poise-service 1.0.2 → 1.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f3fc72bef39422fae1951da15292b19f8197a71b
-  data.tar.gz: 2aa9c8a1eb8d6808b0e591ff8a2aabfdc3360ad3
+  metadata.gz: 9083e6c7faa81f26cb75ba512932747ca7d78505
+  data.tar.gz: 1cf6379abe8c39cafb38b7d7b5812db1fa24c9d4
 SHA512:
-  metadata.gz: 84418165ab96792da66819398e11360890259d764e2f9ecfe93ac1ce85d9e0b176d44b66e3a20cb66da20f1a6f40535910e864f83e26eec76f60f037a1f7c510
-  data.tar.gz: e4aea2a2c486514982693e15d3d3e1d8e5d71bebce16366c45587e3fc9cbb374d95d13b8d61e26495cd34b3339de41a13f8dbaccc9ab15e1e9951577fd9a5345
+  metadata.gz: 475915c90a841a1f8ebadfbf48074440dc2b202a0902c8b50cd362bf2dd523feec27f60d010d9fdc46d6b60079343b53b4d56aa3f96243c1d4c7806c644f370e
+  data.tar.gz: 8ee09393fc20251559c2c275e7bc7cb56b12dc0d091e85ec66c7f6983f263c9a4490a9c888a1b856dfe7b56e54247846f85565d7ef0d23bd47a6afbd88ce2995

data/.kitchen.yml

@@ -1,6 +1,6 @@
 ---
 #<% require 'poise_boiler' %>
-<%= PoiseBoiler.kitchen(platforms: 'linux') %>
+<%= PoiseBoiler.kitchen(platforms: %w{linux centos-5}) %>
 
 suites:
 - name: default

data/CHANGELOG.md

@@ -1,6 +1,13 @@
-# Changelog
+# Poise-Service Changelog
+
+## v1.0.3
+
+* [#10](https://github.com/poise/poise-service/pull/10) Fixes for ensuring services are restarted when their command or user changes.
+* [#11](https://github.com/poise/poise-service/pull/11) Revamp the `sysvinit` provider for non-Debian platforms to be more stable.
+* [#12](https://github.com/poise/poise-service/pull/12) Improve the `dummy` provider to handle dropping privs correctly.
 
 ## v1.0.2
+
 * Fix a potential infinite loop when starting a service with the dummy provider.
 * [#2](https://github.com/poise/poise-service/pull/2) Remove usage of root
   default files so uploading with Berkshelf works (for now).

data/README.md

@@ -315,6 +315,7 @@ end
 * `user` – Override the service user.
 * `never_restart` – Never try to restart the service.
 * `never_reload` – Never try to reload the service.
+* `auto_reload` – Run `systemctl daemon-reload` after changes to the unit file. *(default: true)*
 
 ## ServiceMixin
 

data/chef/templates/default/dummy.json.erb

@@ -0,0 +1,7 @@
+<%= {command: @command,
+     directory: @directory,
+     environment: @environment,
+     name: @name,
+     reload_signal: @reload_signal,
+     stop_signal: @stop_signal,
+     user: @user}.to_json %>

data/chef/templates/default/sysvinit.sh.erb

@@ -11,10 +11,6 @@
 # Description: Init script for <%= @name %>
 ### END INIT INFO
 
-<%- @environment.each do |key, val| -%>
-export <%= key %>="<%= val %>"
-<%- end -%>
-
 <%- if @platform_family == 'debian' -%>
 . /lib/lsb/init-functions
 
@@ -37,32 +33,42 @@ _reload() {
   start-stop-daemon --stop --quiet --pidfile "<%= @pid_file %>" --user "<%= @user %>" --signal "<%= @reload_signal %>"
 }
 
