New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add config files to run gsad as a unix daemon #1486
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
gsad/config/gsad.logrotate.in
These are controlled globally by logrotate.conf so maybe user doesn't want to override it.
- daily
- rotate 7
copytruncate may cause lost logs, why we don't use create and kill HUP?
/var/log/gvm/gsad.log {
sharedscripts
missingok
compress
create
notifempty
postrotate
/bin/kill -HUP `cat /var/run/gsad.pid 2>/dev/null` 2>/dev/null || true
endscript
}
gsad/config/gsad.service.in
Don't we need gvmd & openvas-scanner before gsad ?
Also why we don't use ExecReload=/bin/kill -HUP $MAINPID
[Unit]
Description=Greenbone Security Assistant
After=network.target
After=openvas-scanner.service
After=gvmd.service
Wants=gvmd.service
[Service]
Type=forking
EnvironmentFile=-${DEFAULT_CONFIG_DIR}/gsad
ExecStart=${SBINDIR}/gsad --listen $GSA_ADDRESS --port $GSA_PORT
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
User=root
Group=root
TimeoutSec=1200
[Install]
WantedBy=multi-user.target
I am going to remove them.
Because I didn't wanted to restart the gsad daemon and therefore not answering to requests. Currently SIGHUP is ignored https://github.com/greenbone/gsa/blob/gsa-8.0/gsad/src/gsad.c#L2489
gsad should not run as root.
Yes but currently we don't have service files for them. This PR is intended as a start to get some service files into the releases. I am fine with adding further PRs to improve them. |
Just for curiosity how can log be lost in that case? |
Add config files for systemd, start arguments and logrotate. Replaces #760
While the truncate operation is very fast, the copy can be quite long (depending of how big is your logfile). Moreover, some log entry can be lost during the time between the copy operation and the truncate. Also thank you for the info:
gvmd and open-scanner daemon are in the same situation about SIGHUP ? Then i Hhave to fix all my service files and logrotate files. |
At least gvmd seems to ignore it too https://github.com/greenbone/gvmd/blob/master/src/gvmd.c#L2605 |
Codecov Report
@@ Coverage Diff @@
## gsa-8.0 #1486 +/- ##
========================================
Coverage 37.43% 37.43%
========================================
Files 963 963
Lines 21812 21812
Branches 6068 6089 +21
========================================
Hits 8165 8165
Misses 12351 12351
Partials 1296 1296
Continue to review full report at Codecov.
|
Add config files for systemd, start arguments and logrotate.
Replaces #760
Checklist: