Merge pull request #3677 from pieterlexis/dnsdist-systemd-notify-support

dnsdist: Add support for systemd-notify

build-scripts/build-dnsdist-rpm

@@ -40,8 +40,10 @@ SODIUM_CONFIGURE=''
 
 # Some RPM platforms use systemd, others sysv, we default to systemd here
 INIT_BUILDREQUIRES='BuildRequires: systemd'
-INIT_INSTALL='install -d -m 755 %{buildroot}/%{_sysconfdir}/systemd/system/ && install -m 664 contrib/dnsdist.service %{buildroot}/%{_sysconfdir}/systemd/system/dnsdist.service'
-INIT_FILES='%{_sysconfdir}/systemd/system/dnsdist.service'
+#INIT_INSTALL='install -d -m 755 %{buildroot}/lib/systemd/system/ && install -m 664 dnsdist.service %{buildroot}/lib/systemd/system/dnsdist.service'
+INIT_INSTALL=''
+INIT_FILES='/lib/systemd/system/dnsdist.service'
+INIT_CONFIGURE='--enable-systemd --with-systemd=/lib/systemd/system \'
 
 # These two are the same for sysv and systemd (we don't install defaults files at the moment)
 DEFAULTS_INSTALL=''
@@ -64,6 +66,7 @@ if [ -f /etc/redhat-release ]; then
       INIT_BUILDREQUIRES=''
       INIT_INSTALL='install -d -m 755 %{buildroot}/%{_initrddir} && install -m 755 contrib/dnsdist.init.centos6 %{buildroot}/%{_initrddir}/dnsdist'
       INIT_FILES='%{_initrddir}/dnsdist'
+      INIT_CONFIGURE='\'
       SETUP="%setup -n %{name}-${TARBALLVERSION}"
       RPMBUILD_COMMAND="scl enable devtoolset-3 -- ${RPMBUILD_COMMAND}"
       ;;
@@ -101,6 +104,7 @@ ${SETUP}
 %build
 %configure \
   --sysconfdir=/etc/dnsdist \
+  ${INIT_CONFIGURE}
   ${SODIUM_CONFIGURE}
 
 make

build-scripts/debian-dnsdist/control.in

@@ -3,7 +3,7 @@ Section: net
 Priority: optional
 Maintainer: PowerDNS Autobuilder <powerdns.support@powerdns.com>
 Origin: PowerDNS
-Build-Depends: debhelper (>= 9), dh-autoreconf, dh-systemd (>= 1.5), libboost-dev, libedit-dev, liblua5.2-dev, pkg-config @LIBSODIUMDEV@
+Build-Depends: debhelper (>= 9), dh-autoreconf, dh-systemd (>= 1.5), libboost-dev, libedit-dev, liblua5.2-dev, pkg-config @LIBSODIUMDEV@ @LIBSYSTEMDDEV@
 Standards-Version: 3.9.7
 Homepage: http://dnsdist.org
 

build-scripts/debian-dnsdist/dnsdist.service

@@ -4,8 +4,10 @@ Wants=network-online.target
 After=network-online.target
 
 [Service]
-# Keep the --supervised and --disable-syslog option when modifying the default options
+# Note: when editing the ExecStart command, keep --supervised and --disable-syslog
 ExecStart=/usr/bin/dnsdist --supervised --disable-syslog -u _dnsdist -g _dnsdist
+
+Type=notify
 Restart=on-failure
 RestartSec=2
 TimeoutStopSec=5

build-scripts/debian-dnsdist/rules

@@ -9,20 +9,26 @@ include /usr/share/dpkg/default.mk
 
 ENABLE_LIBSODIUM := --enable-libsodium
 LIBSODIUM_DEV := , libsodium-dev
+
+ENABLE_SYSTEMD := --enable-systemd --with-systemd=/lib/systemd/system
+LIBSYSTEMD_DEV := , libsystemd-dev
 DEBHELPER_WITH_SYSTEMD := --with systemd
 
 # $(ID) and $(VERSION_ID) come from the environment, source this from /etc/os-release
 ifeq ($(ID), ubuntu)
   ifeq ($(VERSION_ID), 14.04)
     # Disable building and depending on libsodium on Ubuntu Trusty
     ENABLE_LIBSODIUM=
+    ENABLE_SYSTEMD=
+    LIBSYSTEMD_DEV=
     LIBSODIUM_DEV=
     DEBHELPER_WITH_SYSTEMD=
   endif
 endif
 
 debian/control: debian/control.in
-	sed -E "s!@LIBSODIUMDEV@!$(LIBSODIUM_DEV)!" $< > $@
+	sed -e "s!@LIBSODIUMDEV@!$(LIBSODIUM_DEV)!" \
+	    -e "s!@LIBSYSTEMDDEV@!$(LIBSYSTEMD_DEV)!" $< > $@
 