-<%- elsif @platform_family == 'rhel' -%>
-. /etc/rc.d/init.d/functions
-
-_pid () {
-  pidof -s -o $$ -o $PPID -o %PPID -x "$1" || pidof -s -o $$ -o $PPID -o %PPID -x "${1##*/}"
-}
-
+<%- else -%>
 _start() {
-  ( cd "<%= @directory %>" && daemon --user "<%= @user %>" --pidfile "<%= @pid_file %>" "<%= @daemon %> <%= @daemon_options %>" >/dev/null 2>&1 ) &
-<%- unless @pid_file_external -%>
-  sleep 1 # Give it some time to start before checking for a pid
-  _pid "<%= @daemon %>" > "<%= @pid_file %>" || return 3
-<%- end -%>
-  return 0 # ¯\_(ツ)_/¯
+  <%# Implementing this using RedHat's bash helpers is too painful. Sorry. %>
+  <%# See dummy.rb for a more commented version of this code. %>
+  /opt/chef/embedded/bin/ruby <<EOH
+pid_file = <%= @pid_file.inspect %>
+File.unlink(pid_file) if File.exist?(pid_file)
+if Process.fork
+  sleep(1) until File.exist?(pid_file)
+else
+  Process.daemon(true)
+  Dir.chdir(<%= @directory.inspect %>)
+  <%- unless @pid_file_external -%>
+  IO.write(pid_file, Process.pid)
+  <%- end -%>
+  Process::UID.change_privilege(<%= @user.inspect %>)
+  Kernel.exec(*<%= Shellwords.split(@command).inspect %>)
+  exit!
+end
+EOH
 }
 
 _stop() {
   if [ -r "<%= @pid_file %>" ]; then
     kill -<%= @stop_signal%> "$(cat "<%= @pid_file %>")"
   else
-    killproc "<%= @daemon %>" -<%= @stop_signal%> >/dev/null
+    return 0
   fi
 }
 
 _status() {
-  status -p "<%= @pid_file %>" "<%= @daemon %>"
+  if [ -r "<%= @pid_file %>" ]; then
+    kill -0 "$(cat "<%= @pid_file %>")"
+  else
+    return 1
+  fi
 }
 
 _reload() {
@@ -73,7 +79,7 @@ _reload() {
   fi
 }
 
-<%- # Some functions to match LSB because RHEL doesn't (╯°□°）╯︵ ┻━┻ -%>
+<%# Some functions to match LSB %>
 
 log_daemon_msg() {
   echo -n "$1"
@@ -93,13 +99,11 @@ log_failure_msg() {
 
 log_end_msg() {
   if [ "$1" = 0 ]; then
-    success
+    echo " [  OK  ]"
   else
-    failure
+    echo " [FAILED]"
   fi
 }
-<%- else -%>
-<%- raise "Platform family #{@platform_family} is not supported" -%>
 <%- end -%>
 
 set -e
@@ -124,6 +128,9 @@ start() {
   fi
 }
 
+<%- @environment.each do |key, val| -%>
+export <%= key %>="<%= val %>"
+<%- end -%>
 export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
 
 case "$1" in

data/chef/templates/default/upstart.conf.erb

@@ -25,7 +25,7 @@ reload signal <%= @reload_signal %>
 <%- if @upstart_features[:setuid] -%>
 exec <%= @command %>
 <%- else -%>
-exec /opt/chef/embedded/bin/ruby -e 'Process.uid = "<%= @user %>"; ENV["HOME"] = Dir.home("<%= @user %>") rescue nil; exec(*<%= Shellwords.split(@command).inspect %>)'
+exec /opt/chef/embedded/bin/ruby -e 'Process::UID.change_privilege("<%= @user %>"); ENV["HOME"] = Dir.home("<%= @user %>") rescue nil; exec(*<%= Shellwords.split(@command).inspect %>)'
 <%- end -%>
 <%- if !@upstart_features[:kill_signal] && @stop_signal != 'TERM' -%>
 pre-stop script

data/lib/poise_service/resources/poise_service_test.rb

@@ -187,12 +187,26 @@ EOH
             end
           end
 
+          # Test the #pid accessor.
           ruby_block "/tmp/poise_test_#{new_resource.name}_pid" do
             block do
               pid = resources("poise_service[poise_test_#{new_resource.name}]").pid
               IO.write("/tmp/poise_test_#{new_resource.name}_pid", pid.to_s)
             end
           end
+
+          # Test changing the service definition itself.
+          poise_service "poise_test_#{new_resource.name}_change" do
+            provider new_resource.service_provider if new_resource.service_provider
+            command "/usr/bin/poise_test #{new_resource.base_port + 5}"
+          end
+
+          poise_service "poise_test_#{new_resource.name}_change_second" do
+            service_name "poise_test_#{new_resource.name}_change"
+            provider new_resource.service_provider if new_resource.service_provider
+            command "/usr/bin/poise_test #{new_resource.base_port + 6}"
+          end
+
         end
       end
     end

data/lib/poise_service/service_providers/dummy.rb

@@ -14,6 +14,8 @@
 # limitations under the License.
 #
 
+require 'shellwords'
+
 require 'poise_service/service_providers/base'
 
