Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

debian: instances are stopped but not started after package upgrade #72

Closed
nusenu opened this issue Aug 7, 2016 · 4 comments
Closed

debian: instances are stopped but not started after package upgrade #72

nusenu opened this issue Aug 7, 2016 · 4 comments
Labels
bug
Milestone
0.2.0

Comments

@nusenu
Copy link
Owner

nusenu commented Aug 7, 2016

The latest tor upgrade revealed a problem:
when upgrading, tor instances are properly stopped, but are not started again.

This is my current understanding of the root-cause:

Tor instances are stopped by prerm:

if [ -x "/etc/init.d/tor" ]; then
        invoke-rc.d tor stop || tor_error_init
fi

and started by postinst:

if [ -x "/etc/init.d/tor" ]; then
        update-rc.d tor defaults >/dev/null
        invoke-rc.d tor start || tor_error_init
fi

Starting tor.service does not start multi-instance services due to the semantics of PartOf= (which is only relevant in the context of stop and restart actions, but not for start):

PartOf=
           Configures dependencies similar to Requires=, but limited to stopping and restarting of units. When systemd stops or restarts the units listed here, the action is propagated to this unit. Note
           that this is a one-way dependency  changes to this unit do not affect the listed units.

Another relevant point here is that our instances are named after IP addresses and ORports:
IP_port
and therefore include non-alphanumeric characters (i.e. "_").

This is relevant because the generator, that solves the "PartOf= does not cover the start case" problem, filters non-alphanumeric instance names.
https://gitweb.torproject.org/debian/tor.git/tree/debian/systemd/tor-generator

Adding "." and "_" to the allowed characters should be fine since tor-instance-create invokes adduser with "--force-badname" already.

I'll ask the maintainer whether this change is acceptable or has any other unwanted side effects, but we havn't had any problems with these service names in a long time.
@nusenu
Copy link
Owner Author

nusenu commented Aug 21, 2016

One can override the maintainers generator starting with systemd 219 - so the fix is trivial on Debian Testing and Ubuntu 16.04.
Systemd in Debian Jessie (215) is to old for that feature, so we use Martin Pitt's (Debian Developer) suggestion to solve it on Debian Jessie via dpkg-statoverride:
https://lists.freedesktop.org/archives/systemd-devel/2016-August/037367.html

@nusenu
Copy link
Owner Author

nusenu commented Aug 21, 2016

https://lists.torproject.org/pipermail/tor-relays/2016-August/009875.html

@nusenu
Copy link
Owner Author

nusenu commented Aug 21, 2016

Our modification to the generator script:

23c23
<     if echo "x$name" | grep -q '[^a-zA-Z0-9]' ||
---
>     if echo "x$name" | grep -q '[^a-zA-Z0-9_.]' ||
31d30
<

@nusenu
Copy link
Owner Author

nusenu commented Aug 21, 2016
edited

Known side effect, error messages on debian 8:

systemd: /lib/systemd/system-generators/tor-generator failed with error
code 1.
systemd: Failed to execute /lib/systemd/system-generators/tor-generator:
Permission denied

Currently we run dpkg-statoverride every time, at some point we might want to change this to run as a handler (triggered by package installation).

@nusenu nusenu closed this as completed in 0406395 Aug 21, 2016
@nusenu nusenu added the bug label Feb 5, 2017
@nusenu nusenu added this to the 0.2.0 milestone Feb 5, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
0.2.0
Development

No branches or pull requests
1 participant
@nusenu