 %:
 	dh $@ \
@@ -40,6 +46,7 @@ override_dh_auto_configure:
 	  --infodir=\$${prefix}/share/info \
 	  --libdir='$${prefix}/lib/$(DEB_HOST_MULTIARCH)' \
 	  --libexecdir='$${prefix}/lib' \
+	  $(ENABLE_SYSTEMD) \
 	  $(ENABLE_LIBSODIUM)
 
 override_dh_auto_build-arch:

pdns/README-dnsdist.md

@@ -14,6 +14,10 @@ Compiling
 compiler (g++ 4.8 or higher, clang 3.5 or higher). It can optionally use libsodium
 for encrypted communications with its client.
 
+Should `dnsdist` be run on a system with systemd, it is highly recommended to have
+the systemd header files (`libsystemd-dev` on debian and `systemd-devel` on CentOS)
+installed to have `dnsdist` support systemd-notify.
+
 To compile on CentOS 6 / RHEL6, use this script to install a working compiler:
 
 ```

pdns/dnsdist-lua.cc

@@ -9,6 +9,10 @@
 #include "lock.hh"
 #include <net/if.h>
 
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
 using std::thread;
 
 static vector<std::function<void(void)>>* g_launchWork;
@@ -497,7 +501,12 @@ vector<std::function<void(void)>> setupLua(bool client, const std::string& confi
         g_outputBuffer+=s+"\n";
 
     });
-  g_lua.writeFunction("shutdown", []() { _exit(0);} );
+  g_lua.writeFunction("shutdown", []() {
+#ifdef HAVE_SYSTEMD
+      sd_notify(0, "STOPPING=1");
+#endif
+      _exit(0);
+  } );
 
 
   g_lua.writeFunction("addDomainBlock", [](const std::string& domain) { 

pdns/dnsdist.cc

@@ -42,6 +42,10 @@
 #include <getopt.h>
 #include "dnsdist-cache.hh"
 
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
 /* Known sins:
 
    Receiver is currently single threaded
@@ -1475,6 +1479,7 @@ try
       break;
     }
   }
+
   argc-=optind;
   argv+=optind;
   for(auto p = argv; *p; ++p) {
@@ -1724,6 +1729,9 @@ try
   thread healththread(healthChecksThread);
 
   if(g_cmdLine.beDaemon || g_cmdLine.beSupervised) {
+#ifdef HAVE_SYSTEMD
+    sd_notify(0, "READY=1");
+#endif
     healththread.join();
   }
   else {

pdns/dnsdistdist/.gitignore

@@ -31,3 +31,4 @@
 /dnsdist
 /dnsmessage.pb.cc
 /dnsmessage.pb.h
+/dnsdist.service

pdns/dnsdistdist/Makefile.am

@@ -1,4 +1,4 @@
-AM_CPPFLAGS += $(LUA_CFLAGS) $(LIBEDIT_CFLAGS) $(YAHTTP_CFLAGS) $(SANITIZER_FLAGS) -DSYSCONFDIR=\"${sysconfdir}\"
+AM_CPPFLAGS += $(SYSTEMD_CFLAGS) $(LUA_CFLAGS) $(LIBEDIT_CFLAGS) $(YAHTTP_CFLAGS) $(SANITIZER_FLAGS) -DSYSCONFDIR=\"${sysconfdir}\"
 
 ACLOCAL_AMFLAGS = -I m4
 
@@ -39,7 +39,8 @@ EXTRA_DIST=dnslabeltext.rl \
 	   build-aux/gen-version \
 	   ext/incbin/UNLICENSE \
 	   incfiles \
-	   src_js
+	   src_js \
+	   dnsdist.service.in
 
 bin_PROGRAMS = dnsdist
 
@@ -100,7 +101,8 @@ dnsdist_LDADD = \
 	$(RT_LIBS) \
 	$(YAHTTP_LIBS) \
 	$(LIBSODIUM_LIBS) \
-	$(SANITIZER_FLAGS)
+	$(SANITIZER_FLAGS) \
+	$(SYSTEMD_LIBS)
 
 if HAVE_RE2
 dnsdist_LDADD += $(RE2_LIBS)
@@ -178,3 +180,13 @@ $(MANPAGES):
 	exit 1
 endif
 endif
+
+if HAVE_SYSTEMD
+dnsdist.service: dnsdist.service.in
+	$(AM_V_GEN)sed -e 's![@]bindir[@]!$(bindir)!' < $< > $@
+
+systemdsystemunitdir = $(SYSTEMD_DIR)
+
+systemdsystemunit_DATA = \
+	dnsdist.service
+endif