 
@@ -29,9 +31,16 @@ module PoiseService
         ::File.unlink(pid_file) if ::File.exist?(pid_file)
         if Process.fork
           # Parent, wait for the final child to write the pid file.
+          now = Time.now
           until ::File.exist?(pid_file)
             sleep(1)
-            Chef::Log.debug("[#{new_resource}] Waiting for PID file")
+            # After 30 seconds, show output at a higher level to avoid too much
+            # confusing on failed process launches.
+            if Time.now - now <= 30
+              Chef::Log.debug("[#{new_resource}] Waiting for PID file")
+            else
+              Chef::Log.warning("[#{new_resource}] Waiting for PID file at #{pid_file} to be created")
+            end
           end
         else
           # :nocov:
@@ -42,14 +51,17 @@ module PoiseService
           # Daemonized, set up process environment.
           Dir.chdir(new_resource.directory)
           Chef::Log.debug("[#{new_resource}] Directory changed to #{new_resource.directory}")
+          ENV['HOME'] = Dir.home(new_resource.user)
           new_resource.environment.each do |key, val|
             ENV[key.to_s] = val.to_s
           end
-          Process.uid = new_resource.user
           Chef::Log.debug("[#{new_resource}] Process environment configured")
           IO.write(pid_file, Process.pid)
-          Chef::Log.debug("[#{new_resource}] PID written to #{pid_file}, execing #{new_resource.command}")
-          Kernel.exec(new_resource.command)
+          Chef::Log.debug("[#{new_resource}] PID written to #{pid_file}, dropping privs and execing")
+          Process::UID.change_privilege(new_resource.user)
+          # Split the command so we don't get an extra sh -c.
+          Chef::Log.debug("[#{new_resource}] Execing #{new_resource.command}")
+          Kernel.exec(*Shellwords.split(new_resource.command))
           # Just in case, bail out.
           exit!
           # :nocov:
@@ -94,15 +106,34 @@ module PoiseService
       def enable_service
       end
 
+      # Write all major service parameters to a file so that if they change, we
+      # can restart the service. This also makes debuggin a bit easier so you
+      # can still see what it thinks it was starting without sifting through
+      # piles of debug output.
       def create_service
+        service_template(run_file, 'dummy.json.erb')
       end
 
       def disable_service
       end
 
+      # Delete the tracking file.
       def destroy_service
+        file run_file do
+          action :delete
+        end
+
+        file pid_file do
+          action :delete
+        end
+      end
+
+      # Path to the run parameters tracking file.
+      def run_file
+        "/var/run/#{new_resource.service_name}.json"
       end
 
+      # Path to the PID file.
       def pid_file
         "/var/run/#{new_resource.service_name}.pid"
       end

data/lib/poise_service/service_providers/systemd.rb

@@ -25,12 +25,21 @@ module PoiseService
       include Chef::Mixin::ShellOut
       provides(:systemd)
 
+      # @api private
       def self.provides_auto?(node, resource)
         # Don't allow systemd under docker, it won't work in most cases.
         return false if node['virtualization'] && %w{docker lxc}.include?(node['virtualization']['system'])
         service_resource_hints.include?(:systemd)
       end
 
+      # @api private
+      def self.default_inversion_options(node, resource)
+        super.merge({
+          # Automatically reload systemd on changes.
+          auto_reload: true,
+        })
+      end
+
       def pid
         cmd = shell_out(%w{systemctl status} + [new_resource.service_name])
         if !cmd.error? && cmd.stdout.include?('Active: active (running)') && md = cmd.stdout.match(/Main PID: (\d+)/)
@@ -48,8 +57,19 @@ module PoiseService
         end
       end
 
+      def systemctl_daemon_reload
+        execute 'systemctl daemon-reload' do
+          action :nothing
+          user 'root'
+        end
+      end
+
       def create_service
-        service_template("/etc/systemd/system/#{new_resource.service_name}.service", 'systemd.service.erb')
+        reloader = systemctl_daemon_reload
+        service_template("/etc/systemd/system/#{new_resource.service_name}.service", 'systemd.service.erb') do
+          notifies :run, reloader, :immediately if options['auto_reload']
+          variables.update(auto_reload: options['auto_reload'])
+        end
       end
 
       def destroy_service

data/lib/poise_service/service_providers/upstart.rb

@@ -35,6 +35,17 @@ module PoiseService
         service_resource_hints.include?(:upstart)
       end
 
