From owner-svn-ports-all@freebsd.org Sat Apr 4 15:41:56 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 34554278042; Sat, 4 Apr 2020 15:41:56 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48vgyq1jVPz3xv1; Sat, 4 Apr 2020 15:41:54 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 75F3523922; Sat, 4 Apr 2020 15:41:27 +0000 (UTC) (envelope-from mandree@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 034FfRAX057051; Sat, 4 Apr 2020 15:41:27 GMT (envelope-from mandree@FreeBSD.org) Received: (from mandree@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 034FfRqs057049; Sat, 4 Apr 2020 15:41:27 GMT (envelope-from mandree@FreeBSD.org) Message-Id: <202004041541.034FfRqs057049@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mandree set sender to mandree@FreeBSD.org using -f From: Matthias Andree Date: Sat, 4 Apr 2020 15:41:27 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r530685 - in head/net-mgmt/netdata: . files X-SVN-Group: ports-head X-SVN-Commit-Author: mandree X-SVN-Commit-Paths: in head/net-mgmt/netdata: . files X-SVN-Commit-Revision: 530685 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Apr 2020 15:41:56 -0000 Author: mandree Date: Sat Apr 4 15:41:26 2020 New Revision: 530685 URL: https://svnweb.freebsd.org/changeset/ports/530685 Log: net-mgmt/netdata rc script overhaul, fix termination, user config This script overhaul does the following: - Read "run as user" from the netdata configuration file, and use that to override the default user "netdata", in case it is not set in /etc/rc.conf* and friends. - Kill all children of the PID in the netdata_pid file, too, because 1.20.0 would leave some plugin processing lingering. - Timeout the termination after (configurable) 30 seconds and issue SIGKILL - Cleanup the netdata_pid file after stop, so that a subsequent start with a less privileged user (say, start as root, stop, start as netdata) will work properly. - Document all variables, including the all-new netdata_stop_maxwait, in the header of the script. - Quote parameter expansions where appropriate. PR: 235006 Reported by: Dries Michiels Reviewed by: Dries Michiels Approved by: maintainer timeout (mmohki@, ~ 1 year) Modified: head/net-mgmt/netdata/Makefile head/net-mgmt/netdata/files/netdata.in Modified: head/net-mgmt/netdata/Makefile ============================================================================== --- head/net-mgmt/netdata/Makefile Sat Apr 4 15:37:31 2020 (r530684) +++ head/net-mgmt/netdata/Makefile Sat Apr 4 15:41:26 2020 (r530685) @@ -3,7 +3,7 @@ PORTNAME= netdata PORTVERSION= 1.20.0 -PORTREVISION= 1 +PORTREVISION= 2 DISTVERSIONPREFIX= v CATEGORIES= net-mgmt Modified: head/net-mgmt/netdata/files/netdata.in ============================================================================== --- head/net-mgmt/netdata/files/netdata.in Sat Apr 4 15:37:31 2020 (r530684) +++ head/net-mgmt/netdata/files/netdata.in Sat Apr 4 15:41:26 2020 (r530685) @@ -13,24 +13,111 @@ # Set it to "YES" to enable netdata. # netdata_args (str): Custom additional arguments to be passed # to netdata (default empty). +# netdata_conf (str): Custom configuration file for netdata +# (default: %%ETCDIR%%/netdata.conf) +# netdata_user (str): Custom user to run netdata as +# (default: read from netdata_conf if +# it is set there, or "netdata") +# netdata_stop_maxwait (int): Maximum time to wait for termination on stop +# before resorting to SIGKILL to stop netdata. # +# Written 2017 - 2019 Mahdi Mokhtari (mmokhi@) +# Written 2020 Matthias Andree (mandree@) with support by Dries Michiels + . /etc/rc.subr name="netdata" rcvar=netdata_enable +SED=/usr/bin/sed +TR=/usr/bin/tr load_rc_config $name : ${netdata_enable="NO"} -: ${netdata_user="netdata"} +: ${netdata_conf="%%ETCDIR%%/${name}.conf"} : ${netdata_pid="%%NETDATA_PERST%%/${name}.pid"} +: # netdata_user set below, it may also be pulled from the netdata_conf file +: ${netdata_stop_maxwait=30} +# read netdata_conf and print the "run as user =" RHS, or print nothing if unset +# +# only permits ASCII letters, digits, dash, underscore - does not permit +# backtick, curly braces, angle brackets, backslash although passwd(5) would +# permit these. +get_user_from_conf() { + $SED -n '/^\[global\]/,/^\[/{s/^[[:space:]]*run as user.*=[[:space:]]*\(.*\)[[:space:]]*$/\1/p;}' "${netdata_conf}" \ + | $TR -c -d 'a-zA-Z0-9_-' +} + +# check if the rc.conf* file set and netdata_conf agree on the name to run the bundle as +check_user_consistency() { + cfusr=$(get_user_from_conf) + if [ -z "$cfusr" -o "$cfusr" = "${netdata_user}" ] ; then return 0 ; fi + echo >&2 "$0: ERROR: ${netdata_conf} sets 'run as user = $cfusr', but rc.conf* sets '${netdata_user}'. Both must be consistent." + return 1 +} + +# this is more or less a copy of /etc/rc.subr from 12.1-RELEASE +# around Early April 2020, but with a timeout, killing children, +# and SIGKILL added because sometimes netdata hangs. +stop_cmd() { + rc_pid=$(check_pidfile "${netdata_pid}" "${procname}") + if [ -z "$rc_pid" ] ; then + [ -n "$fc_fast" ] && return 0 + _run_rc_notrunning + return 1 + fi + _prefix= + slave_pids=$(pgrep -P $rc_pid) + echo "Stopping ${name}." + _list="$rc_pid $slave_pids" + kill -TERM $_list + wtim=0 + while :; do + _nlist= + for _j in $_list ; do + if kill -0 $_j 2>/dev/null ; then + _nlist="$_nlist $_j" + [ -n "$_prefix" ] && sleep 1 + fi + done + if [ -z "$_nlist" ] ; then + break + fi + _list=$_nlist + echo -n ${_prefix:-"Waiting for PIDS: "}$_list + _prefix=", " + pwait -t 2 $_list 2>/dev/null + wtim=$(($wtim + 3)) + if [ $wtim -gt ${netdata_stop_maxwait} ] ; then + echo -n "${_prefix}SIGKILL $_list" + kill -KILL $_list + break + fi + done + [ -n "$_prefix" ] && echo . +} + +stop_postcmd() { + rm -f "${netdata_pid}" +} + +# obtain default user, first from configuration, or default to "netdata" + _netdata_user_default=$(get_user_from_conf) +: ${_netdata_user_default:="netdata"} +# and then, if rc.conf* don't set it, use the default +: ${netdata_user="${_netdata_user_default}"} + procname="%%PREFIX%%/sbin/${name}" command="/usr/sbin/daemon" -command_args="-c -f ${procname} -u ${netdata_user} -P ${netdata_pid} ${netdata_args}" +command_args="-c -f \"${procname}\" -u \"${netdata_user}\" -P \"${netdata_pid}\" ${netdata_args}" -required_files="%%ETCDIR%%/${name}.conf" +required_files="${netdata_conf}" -run_rc_command "$1" +start_precmd=check_user_consistency +stop_cmd=stop_cmd +stop_postcmd=stop_postcmd # netdata always leaves its pid file behind. + +run_rc_command "$1"