[JENKINS-67075] Strip a possible daemon-injected prefix when restarting the server. #5899
Conversation
…ng the server.
At least the Debian packages rely on the `daemon` command to start the
server with appropriate parameters, leveraging the /etc/init.d/jenkins
shell script and the variables set in the /etc/default/jenkins config
file.
The init script calls `/usr/bin/daemon --name=$NAME […]`, with NAME
defaulting to `jenkins`. Starting with daemon 0.7.0-1 (as found in
Debian 11 “Bullseye” and in Ubuntu since Hirsute Hippo), using the
`--name` option results in the specified value's being prepended to
the program being started.
This can be checked with:
root@jenkins:~# pgrep -f jenkins: -a
73109 jenkins: /usr/bin/java -Djava.awt.headless=true -jar /usr/share/jenkins/jenkins.war --webroot=/var/cache/jenkins/war --httpPort=8080
root@jenkins:~# tr '\0' '\n' < /proc/73109/cmdline
jenkins: /usr/bin/java
-Djava.awt.headless=true
-jar
/usr/share/jenkins/jenkins.war
--webroot=/var/cache/jenkins/war
--httpPort=8080
Therefore, detect and remove such a prefix from the first argument
(the executable). Since the daemon's name is configurable, don't
hardcode "jenkins: ", but strip everything until the first slash if
it's preceeded by a colon and a space.
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
| String exe = args.get(0); | ||
| exe = exe.replaceFirst("^(.*): /", "/"); |
There was a problem hiding this comment.
Should this regular expression discard the first string that does not contain a ':' character, ending with a ':'? Shouldn't it require at least one character in the prefix string before the ':' character?
| exe = exe.replaceFirst("^(.*): /", "/"); | |
| exe = exe.replaceFirst("^([^:]+): /", "/"); |
I still need to test this on a Debian 11 system before I'm ready to approve the pull request or my tentatively proposed change to the pull request.
There was a problem hiding this comment.
You're absolutely right; I was so focused on figuring out how replacements work in the Java world that I have lost track of the actual pattern, and forgot to try and improve it. Given https://sources.debian.org/src/adduser/3.118/adduser/#L866 (and probably other constraints on different platforms), it looks like an “interesting” topic.
Anyway, it looks like:
*→+makes sense;- excluding
:from the character class looks good to me; - maybe excluding
/as well for good measure?
There was a problem hiding this comment.
The change makes sense, but UnixLifecycle seems like the wrong layer to introduce this logic. I think it would be better to place this logic in JavaVMArguments, where the fix would extend to any functionality consuming the Jenkins controller JVM arguments (e.g., HsErrPidList) rather than just the UnixLifecycle class.
Oh, right. I took Also, for completeness: chatting a little with @evgeni on Twitter, we mentioned one could try and get to the actual executable (e.g. |
ssh me@someserver nohup java -jar jenkins.waror something ridiculous like that, where ( |
|
Why must you set it for |
|
I do not work on that chart and cannot vouch for its correctness. CloudBees CI sets |
|
But why must you set it? As it seems to work fine in my experience with the default (at least on Linux x64) |
|
Because the default is to use |
|
thanks created jenkinsci/helm-charts#529 |
I agree with this. If Jenkins is being run in a container, we should always be using When JENKINS-41218 is fixed, I think we should also use |
|
Is this needed after jenkinsci/packaging#261 ? |
|
Yes, jenkinsci/packaging#261 should fix JENKINS-67075. My vote would be to ship it in a weekly or two and then go for LTS, but @MarkEWaite likely wants to hold off. |
it'll be in the weekly next Tuesday as it's merged. |
At least the Debian packages rely on the
daemoncommand to start theserver with appropriate parameters, leveraging the /etc/init.d/jenkins
shell script and the variables set in the /etc/default/jenkins config
file.
The init script calls
/usr/bin/daemon --name=$NAME […], with NAMEdefaulting to
jenkins. Starting with daemon 0.7.0-1 (as found inDebian 11 “Bullseye” and in Ubuntu since Hirsute Hippo), using the
--nameoption results in the specified value's being prepended tothe program being started.
This can be checked with:
Therefore, detect and remove such a prefix from the first argument
(the executable). Since the daemon's name is configurable, don't
hardcode "jenkins: ", but strip everything until the first slash if
it's preceeded by a colon and a space.
Signed-off-by: Cyril Brulebois cyril@debamax.com
See JENKINS-67075.
Proposed changelog entries
Submitter checklist
I've written this change on top of my local
stable-2.303branch (and it can be cherry-picked trivially on top ofmaster, which is what I'm submitting here), and tested it by deploying the generated war file instead of the one shipped in the Debian package, then using the/safeRestartentry point to make sure the server does restart correctly. I'm not sure it warrants adding tests in the source code tree.Desired reviewers
Maintainer checklist
Before the changes are marked as
ready-for-merge:Proposed changelog entriesare correctupgrade-guide-neededlabel is set and there is aProposed upgrade guidelinessection in the PR title. (example)lts-candidateto be considered (see query).