Other services are running without monitors, so systemd can properly
track the pid. But ovs-monitor-ipsec is running with a monitor, so
there is one more fork and systemd complains about the pid file:
systemd[1]: openvswitch-ipsec.service: Supervising process 1037185
which is not our child. We'll most likely not notice
when it exits.
This is also causing some spurious kills sent to the child on service
stop.
Fix by running ovs-monitor-ipsec without a monitor as all other OVS
services.
We can't use start_daemon, that would take care of this, because the
script is not on the PATH and we don't want to accidentally change
permissions for OVS directories (ipsec runs as root), but we can mimic
the behavior.
Fixes: f385abded520 ("rhel: Use PIDFile on forking systemd service files")
Fixes: 9990322610f6 ("debian: Update packaging source from Debian/Ubuntu.")
Signed-off-by: Ilya Maximets <[email protected]>
---
debian/openvswitch-ipsec.service | 2 +-
rhel/usr_lib_systemd_system_openvswitch-ipsec.service | 2 +-
utilities/ovs-ctl.in | 7 +++++--
3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/debian/openvswitch-ipsec.service b/debian/openvswitch-ipsec.service
index 608a6a618..dfb1e50d9 100644
--- a/debian/openvswitch-ipsec.service
+++ b/debian/openvswitch-ipsec.service
@@ -6,7 +6,7 @@ After=openvswitch-switch.service
[Service]
Type=forking
PIDFile=/run/openvswitch/ovs-monitor-ipsec.pid
-ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
+ExecStart=/usr/share/openvswitch/scripts/ovs-ctl --no-monitor \
--ike-daemon=strongswan start-ovs-ipsec
ExecStop=/usr/share/openvswitch/scripts/ovs-ctl stop-ovs-ipsec
diff --git a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
index 92dad44f9..88a509662 100644
--- a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
+++ b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
@@ -6,7 +6,7 @@ After=openvswitch.service
[Service]
Type=forking
PIDFile=/run/openvswitch/ovs-monitor-ipsec.pid
-ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
+ExecStart=/usr/share/openvswitch/scripts/ovs-ctl --no-monitor \
--ike-daemon=libreswan start-ovs-ipsec
ExecStop=/usr/share/openvswitch/scripts/ovs-ctl stop-ovs-ipsec
diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in
index 57abd3a5b..1f9ce1e6e 100644
--- a/utilities/ovs-ctl.in
+++ b/utilities/ovs-ctl.in
@@ -245,12 +245,15 @@ start_ovs_ipsec () {
if test X$RESTART_IKE_DAEMON = Xno; then
no_restart="--no-restart-ike-daemon"
fi
+ if test X"$MONITOR" != Xno; then
+ monitor_arg="--monitor"
+ fi
${datadir}/scripts/ovs-monitor-ipsec \
--pidfile=${rundir}/ovs-monitor-ipsec.pid \
--ike-daemon=$IKE_DAEMON \
- $no_restart \
- --log-file --detach --monitor unix:${rundir}/db.sock || return 1
+ $no_restart $monitor_arg \
+ --log-file --detach unix:${rundir}/db.sock || return 1
return 0
}
--
2.47.0
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