+      # True restart in Upstart preserves the original config data, we want the
+      # more obvious behavior like everything else in the world that restart
+      # would re-read the updated config file. Use stop+start to get this
+      # behavior. http://manpages.ubuntu.com/manpages/raring/man8/initctl.8.html
+      def action_restart
+        return if options['never_restart']
+        action_stop
+        action_start
+      end
+
+      # Shim out reload if we have a version that predates reload support.
       def action_reload
         return if options['never_reload']
         if !upstart_features[:reload_signal] && new_resource.reload_signal != 'HUP'

data/lib/poise_service/version.rb

@@ -16,5 +16,5 @@
 
 
 module PoiseService
-  VERSION = '1.0.2'
+  VERSION = '1.0.3'
 end

data/test/cookbooks/poise-service_test/recipes/default.rb

@@ -37,9 +37,13 @@ else
     base_port 6000
   end
 
-  poise_service_test 'upstart' do
-    service_provider :upstart
-    base_port 7000
+  if node['platform_family'] == 'rhel' && node['platform_version'].start_with?('5')
+    file '/no_upstart'
+  else
+    poise_service_test 'upstart' do
+      service_provider :upstart
+      base_port 7000
+    end
   end
 end
 

data/test/spec/service_providers/sysvinit_spec.rb

@@ -54,9 +54,10 @@ EOH
     let(:chefspec_options) { { platform: 'centos', version: '7.0'} }
 
     it { is_expected.to render_file('/etc/init.d/test').with_content(<<-EOH) }
-  ( cd "/" && daemon --user "root" --pidfile "/var/run/test.pid" "myapp --serve" >/dev/null 2>&1 ) &
-  sleep 1 # Give it some time to start before checking for a pid
-  _pid "myapp" > "/var/run/test.pid" || return 3
+  Dir.chdir("/")
+  IO.write(pid_file, Process.pid)
+  Process::UID.change_privilege("root")
+  Kernel.exec(*["myapp", "--serve"])
 EOH
 
     context 'with an external PID file' do
@@ -66,7 +67,9 @@ EOH
       end
 
       it { is_expected.to render_file('/etc/init.d/test').with_content(<<-EOH) }
-  ( cd "/" && daemon --user "root" --pidfile "/tmp/pid" "myapp --serve" >/dev/null 2>&1 ) &
+  Dir.chdir("/")
+  Process::UID.change_privilege("root")
+  Kernel.exec(*["myapp", "--serve"])
 EOH
     end # /context with an external PID file
   end # /context on CentOS

data/test/spec/service_providers/upstart_spec.rb

@@ -45,7 +45,7 @@ respawn limit 10 5
 umask 022
 chdir /
 
-exec /opt/chef/embedded/bin/ruby -e 'Process.uid = "root"; ENV["HOME"] = Dir.home("root") rescue nil; exec(*["myapp", "--serve"])'
+exec /opt/chef/embedded/bin/ruby -e 'Process::UID.change_privilege("root"); ENV["HOME"] = Dir.home("root") rescue nil; exec(*["myapp", "--serve"])'
 EOH
 
       context 'with a stop signal' do
@@ -69,7 +69,7 @@ respawn limit 10 5
 umask 022
 chdir /
 
-exec /opt/chef/embedded/bin/ruby -e 'Process.uid = "root"; ENV["HOME"] = Dir.home("root") rescue nil; exec(*["myapp", "--serve"])'
+exec /opt/chef/embedded/bin/ruby -e 'Process::UID.change_privilege("root"); ENV["HOME"] = Dir.home("root") rescue nil; exec(*["myapp", "--serve"])'
 pre-stop script
   PID=`initctl status test | sed 's/^.*process \\([0-9]*\\)$/\\1/'`
   if [ -n "$PID" ]; then

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: poise-service
 version: !ruby/object:Gem::Version
-  version: 1.0.2
+  version: 1.0.3
 platform: ruby
 authors:
 - Noah Kantrowitz
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-09-17 00:00:00.000000000 Z
+date: 2015-12-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: halite
@@ -85,6 +85,7 @@ files:
 - README.md
 - Rakefile
 - chef/attributes/default.rb
+- chef/templates/default/dummy.json.erb
 - chef/templates/default/systemd.service.erb
 - chef/templates/default/sysvinit.sh.erb
 - chef/templates/default/upstart.conf.erb