Bug 1870638
| Summary: | RFE: Add an option to Socket units to clear the data before listening again | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Renaud Métrich <rmetrich> |
| Component: | systemd | Assignee: | David Tardon <dtardon> |
| Status: | CLOSED ERRATA | QA Contact: | Frantisek Sumsal <fsumsal> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.2 | CC: | bwelterl, dtardon, jamacku, systemd-maint-list, systemd-maint |
| Target Milestone: | rc | Keywords: | FutureFeature |
| Target Release: | 8.0 | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | systemd-239-42.el8 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 14:53:56 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
fix merged to github master branch -> https://github.com/systemd-rhel/rhel-8/pull/125 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: systemd security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1611 |
Description of problem: A customer would like to have a new option ("ClearSocket") to Socket units that would let systemd clear the content of the socket prior to listening again. This would be useful for sockets that have Accept=no and let the service handle the socket. Upon service stopping or dying, the customer would like that any pending data or connection get cleared, which would avoid systemd from starting the service again immediately. ClearSocket - when set to true, the setting ensures the socket's buffers are cleared when a service fails or is stopped. The setting is applicable to services that perform their own accept(). Enabling the parameter may be a useful way to prevent restarting an Accept=false type of a service that failed before accepting socket contents, which could lead to a restart loop. While systemd's default behaviour is to expect the application to accept the data, there may be circumstances when a failure of the application controlled by the service needs to involve a reset of the socket's buffer to suppress a restart due to unconsumed socket contents. As the socket buffer is cleared, the socket is returned to the initial listening state, so new data arriving in the socket may yet again trigger the service. With ClearSocket=true is guaranteed it will not be the former contents of the buffer that started the earlier instance of the service that had failed or been stopped by the user. Defaults to false, i.e. socket's contents are not cleared following a service's spontaneous failure or a offlining. Version-Release number of selected component (if applicable): systemd-239 and later Additional info: To enable this functionality with current implementation, a solution already exists with playing with the service unit definition, but this leads to error messages in the journal, which may be confusing. The solution consists in stopping the socket from listening in ExecStopPost of the service unit, making sure the service always fails in ExecStopPost and using "OnFailure" to start the socket again, as shown below: -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- [Unit] OnFailure=<myservice>.socket [Service] ... ExecStopPost=/bin/bash -c '/bin/echo "Stopping socket listener"; /bin/systemctl stop <myservice>.socket' ExecStopPost=/bin/false -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< -------- With this in place, upon service stopping/dying, the socket will be stopped then immediately restarted (thanks to OnFailure).