diff mbox series

[ovs-dev,2/2] rhel: Fix systemd monitoring wrong pid for ovs-monitor-ipsec.

Message ID 20250110165226.4167289-3-i.maximets@ovn.org
State Superseded
Headers show
Series Fixes for ipsec support with ovs-ctl and systemd units. | expand

Checks

Context Check Description
ovsrobot/apply-robot success apply and check: success
ovsrobot/github-robot-_Build_and_Test success github build: passed

Commit Message

Ilya Maximets Jan. 10, 2025, 4:52 p.m. UTC
Other services are running without monitors, so systemd can properly
track the pid.  But ovs-monitor-ipsec is running with a monitor, so
there is one more fork and systemd complains about the pid file:

  systemd[1]: openvswitch-ipsec.service: Supervising process 1037185
              which is not our child. We'll most likely not notice
              when it exits.

This is also causing some spurious kills sent to the child on service
stop.

Fix by running ovs-monitor-ipsec without a monitor as all other OVS
services.

We can't use start_daemon, that would take care of this, because the
script is not on the PATH and we don't want to accidentally change
permissions for OVS directories (ipsec runs as root), but we can mimic
the behavior.

Fixes: f385abded520 ("rhel: Use PIDFile on forking systemd service files")
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
---
 rhel/usr_lib_systemd_system_openvswitch-ipsec.service | 2 +-
 utilities/ovs-ctl.in                                  | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
index b508d21dc..a633563b2 100644
--- a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
+++ b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service
@@ -10,7 +10,7 @@  EnvironmentFile=/etc/openvswitch/default.conf
 EnvironmentFile=-/etc/sysconfig/openvswitch
 EnvironmentFile=-/run/openvswitch.useropts
 
-ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
+ExecStart=/usr/share/openvswitch/scripts/ovs-ctl --no-monitor \
                     --ike-daemon=libreswan start-ovs-ipsec $OPTIONS
 ExecStop=/usr/share/openvswitch/scripts/ovs-ctl stop-ovs-ipsec
 
diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in
index 5b1c24b5a..03a39337f 100644
--- a/utilities/ovs-ctl.in
+++ b/utilities/ovs-ctl.in
@@ -245,7 +245,8 @@  start_ovs_ipsec () {
     set ${datadir}/scripts/ovs-monitor-ipsec unix:"$DB_SOCK"
     set "$@" --log-file=${logdir}/ovs-monitor-ipsec.log
     set "$@" --pidfile=${rundir}/ovs-monitor-ipsec.pid
-    set "$@" --detach --monitor
+    set "$@" --detach
+    test X"$MONITOR" = Xno || set "$@" --monitor
     set "$@" --ike-daemon=$IKE_DAEMON
     if test X$RESTART_IKE_DAEMON = Xno; then
         set "$@" --no-restart-ike-daemon