pdns/dnsdistdist/configure.ac

@@ -19,6 +19,9 @@ PDNS_CHECK_RE2
 DNSDIST_ENABLE_DNSCRYPT
 PDNS_WITH_PROTOBUF
 
+AX_AVAILABLE_SYSTEMD
+AM_CONDITIONAL([HAVE_SYSTEMD], [ test x"$systemd" = "xy" ])
+
 AC_SUBST([YAHTTP_CFLAGS], ['-I$(top_srcdir)/ext/yahttp'])
 AC_SUBST([YAHTTP_LIBS], ['$(top_builddir)/ext/yahttp/yahttp/libyahttp.la'])
 

pdns/dnsdistdist/contrib/dnsdist.service

@@ -3,7 +3,7 @@ Description=dnsdist
 After=network.target
 
 [Service]
-# Keep the --supervised option when changing the default options
+Type=notify
 ExecStart=/usr/bin/dnsdist --supervised
 
 [Install]

pdns/dnsdistdist/dnsdist.service.in

@@ -0,0 +1,24 @@
+[Unit]
+Description=DNS Loadbalancer
+Wants=network-online.target
+After=network-online.target
+
+[Service]
+# Note: when editing the ExecStart command, keep --supervised and --disable-syslog
+ExecStart=@bindir@/dnsdist --supervised --disable-syslog
+
+Type=notify
+Restart=on-failure
+RestartSec=2
+TimeoutStopSec=5
+StartLimitInterval=0
+PrivateTmp=true
+PrivateDevices=true
+CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_SETGID CAP_SETUID
+NoNewPrivileges=true
+ProtectSystem=full
+ProtectHome=true
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
+
+[Install]
+WantedBy=multi-user.target

pdns/dnsdistdist/m4/ax_arg_default_enable_disable.m4

@@ -0,0 +1,21 @@
+AC_DEFUN([AX_ARG_DEFAULT_ENABLE], [
+AC_ARG_ENABLE([$1], AS_HELP_STRING([--disable-$1], [$2 (default is ENABLED)]))
+AX_PARSE_VALUE([$1], [y])
+])
+
+AC_DEFUN([AX_ARG_DEFAULT_DISABLE], [
+AC_ARG_ENABLE([$1], AS_HELP_STRING([--enable-$1], [$2 (default is DISABLED)]))
+AX_PARSE_VALUE([$1], [n])
+])
+
+dnl This function should not be called outside of this file
+AC_DEFUN([AX_PARSE_VALUE], [
+AS_IF([test "x$enable_$1" = "xno"], [
+    ax_cv_$1="n"
+], [test "x$enable_$1" = "xyes"], [
+    ax_cv_$1="y"
+], [test -z $ax_cv_$1], [
+    ax_cv_$1="$2"
+])
+$1=$ax_cv_$1
+AC_SUBST($1)])

pdns/dnsdistdist/m4/systemd.m4

@@ -0,0 +1,130 @@
+# systemd.m4 - Macros to check for and enable systemd          -*- Autoconf -*-
+#
+# Copyright (C) 2014 Luis R. Rodriguez <mcgrof@suse.com>
+# Copyright (C) 2016 Pieter Lexis <pieter.lexis@powerdns.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+#serial 2
+
+dnl Some optional path options
+AC_DEFUN([AX_SYSTEMD_OPTIONS], [
+	AC_ARG_WITH(systemd, [  --with-systemd          set directory for systemd service files],
+		SYSTEMD_DIR="$withval", SYSTEMD_DIR="")
+	AC_SUBST(SYSTEMD_DIR)
+
+	AC_ARG_WITH(systemd, [  --with-systemd-modules-load          set directory for systemd modules load files],
+		SYSTEMD_MODULES_LOAD="$withval", SYSTEMD_MODULES_LOAD="")
+	AC_SUBST(SYSTEMD_MODULES_LOAD)
+])
+
+AC_DEFUN([AX_ENABLE_SYSTEMD_OPTS], [
+	AX_ARG_DEFAULT_ENABLE([systemd], [Disable systemd support])
+	AX_SYSTEMD_OPTIONS()
+])
+
+AC_DEFUN([AX_ALLOW_SYSTEMD_OPTS], [
+	AX_ARG_DEFAULT_DISABLE([systemd], [Enable systemd support])
+	AX_SYSTEMD_OPTIONS()
+])
+
+AC_DEFUN([AX_CHECK_SYSTEMD_LIBS], [
+	AC_REQUIRE([AX_CHECK_SYSTEMD_DETECT_AND_ENABLE])
+	AS_IF([test "x$libsystemd" = x], [
