Status
Dimitri John Ledkov Approve
James Page Needs Fixing
Oliver Grawert Needs Information
Ubuntu branches Pending
Review via email: mp+124683@code.launchpad.net

Description of the change

The fwknop package can benefit greatly from upstart supervision.
First of it is generally deployed as a single point of failure with the side effect that a failing fwknopd will probably leave the machine unmanageable by eg. ssh. Second, the current 2.x release is fairly new and rewritten in another language (ported from Perl to C) and it's stability is not as proven as the older 1.x line.
Because of that, having upstart supervise the fwknopd process ("respawn") will provide at least ease of mind if not significantly reduce maintenance problems.

To post a comment you must log in.
lp:~kampka/ubuntu/quantal/fwknop/upstart-support updated
14. By Christian Kampka

Fixed script syntax error

Revision history for this message
Oliver Grawert (ogra) wrote :

there are several checks for additional configuration files in the sysvinit script (/etc/fwknop/access.conf /etc/fwknop/fwknopd.conf).
are these not used in 2.x anymore, does the daemon do the check itself now or will it just got into a crash/respawn loop if they are missing ?

review: Needs Information
Revision history for this message
Christian Kampka (kampka) wrote :

Am 04.10.2012 16:24, schrieb Oliver Grawert:
> Review: Needs Information
>
> there are several checks for additional configuration files in the sysvinit script (/etc/fwknop/access.conf /etc/fwknop/fwknopd.conf).
> are these not used in 2.x anymore, does the daemon do the check itself now or will it just got into a crash/respawn loop if they are missing ?
>

Both config files are still used in version 2 of fwknop.
I decided not to hardcode the checks into the upstart script because
they would more or less defeat the option of using a different config
file through $DAEMON_ARGS in /etc/defaults.
Currently, when fwknopd encounters problems with config files, it will
simply not start. Respawn will try indeed try to respawn the deamon, but
respawn is limited to 10 times by default so upstart will give up on
that quickly. If this should happen, respective errors are logged to
/var/log/upstart/fwknop-server.log so it is very easy to debug.

All in all I find this is a reasonable compromise.

Revision history for this message
James Page (james-page) wrote :

I think I would prefer to see the behaviour of the init script maintained with regards to verifying that the configuration files for this package are in place before attempting to start the daemon.

Respawning daemons can look odd from a monitoring perspective - I would normally expect this to indicate that something is badly broken....

review: Needs Fixing
Revision history for this message
James Page (james-page) wrote :

Christian

Inline with my feedback on your other upstart support change, I believe this should be deferred until R opens.

lp:~kampka/ubuntu/quantal/fwknop/upstart-support updated
15. By Christian Kampka

fwknop-server.upstart: check config file existence in pre-start

Revision history for this message
Christian Kampka (kampka) wrote :

> I think I would prefer to see the behaviour of the init script maintained with regards to verifying that the configuration files for this package are in place before attempting to start the daemon.
>
> Respawning daemons can look odd from a monitoring perspective - I would normally expect this to indicate that something is badly broken....

Pushed a fix that mimics the Sysvinit behavior closely.

Revision history for this message
James Hunt (jamesodhunt) wrote :

The debian/changelog file still contains merge conflict markers which need to be removed. Other than that, LGTM.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Merge conflict markers are unimportant, as it's not the sponsoree's fault that it takes us that long to upload =)

* debian/changelog: please mention LP: #bugnumber such that bugs automatically close on upload (I added this)
* debian/control: please run update-maintainer to set the correct maingainter (I also did this)

Uploaded into raring.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2012-09-21 22:31:08 +0000
3+++ debian/changelog 2012-10-06 18:02:23 +0000
4@@ -1,3 +1,4 @@
5+<<<<<<< TREE
6 fwknop (2.0.3-1) unstable; urgency=low
7
8 * Imported Upstream version 2.0.3
9@@ -7,6 +8,14 @@
10
11 -- Franck Joncourt <franck@debian.org> Fri, 21 Sep 2012 22:31:08 +0200
12
13+=======
14+fwknop (2.0.2-1ubuntu1) quantal; urgency=low
15+
16+ * Add upstart support.
17+
18+ -- Christian Kampka <chris@emerge-life.de> Mon, 17 Sep 2012 15:11:15 +0200
19+
20+>>>>>>> MERGE-SOURCE
21 fwknop (2.0.2-1) unstable; urgency=low
22
23 * Imported Upstream version 2.0.2
24
25=== added file 'debian/fwknop-server.upstart'
26--- debian/fwknop-server.upstart 1970-01-01 00:00:00 +0000
27+++ debian/fwknop-server.upstart 2012-10-06 18:02:23 +0000
28@@ -0,0 +1,30 @@
29+description "FireWall KNock OPerator"
30+author "Christian Kampka <chris@emerge-life.de>"
31+
32+#start as early as networking is up
33+start on (filesystem and started networking)
34+stop on runlevel [016]
35+
36+env DAEMON_ARGS=""
37+env CONF_FILES="/etc/fwknop/access.conf /etc/fwknop/fwknopd.conf"
38+
39+respawn
40+
41+pre-start script
42+
43+ [ -r /etc/default/fwknop-server ] || { stop; exit 0; }
44+ . /etc/default/fwknop-server
45+
46+ [ "x$START_DAEMON" = "xyes" ] || { stop; exit 0; }
47+
48+ for file in $CONF_FILES; do
49+ if [ ! -f "$file" ]; then
50+ logger -t fwknop-server -s "Configuration file $file is missing."
51+ stop
52+ exit 0
53+ fi
54+ done
55+
56+end script
57+
58+exec /usr/sbin/fwknopd -f $DAEMON_ARGS

Subscribers

People subscribed via source and target branches