[Swan-dev] set systemd variables to aovid SIGABORT

Antony Antony antony at phenome.org
Thu Jul 21 16:50:06 UTC 2016 

While debugging pluto, running in gdb, I noticed on F22 systemd could send sigabort. To disable it I set  WatchdogSec=0 d 0 in Makefile.inc.local I set
SD_WATCHDOGSEC_DEFAULT=0  
While working at it I also exposed a couple of more variables in Makefile.inc.local . These are useful to developing/debugging. I would like to see this patch, or a revised one, applied. Any ideas/objections?

Another recent systemd effect I notice is "intermittently", after a make install or install-base, I get this message " Run 'systemctl daemon-reload' to reload units." and ./eastinit.sh fail.

[root at east basic-pluto-01]# ./eastinit.sh
Warning: ipsec.service changed on disk. Run 'systemctl daemon-reload' to reload units.
Redirecting to: systemctl start ipsec.service
Failed to start ipsec.service: Unit ipsec.service is masked.


PS: this is how SIGABRT looks like in gdb which looks like 
https://github.com/systemd/systemd/issues/917

Program received signal SIGABRT, Aborted.
0x00007f99af0c2b93 in epoll_wait () at ../sysdeps/unix/syscall-template.S:84
84	T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
(gdb) bt
#0  0x00007f99af0c2b93 in epoll_wait ()
    at ../sysdeps/unix/syscall-template.S:84
#1  0x00007f99afe7f4b8 in epoll_dispatch (base=0x555850e1e1b0,
    tv=<optimized out>) at epoll.c:407
#2  0x00007f99afe69add in event_base_loop (base=0x555850e1e1b0, flags=0)
    at event.c:1607
#3  0x000055584ea49294 in main_loop ()
    at /home/build/libreswan/programs/pluto/server.c:628
#4  0x000055584ea49643 in call_server ()
    at /home/build/libreswan/programs/pluto/server.c:742

-antony
-------------- next part --------------
commit e927f35a93c2a55f3d37ac8681230d91f5593e0a
Author: Antony Antony <antony at phenome.org>
Date:   Tue Jul 12 16:19:20 2016 +0200

    install: expose systemd variables in Makefile.inc.local
    	SD_RESTART_TYPE_DEFAULT
    	SD_PLUTO_OPTIONS_DEFAULT
    	SD_WATCHDOGSEC_DEFAULT=0 disables systemd watchdog; useful with gdb.

diff --git a/initsystems/systemd/ipsec.service.in b/initsystems/systemd/ipsec.service.in
index 5265fac..b4a7916 100644
--- a/initsystems/systemd/ipsec.service.in
+++ b/initsystems/systemd/ipsec.service.in
@@ -5,7 +5,7 @@ After=network-online.target
 
 [Service]
 Type=@SD_TYPE@
-Restart=always
+Restart=@SD_RESTART_TYPE@
 # backwards compatible with plutorestartoncrash=no
 #RestartPreventExitStatus=137 143 SIGTERM SIGKILL
 
@@ -14,7 +14,7 @@ Restart=always
 # EVENT_SD_WATCHDOG updates the heartbeat every 15 seconds, recommended values
 # are 60, 90, 120. WatchdogSec=0 disables the action
 NotifyAccess=all
-WatchdogSec=60
+WatchdogSec=@SD_WATCHDOGSEC@
 
 # Check configuration file
 ExecStartPre=@FINALLIBEXECDIR@/addconn --config @FINALCONFFILE@ --checkconfig
@@ -25,7 +25,7 @@ ExecStartPre=@FINALSBINDIR@/ipsec --checknss
 # Check for nflog setup
 ExecStartPre=@FINALSBINDIR@/ipsec --checknflog
 # Start the actual IKE daemon
-ExecStart=@FINALLIBEXECDIR@/pluto --config @FINALCONFFILE@ --nofork
+ExecStart=@FINALLIBEXECDIR@/pluto @SD_PLUTO_OPTIONS@ --config @FINALCONFFILE@ --nofork
 ExecStop=@FINALLIBEXECDIR@/whack --shutdown
 ExecStopPost=/sbin/ip xfrm policy flush
 ExecStopPost=/sbin/ip xfrm state flush
diff --git a/mk/config.mk b/mk/config.mk
index 073acfd..d1df924 100644
--- a/mk/config.mk
+++ b/mk/config.mk
@@ -502,6 +502,9 @@ TRANSFORM_VARIABLES = sed -e "s:@IPSECVERSION@:$(IPSECVERSION):g" \
 			-e "s:@MODPROBEARGS@:$(MODPROBEARGS):g" \
 			-e "s:@USE_DEFAULT_CONNS@:$(USE_DEFAULT_CONNS):g" \
 			-e "s:@SD_TYPE@:$(SD_TYPE):g" \
+			-e "s:@SD_RESTART_TYPE@:$(SD_RESTART_TYPE):g" \
+			-e "s:@SD_PLUTO_OPTIONS@:$(SD_PLUTO_OPTIONS):g" \
+			-e "s:@SD_WATCHDOGSEC@:$(SD_WATCHDOGSEC):g" \
 
 # For KVM testing setup
 #POOL?=${LIBRESWANSRCDIR}/pool
diff --git a/mk/userland-cflags.mk b/mk/userland-cflags.mk
index 5b6a41c..bcc61f0 100644
--- a/mk/userland-cflags.mk
+++ b/mk/userland-cflags.mk
@@ -109,6 +109,24 @@ USERLAND_CFLAGS+=-DIPSEC_VARDIR=\"$(FINALVARDIR)\"
 USERLAND_CFLAGS+=-DPOLICYGROUPSDIR=\"${FINALCONFDDIR}/policies\"
 USERLAND_CFLAGS+=-DIPSEC_SECRETS_FILE=\"$(IPSEC_SECRETS_FILE)\"
 
+ifeq ($(origin SD_RESTART_TYPE_DEFAULT),undefined)
+SD_RESTART_TYPE="always"
+else
+SD_RESTART_TYPE="$(SD_RESTART_TYPE_DEFAULT)"
+endif
+
+ifeq ($(origin SD_PLUTO_OPTIONS_DEFAULT),undefined)
+SD_PLUTO_OPTIONS="--leak-detective"
+else
+SD_PLUTO_OPTIONS="$(SD_PLUTO_OPTIONS_DEFAULT)"
+endif
+
+ifeq ($(origin SD_WATCHDOGSEC_DEFAULT),undefined)
+SD_WATCHDOGSEC=60
+else
+SD_WATCHDOGSEC="$(SD_WATCHDOGSEC_DEFAULT)"
+endif
+
 ifeq ($(origin RETRANSMIT_INTERVAL_DEFAULT),undefined)
 USERLAND_CFLAGS+=-DRETRANSMIT_INTERVAL_DEFAULT="500"
 else

More information about the Swan-dev mailing list