+	    AC_MSG_ERROR([Unable to find a suitable libsystemd library])
+	])
+
+	PKG_CHECK_MODULES([SYSTEMD], [$libsystemd_daemon])
+	dnl pkg-config older than 0.24 does not set these for
+	dnl PKG_CHECK_MODULES() worth also noting is that as of version 208
+	dnl of systemd pkg-config --cflags currently yields no extra flags yet.
+	AC_SUBST([SYSTEMD_CFLAGS])
+	AC_SUBST([SYSTEMD_LIBS])
+
+	AS_IF([test "x$SYSTEMD_DIR" = x], [
+	    dnl In order to use the line below we need to fix upstream systemd
+	    dnl to properly ${prefix} for child variables in
+	    dnl src/core/systemd.pc.in but this is a bit complex at the
+	    dnl moment as they depend on another rootprefix, which can vary
+	    dnl from prefix in practice. We provide our own definition as we
+	    dnl *know* where systemd will dump this to, but this does limit
+	    dnl us to stick to a non custom systemdsystemunitdir, dnl to work
+	    dnl around this we provide the additional configure option
+	    dnl --with-systemd where you can specify the directory for the unit
+	    dnl files. It would also be best to just extend the upstream
+	    dnl pkg-config  pkg.m4 with an AC_DEFUN() to do this neatly.
+	    dnl SYSTEMD_DIR="`$PKG_CONFIG --define-variable=prefix=$PREFIX --variable=systemdsystemunitdir systemd`"
+	    SYSTEMD_DIR="\$(prefix)/lib/systemd/system/"
+	], [])
+
+	AS_IF([test "x$SYSTEMD_DIR" = x], [
+	    AC_MSG_ERROR([SYSTEMD_DIR is unset])
+	], [])
+
+	dnl There is no variable for this yet for some reason
+	AS_IF([test "x$SYSTEMD_MODULES_LOAD" = x], [
+	    SYSTEMD_MODULES_LOAD="\$(prefix)/lib/modules-load.d/"
+	], [])
+
+	AS_IF([test "x$SYSTEMD_MODULES_LOAD" = x], [
+	    AC_MSG_ERROR([SYSTEMD_MODULES_LOAD is unset])
+	], [])
+])
+
+AC_DEFUN([AX_CHECK_SYSTEMD], [
+	dnl Respect user override to disable
+	AS_IF([test "x$enable_systemd" != "xno"], [
+	     AS_IF([test "x$systemd" = "xy" ], [
+		AC_DEFINE([HAVE_SYSTEMD], [1], [Systemd available and enabled])
+			systemd=y
+			AX_CHECK_SYSTEMD_LIBS()
+	    ],[systemd=n])
+	],[systemd=n])
+])
+
+AC_DEFUN([AX_CHECK_SYSTEMD_DETECT_AND_ENABLE], [
+	AC_CHECK_HEADER([systemd/sd-daemon.h], [
+		for libname in systemd-daemon systemd; do
+			AC_CHECK_LIB([$libname], [sd_listen_fds], [
+				libsystemd_daemon="lib$libname"
+				systemd=y
+				libsystemd=y
+			])
+		done
+	])
+])
+
+dnl Enables systemd by default and requires a --disable-systemd option flag
+dnl to configure if you want to disable.
+AC_DEFUN([AX_ENABLE_SYSTEMD], [
+	AX_ENABLE_SYSTEMD_OPTS()
+	AX_CHECK_SYSTEMD()
+])
+
+dnl Systemd will be disabled by default and requires you to run configure with
+dnl --enable-systemd to look for and enable systemd.
+AC_DEFUN([AX_ALLOW_SYSTEMD], [
+	AX_ALLOW_SYSTEMD_OPTS()
+	AX_CHECK_SYSTEMD()
+])
+
+dnl Systemd will be disabled by default but if your build system is detected
+dnl to have systemd build libraries it will be enabled. You can always force
+dnl disable with --disable-systemd
+AC_DEFUN([AX_AVAILABLE_SYSTEMD], [
+	AX_ALLOW_SYSTEMD_OPTS()
+	AX_CHECK_SYSTEMD_DETECT_AND_ENABLE()
+	AX_CHECK_SYSTEMD()
+])