Bug #7807
closedRestarting services via systemctl fails
Description
See this output for example:
rudder info: Executing 'no timeout' ... '/bin/systemctl restart rudder-slapd.service' notice: Q: ".../systemctl rest": Failed to open /dev/tty: No such device or address Q: ".../systemctl rest": Failed to open /dev/tty: No such device or address rudder info: Last 2 quoted lines were generated by promiser '/bin/systemctl restart rudder-slapd.service' rudder info: Completed execution of '/bin/systemctl restart rudder-slapd.service'
The worst part is that systemctl happily returns "0" as a successful return code, even though it doesn't actually restart the service.
This is exactly the same as bug https://dev.cfengine.com/issues/5840 at CFEngine. The reason is that CFEngine commands are run in a new SID, which doesn't have access to /dev/tty, and systemctl requires it. A workaround, from that CFEngine bug, is to run the command with a body containing "no_output => true". This obviously has the side effect of suppressing any output.
I don't 100% understand why this workaround works, so I think we should study the CFEngine source code around it to understand what this is triggering, before blindly using it.
Updated by Jonathan CLARKE almost 9 years ago
Jonathan CLARKE wrote:
A workaround, from that CFEngine bug, is to run the command with a body containing "no_output => true". This obviously has the side effect of suppressing any output.
I don't 100% understand why this workaround works, so I think we should study the CFEngine source code around it to understand what this is triggering, before blindly using it.
I checked how this option works, and all it does is prevent cf-agent from printing the output from a command to cf-agent's stdout (prefixed with "Q:"). It does not seem risky to use it.
However, using it by default, when not needed, would make debugging a lot harder - because programs often explain why they are not working on their std{err,out} - so we should not do that.
I will patch the service_action bundle to run a specific commands: promise, using the no_output option.
Updated by Jonathan CLARKE almost 9 years ago
- Status changed from New to In progress
- Assignee set to Jonathan CLARKE
Updated by Jonathan CLARKE almost 9 years ago
- Status changed from In progress to Pending technical review
- Assignee changed from Jonathan CLARKE to Benoît PECCATTE
- Pull Request set to https://github.com/Normation/ncf/pull/309
Updated by Jonathan CLARKE almost 9 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset ee05a48da4d43f237a09281c2cba1733869a6806.
Updated by Vincent MEMBRÉ over 8 years ago
- Status changed from Pending release to Released
Updated by Alexis Mousset over 2 years ago
- Target version changed from 0.x to ncf-0.x
- Priority set to 0
Updated by Alexis Mousset over 2 years ago
- Project changed from 41 to Rudder
- Category set to Generic methods