Hi, Am 31. August 2016 13:51:41 MESZ, schrieb Dmitry Bogatov <[email protected]>, >Please share best practices on daemon configuration upgrade -- should >I restart (no reload, unfortunatelly) daemon, when I upgrade it?
In general: yes. Even if your daemon supports reload, you should restart it, because you've installed a new version and don't want the old version running. There are two ways of doing so: stop in preinst and start again in postinst, or keep running during upgrade and restart in postinst. The latter is preferred, because it keeps the downtime low, but some daemons can't cope with files being replaced on disk while they are running (especially if they consist of multiple binaries). See the manpages for dh_installinit and dh_systemd_start for details. If for some reason you need to do so manually, please respect users' policy-rc.d, e.g. by only using invoke-rc.d. There are some special cases though: obviously you can't restart pid 1, so both sysvinit and systemd (and likely others) support an operation called 'reexec', in which they serialize their state and call exec() on the new binary. You could also implement that for non pid 1 processes, but people typically don't bother. With systemd (and maybe other inits) you can also save your state (e.g open FDs) in pid 1 and gather it again when starting. This would also be a way to minimize disruptions. Outside of systemd components themselves though, I haven't seen anything in the wild yet that makes us of that. (And you'd still need to do a regular restart on non-systemd systems, so you can't purely rely on that.) >Restart can be disruptive to user. Yes, but since it's Debian policy (or at the very least convention) to restart stuff on upgrades, users will expect that. > If not, how should I tell user, >that default configuration changes and they may want to restart daemon >manually? If anything relevant changes, add a NEWS file to your package, that's the accepted convention for informing users. Typically you'd auto-restart on updates regardless. That all said: there may be cases where you can't (sanely) upgrade a daemon. For example, if you have a network storage daemon responsible for the rootfs: in that case you might not be able to do that without crashing the system. (It depends though; I co-maintain open-iscsi, which does support restarts, even when the rootfs is on iSCSI.) In the end, you have a bit of discretion as package maintainer what the best thing is for your package. tl;dr: err on the side of restarting, but there are legitimate exceptions. Hope that helps. Regards, Christian
