[Swan-dev] set systemd variables to aovid SIGABORT
Antony Antony
antony at phenome.org
Thu Jul 21 16:50:06 UTC 2016
While debugging pluto, running in gdb, I noticed on F22 systemd could send sigabort. To disable it I set WatchdogSec=0 d 0 in Makefile.inc.local I set
SD_WATCHDOGSEC_DEFAULT=0
While working at it I also exposed a couple of more variables in Makefile.inc.local . These are useful to developing/debugging. I would like to see this patch, or a revised one, applied. Any ideas/objections?
Another recent systemd effect I notice is "intermittently", after a make install or install-base, I get this message " Run 'systemctl daemon-reload' to reload units." and ./eastinit.sh fail.
[root at east basic-pluto-01]# ./eastinit.sh
Warning: ipsec.service changed on disk. Run 'systemctl daemon-reload' to reload units.
Redirecting to: systemctl start ipsec.service
Failed to start ipsec.service: Unit ipsec.service is masked.
PS: this is how SIGABRT looks like in gdb which looks like
https://github.com/systemd/systemd/issues/917
Program received signal SIGABRT, Aborted.
0x00007f99af0c2b93 in epoll_wait () at ../sysdeps/unix/syscall-template.S:84
84 T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
(gdb) bt
#0 0x00007f99af0c2b93 in epoll_wait ()
at ../sysdeps/unix/syscall-template.S:84
#1 0x00007f99afe7f4b8 in epoll_dispatch (base=0x555850e1e1b0,
tv=<optimized out>) at epoll.c:407
#2 0x00007f99afe69add in event_base_loop (base=0x555850e1e1b0, flags=0)
at event.c:1607
#3 0x000055584ea49294 in main_loop ()
at /home/build/libreswan/programs/pluto/server.c:628
#4 0x000055584ea49643 in call_server ()
at /home/build/libreswan/programs/pluto/server.c:742
-antony
-------------- next part --------------
commit e927f35a93c2a55f3d37ac8681230d91f5593e0a
Author: Antony Antony <antony at phenome.org>
Date: Tue Jul 12 16:19:20 2016 +0200
install: expose systemd variables in Makefile.inc.local
SD_RESTART_TYPE_DEFAULT
SD_PLUTO_OPTIONS_DEFAULT
SD_WATCHDOGSEC_DEFAULT=0 disables systemd watchdog; useful with gdb.
diff --git a/initsystems/systemd/ipsec.service.in b/initsystems/systemd/ipsec.service.in
index 5265fac..b4a7916 100644
--- a/initsystems/systemd/ipsec.service.in
+++ b/initsystems/systemd/ipsec.service.in
@@ -5,7 +5,7 @@ After=network-online.target
[Service]
Type=@SD_TYPE@
-Restart=always
+Restart=@SD_RESTART_TYPE@
# backwards compatible with plutorestartoncrash=no
#RestartPreventExitStatus=137 143 SIGTERM SIGKILL
@@ -14,7 +14,7 @@ Restart=always
# EVENT_SD_WATCHDOG updates the heartbeat every 15 seconds, recommended values
# are 60, 90, 120. WatchdogSec=0 disables the action
NotifyAccess=all
-WatchdogSec=60
+WatchdogSec=@SD_WATCHDOGSEC@
# Check configuration file
ExecStartPre=@FINALLIBEXECDIR@/addconn --config @FINALCONFFILE@ --checkconfig
@@ -25,7 +25,7 @@ ExecStartPre=@FINALSBINDIR@/ipsec --checknss
# Check for nflog setup
ExecStartPre=@FINALSBINDIR@/ipsec --checknflog
# Start the actual IKE daemon
-ExecStart=@FINALLIBEXECDIR@/pluto --config @FINALCONFFILE@ --nofork
+ExecStart=@FINALLIBEXECDIR@/pluto @SD_PLUTO_OPTIONS@ --config @FINALCONFFILE@ --nofork
ExecStop=@FINALLIBEXECDIR@/whack --shutdown
ExecStopPost=/sbin/ip xfrm policy flush
ExecStopPost=/sbin/ip xfrm state flush
diff --git a/mk/config.mk b/mk/config.mk
index 073acfd..d1df924 100644
--- a/mk/config.mk
+++ b/mk/config.mk
@@ -502,6 +502,9 @@ TRANSFORM_VARIABLES = sed -e "s:@IPSECVERSION@:$(IPSECVERSION):g" \
-e "s:@MODPROBEARGS@:$(MODPROBEARGS):g" \
-e "s:@USE_DEFAULT_CONNS@:$(USE_DEFAULT_CONNS):g" \
-e "s:@SD_TYPE@:$(SD_TYPE):g" \
+ -e "s:@SD_RESTART_TYPE@:$(SD_RESTART_TYPE):g" \
+ -e "s:@SD_PLUTO_OPTIONS@:$(SD_PLUTO_OPTIONS):g" \
+ -e "s:@SD_WATCHDOGSEC@:$(SD_WATCHDOGSEC):g" \
# For KVM testing setup
#POOL?=${LIBRESWANSRCDIR}/pool
diff --git a/mk/userland-cflags.mk b/mk/userland-cflags.mk
index 5b6a41c..bcc61f0 100644
--- a/mk/userland-cflags.mk
+++ b/mk/userland-cflags.mk
@@ -109,6 +109,24 @@ USERLAND_CFLAGS+=-DIPSEC_VARDIR=\"$(FINALVARDIR)\"
USERLAND_CFLAGS+=-DPOLICYGROUPSDIR=\"${FINALCONFDDIR}/policies\"
USERLAND_CFLAGS+=-DIPSEC_SECRETS_FILE=\"$(IPSEC_SECRETS_FILE)\"
+ifeq ($(origin SD_RESTART_TYPE_DEFAULT),undefined)
+SD_RESTART_TYPE="always"
+else
+SD_RESTART_TYPE="$(SD_RESTART_TYPE_DEFAULT)"
+endif
+
+ifeq ($(origin SD_PLUTO_OPTIONS_DEFAULT),undefined)
+SD_PLUTO_OPTIONS="--leak-detective"
+else
+SD_PLUTO_OPTIONS="$(SD_PLUTO_OPTIONS_DEFAULT)"
+endif
+
+ifeq ($(origin SD_WATCHDOGSEC_DEFAULT),undefined)
+SD_WATCHDOGSEC=60
+else
+SD_WATCHDOGSEC="$(SD_WATCHDOGSEC_DEFAULT)"
+endif
+
ifeq ($(origin RETRANSMIT_INTERVAL_DEFAULT),undefined)
USERLAND_CFLAGS+=-DRETRANSMIT_INTERVAL_DEFAULT="500"
else
More information about the Swan-dev
mailing list