CFE-3982: Random process killing #5362
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The `cfengine3.service` has `Wants` on all our services which ensures they are started when the `cfengine3.service` starts. If an individual service is enabled with `systemctl enable`, it should only be added to the respective systemd target in which it should start.
This was referenced Nov 7, 2023
|
@cf-bottom jenkins, please |
vpodzime
force-pushed
the
master-blind_shooting
branch
from
a329134 to
26eb4af
Compare
vpodzime
force-pushed
the
master-blind_shooting
branch
from
26eb4af to
a04d5ba
Compare
|
Sure, I triggered a build: Jenkins: https://ci.cfengine.com/job/pr-pipeline/10028/ Packages: http://buildcache.cfengine.com/packages/testing-pr/jenkins-pr-pipeline-10028/ |
|
@vpodzime We have systemd units mirrored in Masterfiles: cfengine/masterfiles#2760 |
Thanks! |
olehermanse
previously approved these changes
Nov 7, 2023
nickanderson
added a commit
to nickanderson/masterfiles
that referenced
this pull request
Nov 7, 2023
WantedBy=cfengine3.service was removed from systemd service templates for individual components. It was un-necessary as cfengine3.service already wants the individual services. cfengine/core#5362 Ticket: CFE-3982 Changelog: commit
Instead of requiring that the file name ends with e.g. "cf_lock.lmdb", just check if the file name contains the string. This ensures that files like `cf_lock.lmdb.backup` match as well. And if someone renames their `cf_lastseen.lmdb` to `cf_lock.lmdb_cf_lastseen.lmdb` or something similar, it's not our fault they get wrong output.
This function totally doesn't do what its name says. It only
checks if the DB was modified in the current boot and if not, it
restores it from the latest backup. Which is done and the end of
every agent run. So this function effectively reverts the locks
DB to the state of the last agent run on every boot dropping
significant data like daemon locks.
Ticket: CFE-3982
Changelog: cf_lock.lmdb is no longer restored from backup on
every boot
It's no longer being used in locks.c, but it can potentially be useful for being called explicitly. After all, it's a complementary function to BackupLockDatabase() which is also non-static. Ticket: CFE-3982 Changelog: None
If a non CFEngine process has a matching PID and start time, we shouldn't try to kill it because it's practically impossible that it is a real holder of one of our locks in cf_lock.lmdb. Most likely it's an unfortunate process that ended up with the matching PID and start time after a reboot. Ticket: CFE-3982 Changelog: Only CFEngine processes are now killed as expired lock owners Co-authored-by: Benoît Peccatte <[email protected]>
vpodzime
force-pushed
the
master-blind_shooting
branch
from
a04d5ba to
6234c8c
Compare
larsewi
approved these changes
Nov 8, 2023
|
@cf-bottom jenkins, please |
|
Sure, I triggered a build: Jenkins: https://ci.cfengine.com/job/pr-pipeline/10033/ Packages: http://buildcache.cfengine.com/packages/testing-pr/jenkins-pr-pipeline-10033/ |
vpodzime
pushed a commit
to vpodzime/masterfiles
that referenced
this pull request
Nov 8, 2023
WantedBy=cfengine3.service was removed from systemd service templates for individual components. It was un-necessary as cfengine3.service already wants the individual services. cfengine/core#5362 Ticket: CFE-3982 Changelog: commit (cherry picked from commit 4e490e7)
vpodzime
pushed a commit
to vpodzime/masterfiles
that referenced
this pull request
Nov 8, 2023
WantedBy=cfengine3.service was removed from systemd service templates for individual components. It was un-necessary as cfengine3.service already wants the individual services. cfengine/core#5362 Ticket: CFE-3982 Changelog: commit (cherry picked from commit 4e490e7)
This was referenced Nov 8, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merge together:
#5362
cfengine/buildscripts#1332
cfengine/masterfiles#2760