Merge pull request 'fix/freebsd-rc-live-copy-safe' (#72) from fix/freebsd-rc-live-copy-safe into main
Reviewed-on: #72
This commit is contained in:
commit
c967698ea2
1 changed files with 16 additions and 6 deletions
|
|
@ -4,8 +4,9 @@
|
|||
#
|
||||
# colibri-daemon runs in the FOREGROUND — it does not self-daemonize or write a
|
||||
# pidfile. rc.d runs it under daemon(8), which backgrounds it, writes the
|
||||
# child pidfile (colibri-daemon PID), restarts on crash, drops privileges to
|
||||
# the colibri user, and redirects stdout/stderr (tracing) to a logfile.
|
||||
# child pidfile (colibri-daemon PID), restarts on crash, and redirects
|
||||
# stdout/stderr (tracing) to a logfile. rc.subr performs the privilege drop
|
||||
# through ${name}_user.
|
||||
#
|
||||
# Setup (one-time, as root):
|
||||
# pw groupadd colibri
|
||||
|
|
@ -37,7 +38,7 @@ load_rc_config $name
|
|||
: ${colibri_daemon_enable:="NO"}
|
||||
: ${colibri_daemon_user:="colibri"}
|
||||
: ${colibri_daemon_group:="colibri"}
|
||||
: ${colibri_daemon_program:="/usr/local/bin/colibri-daemon"}
|
||||
: ${colibri_daemon_binary:="/usr/local/bin/colibri-daemon"}
|
||||
: ${colibri_daemon_data_dir:="/var/db/colibri"}
|
||||
: ${colibri_daemon_run_dir:="/var/run/colibri"}
|
||||
: ${colibri_daemon_socket:="${colibri_daemon_run_dir}/colibri.sock"}
|
||||
|
|
@ -54,11 +55,13 @@ supervisor_pidfile="${colibri_daemon_run_dir}/colibri-daemon-supervisor.pid"
|
|||
# Run colibri-daemon under daemon(8):
|
||||
# -P supervisor pidfile (the daemon(8) parent — used by stop)
|
||||
# -p child pidfile (writes colibri-daemon PID — used by start/status)
|
||||
# -r restart on crash, -t process title, -u drop to the colibri user,
|
||||
# -r restart on crash, -t process title,
|
||||
# -o append stdout/stderr to log.
|
||||
# rc.subr already runs the command as ${colibri_daemon_user}; do not also pass
|
||||
# daemon(8) -u or daemon(8) will try to drop privileges a second time.
|
||||
command="/usr/sbin/daemon"
|
||||
command_args="-P ${supervisor_pidfile} -p ${pidfile} -r -t ${name} -u ${colibri_daemon_user} \
|
||||
-o ${colibri_daemon_logfile} ${colibri_daemon_program}"
|
||||
command_args="-P ${supervisor_pidfile} -p ${pidfile} -r -t ${name} \
|
||||
-o ${colibri_daemon_logfile} ${colibri_daemon_binary}"
|
||||
|
||||
# Use the child's process name so rc.subr can find the right process via the
|
||||
# child pidfile. Using the daemon(8) supervisor path would collide with
|
||||
|
|
@ -81,6 +84,11 @@ colibri_daemon_prestart()
|
|||
install -d -o "${colibri_daemon_user}" -g "${colibri_daemon_group}" -m 0750 \
|
||||
"$(/usr/bin/dirname "${colibri_daemon_logfile}")"
|
||||
|
||||
# Remove stale runtime files while rc.d is still root. The daemon process
|
||||
# runs as colibri and cannot unlink a stale socket left behind by a prior
|
||||
# root/corrupt manual start.
|
||||
rm -f "${colibri_daemon_socket}" "${pidfile}" "${supervisor_pidfile}"
|
||||
|
||||
# Config is passed to the child via the environment.
|
||||
export COLIBRI_DAEMON_DATA_DIR="${colibri_daemon_data_dir}"
|
||||
export COLIBRI_DAEMON_SOCKET="${colibri_daemon_socket}"
|
||||
|
|
@ -101,6 +109,8 @@ colibri_daemon_poststart()
|
|||
|
||||
if [ -S "${colibri_daemon_socket}" ]; then
|
||||
echo "colibri-daemon socket ready after ${waited}s"
|
||||
chmod 644 "${pidfile}" 2>/dev/null || true
|
||||
chmod 660 "${colibri_daemon_socket}" 2>/dev/null || true
|
||||
else
|
||||
echo "WARNING: colibri-daemon socket not ready after ${timeout}s"
|
||||
fi
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue