From 79807a9c2e68eaad17bdb6d02e93e2a0984e2065 Mon Sep 17 00:00:00 2001 From: Guillem Jover Date: Tue, 17 Apr 2018 14:14:27 +0200 Subject: [PATCH] TT#26264 Use better systemd native units While still not the ideal implementation, this is certainly better than the sysvinit script wrapper. We then will "only" need to move the setup scripts into proper service files later on. Change-Id: I990d6847117a4b91a8365a5e307fd96cf5b1899f --- debian/ngcp-rtpengine-daemon.init | 46 +------- debian/ngcp-rtpengine-daemon.install | 1 + debian/ngcp-rtpengine-daemon.service | 16 ++- debian/ngcp-rtpengine-iptables-setup | 100 ++++++++++++++++++ debian/ngcp-rtpengine-recording-daemon.init | 11 +- .../ngcp-rtpengine-recording-daemon.install | 1 + .../ngcp-rtpengine-recording-daemon.service | 12 +-- debian/ngcp-rtpengine-recording-nfs-setup | 37 +++++++ 8 files changed, 152 insertions(+), 72 deletions(-) create mode 100755 debian/ngcp-rtpengine-iptables-setup create mode 100755 debian/ngcp-rtpengine-recording-nfs-setup diff --git a/debian/ngcp-rtpengine-daemon.init b/debian/ngcp-rtpengine-daemon.init index 0df02baac..ff1bf28ed 100755 --- a/debian/ngcp-rtpengine-daemon.init +++ b/debian/ngcp-rtpengine-daemon.init @@ -15,7 +15,6 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin NAME=ngcp-rtpengine-daemon DESC="RTP/media proxy" TABLE=0 -MANAGE_IPTABLES=yes DAEMON=$(which rtpengine) DEFAULTS=/etc/default/${NAME} @@ -37,7 +36,6 @@ fi OPTIONS="" START_OPTIONS="" -MODPROBE_OPTIONS="" if [ ! -z "$INTERFACES" ]; then for interface in $INTERFACES; do @@ -125,30 +123,16 @@ fi if ! test -z "$SET_USER"; then START_OPTIONS="$START_OPTIONS --chuid $SET_USER" - PUID=$(id -u "$SET_USER" 2> /dev/null) - test -z "$PUID" || MODPROBE_OPTIONS="$MODPROBE_OPTIONS proc_uid=$PUID" - if test -z "$SET_GROUP"; then - PGID=$(id -g "$SET_USER" 2> /dev/null) - test -z "$PGID" || MODPROBE_OPTIONS="$MODPROBE_OPTIONS proc_gid=$PGID" - fi test "$DO_DIR_CHOWN" = 1 && chown "$SET_USER": "$PIDDIR" fi if ! test -z "$SET_GROUP"; then START_OPTIONS="$START_OPTIONS --group $SET_GROUP" - PGID=$(grep "^$SET_GROUP:" /etc/group | cut -d: -f3 2> /dev/null) - test -z "$PGID" || MODPROBE_OPTIONS="$MODPROBE_OPTIONS proc_gid=$PGID" test "$DO_DIR_CHOWN" = 1 && chgrp "$SET_GROUP" "$PIDDIR" fi ### -if [ -x /usr/sbin/ngcp-virt-identify ]; then - if /usr/sbin/ngcp-virt-identify --type container; then - VIRT="yes" - fi -fi - case "$1" in start) set +e @@ -165,23 +149,7 @@ case "$1" in ;; esac fi - if [ "$TABLE" -ge 0 ] && [ "$VIRT" != "yes" ]; then - if [ "$MANAGE_IPTABLES" = "yes" ]; then - # shellcheck disable=SC2086 - modprobe xt_RTPENGINE $MODPROBE_OPTIONS - - iptables -N rtpengine 2> /dev/null - iptables -D INPUT -j rtpengine 2> /dev/null - iptables -I INPUT -j rtpengine - iptables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null - iptables -I rtpengine -p udp -j RTPENGINE --id "$TABLE" - ip6tables -N rtpengine 2> /dev/null - ip6tables -D INPUT -j rtpengine 2> /dev/null - ip6tables -I INPUT -j rtpengine - ip6tables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null - ip6tables -I rtpengine -p udp -j RTPENGINE --id "$TABLE" - fi - fi + ngcp-rtpengine-iptables-setup start set -e log_daemon_msg "Starting $DESC" "$NAME" # shellcheck disable=SC2086 @@ -197,17 +165,7 @@ case "$1" in return $? fi set +e - if [ "$TABLE" -ge 0 ] && [ "$VIRT" != "yes" ]; then - sleep 1 - if [ -e /proc/rtpengine/control ]; then - echo "del $TABLE" > /proc/rtpengine/control 2>/dev/null - fi - if [ "$MANAGE_IPTABLES" = "yes" ]; then - iptables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null - ip6tables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null - rmmod xt_RTPENGINE 2>/dev/null - fi - fi + ngcp-rtpengine-iptables-setup stop set -e rm -f $PIDFILE log_end_msg $? diff --git a/debian/ngcp-rtpengine-daemon.install b/debian/ngcp-rtpengine-daemon.install index cdd5be3e2..6d133cf0f 100644 --- a/debian/ngcp-rtpengine-daemon.install +++ b/debian/ngcp-rtpengine-daemon.install @@ -1,2 +1,3 @@ daemon/rtpengine /usr/sbin/ +debian/ngcp-rtpengine-iptables-setup /usr/sbin etc/rtpengine.sample.conf /etc/rtpengine/ diff --git a/debian/ngcp-rtpengine-daemon.service b/debian/ngcp-rtpengine-daemon.service index 2d0cdb8cc..f937f65ec 100644 --- a/debian/ngcp-rtpengine-daemon.service +++ b/debian/ngcp-rtpengine-daemon.service @@ -5,16 +5,12 @@ After=remote-fs.target Requires=network-online.target [Service] -Type=forking -Restart=no -TimeoutSec=5min -IgnoreSIGPIPE=no -KillMode=process -RemainAfterExit=yes -SuccessExitStatus=5 6 -PIDFile=/run/ngcp-rtpengine-daemon.pid -ExecStart=/etc/init.d/ngcp-rtpengine-daemon start -ExecStop=/etc/init.d/ngcp-rtpengine-daemon stop +Type=simple +EnvironmentFile=/etc/default/ngcp-rtpengine-daemon +PIDFile=/var/run/ngcp-rtpengine-daemon.pid +ExecStartPre=/usr/sbin/ngcp-rtpengine-iptables-setup start +ExecStart=/usr/sbin/rtpengine -f -E --pidfile /var/run/ngcp-rtpengine-daemon.pid --config-file /etc/rtpengine/rtpengine.conf --table $TABLE +ExecStopPost=/usr/sbin/ngcp-rtpengine-iptables-setup stop [Install] WantedBy=multi-user.target diff --git a/debian/ngcp-rtpengine-iptables-setup b/debian/ngcp-rtpengine-iptables-setup new file mode 100755 index 000000000..7764b2c13 --- /dev/null +++ b/debian/ngcp-rtpengine-iptables-setup @@ -0,0 +1,100 @@ +#!/bin/sh + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +TABLE=0 +MODNAME=xt_RTPENGINE +MANAGE_IPTABLES=yes + +DEFAULTS=/etc/default/ngcp-rtpengine-daemon + +# Load startup options if available +if [ -f "$DEFAULTS" ]; then + . "$DEFAULTS" || true +fi + +MODPROBE_OPTIONS="" + +# Handle requested setuid/setgid. +if ! test -z "$SET_USER"; then + PUID=$(id -u "$SET_USER" 2> /dev/null) + test -z "$PUID" || MODPROBE_OPTIONS="$MODPROBE_OPTIONS proc_uid=$PUID" + if test -z "$SET_GROUP"; then + PGID=$(id -g "$SET_USER" 2> /dev/null) + test -z "$PGID" || MODPROBE_OPTIONS="$MODPROBE_OPTIONS proc_gid=$PGID" + fi +fi + +if ! test -z "$SET_GROUP"; then + PGID=$(grep "^$SET_GROUP:" /etc/group | cut -d: -f3 2> /dev/null) + test -z "$PGID" || MODPROBE_OPTIONS="$MODPROBE_OPTIONS proc_gid=$PGID" +fi + +### + +if [ -x /usr/sbin/ngcp-virt-identify ]; then + if /usr/sbin/ngcp-virt-identify --type container; then + VIRT="yes" + fi +fi + +firewall_setup() +{ + if [ "$TABLE" -lt 0 ] || [ "$VIRT" = "yes" ]; then + return + fi + + if [ "$MANAGE_IPTABLES" != "yes" ]; then + return + fi + + # shellcheck disable=SC2086 + modprobe $MODNAME $MODPROBE_OPTIONS + + iptables -N rtpengine 2>/dev/null + iptables -D INPUT -j rtpengine 2>/dev/null + iptables -I INPUT -j rtpengine + iptables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null + iptables -I rtpengine -p udp -j RTPENGINE --id "$TABLE" + ip6tables -N rtpengine 2>/dev/null + ip6tables -D INPUT -j rtpengine 2>/dev/null + ip6tables -I INPUT -j rtpengine + ip6tables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null + ip6tables -I rtpengine -p udp -j RTPENGINE --id "$TABLE" +} + +firewall_teardown() +{ + if [ "$TABLE" -lt 0 ] || [ "$VIRT" = "yes" ]; then + return + fi + + # XXX: Wait a bit to make sure the daemon has been stopped. + sleep 1 + + if [ -e /proc/rtpengine/control ]; then + echo "del $TABLE" >/proc/rtpengine/control 2>/dev/null + fi + + if [ "$MANAGE_IPTABLES" != "yes" ]; then + return + fi + + iptables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null + ip6tables -D rtpengine -p udp -j RTPENGINE --id "$TABLE" 2>/dev/null + rmmod $MODNAME 2>/dev/null +} + +case "$1" in + start) + firewall_setup + ;; + stop) + firewall_teardown + ;; + *) + echo "Usage: $0 {start|stop}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/debian/ngcp-rtpengine-recording-daemon.init b/debian/ngcp-rtpengine-recording-daemon.init index 40f1f17ae..4664efdd2 100755 --- a/debian/ngcp-rtpengine-recording-daemon.init +++ b/debian/ngcp-rtpengine-recording-daemon.init @@ -32,7 +32,6 @@ if [ "$RUN_RTPENGINE_RECORDING" != "yes" ]; then exit 0 fi [ -z "$PIDFILE" ] && PIDFILE="/var/run/rtpengine-recording.pid" -[ -z "$NFS_OPTIONS" ] && NFS_OPTIONS="hard,tcp,intr" OPTIONS="" START_OPTIONS="" @@ -83,15 +82,9 @@ case "$1" in fi set -e - log_daemon_msg "Starting $DESC" "$NAME" + ngcp-rtpengine-recording-nfs-setup start - if [ "$MUST_NFS" = yes ]; then - if ! grep -E -q "^[^ :]+:[^ :]+ $NFS_LOCAL_MOUNT nfs.? " /proc/mounts; then - log_progress_msg "Mounting NFS share" - test -d "$NFS_LOCAL_MOUNT" || mkdir -p "$NFS_LOCAL_MOUNT" - mount -t nfs -o "$NFS_OPTIONS" "$NFS_HOST:$NFS_REMOTE_PATH" "$NFS_LOCAL_MOUNT" - fi - fi + log_daemon_msg "Starting $DESC" "$NAME" # shellcheck disable=SC2086 start-stop-daemon --start --quiet --pidfile "$PIDFILE" \ diff --git a/debian/ngcp-rtpengine-recording-daemon.install b/debian/ngcp-rtpengine-recording-daemon.install index 336fa5a6f..ddf5b8d1e 100644 --- a/debian/ngcp-rtpengine-recording-daemon.install +++ b/debian/ngcp-rtpengine-recording-daemon.install @@ -1,2 +1,3 @@ etc/rtpengine-recording.sample.conf /etc/rtpengine/ recording-daemon/rtpengine-recording /usr/sbin/ +debian/ngcp-rtpengine-recording-nfs-setup /usr/sbin/ diff --git a/debian/ngcp-rtpengine-recording-daemon.service b/debian/ngcp-rtpengine-recording-daemon.service index 967989db2..85f3d33f0 100644 --- a/debian/ngcp-rtpengine-recording-daemon.service +++ b/debian/ngcp-rtpengine-recording-daemon.service @@ -5,16 +5,10 @@ After=remote-fs.target Requires=network-online.target [Service] -Type=forking -Restart=no -TimeoutSec=5min -IgnoreSIGPIPE=no -KillMode=process -RemainAfterExit=yes -SuccessExitStatus=5 6 +Type=simple PIDFile=/run/ngcp-rtpengine-recording-daemon.pid -ExecStart=/etc/init.d/ngcp-rtpengine-recording-daemon start -ExecStop=/etc/init.d/ngcp-rtpengine-recording-daemon stop +ExecStartPre=/usr/sbin/ngcp-rtpengine-recording-nfs-setup start +ExecStart=/usr/sbin/rtpengine-recording -f -E --pidfile /run/ngcp-rtpengine-recording-daemon.pid --config-file /etc/rtpengine/rtpengine-recording.conf [Install] WantedBy=multi-user.target diff --git a/debian/ngcp-rtpengine-recording-nfs-setup b/debian/ngcp-rtpengine-recording-nfs-setup new file mode 100755 index 000000000..4b70ef0de --- /dev/null +++ b/debian/ngcp-rtpengine-recording-nfs-setup @@ -0,0 +1,37 @@ +#!/bin/sh + +set -e + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DEFAULTS=/etc/default/ngcp-rtpengine-recording-daemon + +. /lib/lsb/init-functions + +# Load startup options if available +if [ -f "$DEFAULTS" ]; then + . "$DEFAULTS" || true +fi + +[ -z "$NFS_OPTIONS" ] && NFS_OPTIONS="hard,tcp,intr" + +### + +case "$1" in + start) + if [ "$MUST_NFS" = yes ]; then + if ! grep -E -q "^[^ :]+:[^ :]+ $NFS_LOCAL_MOUNT nfs.? " /proc/mounts; then + log_action_msg "Mounting NFS share" + test -d "$NFS_LOCAL_MOUNT" || mkdir -p "$NFS_LOCAL_MOUNT" + mount -t nfs -o "$NFS_OPTIONS" "$NFS_HOST:$NFS_REMOTE_PATH" "$NFS_LOCAL_MOUNT" + fi + fi + ;; + stop) + ;; + *) + echo "Usage: $0 {start|stop}" >&2 + exit 1 + ;; +esac + +exit 0