Project

General

Profile

Feature #2785

graceful restart with SIGUSR1

Added by gstrauss 4 months ago. Updated 3 months ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
core
Target version:
Start date:
2017-01-24
Due date:
% Done:

100%

Missing in 1.5.x:

Description

lighttpd should perform a graceful restart when SIGUSR1 is received; process id (pid) should not change

Limitations include (but might not be limited to) not working if lighttpd chroots (since config files and modules may not be present), and not being able to bind to new sockets on privileged ports requiring root privileges (if lighttpd has dropped privileges).


Related issues

Related to Bug #2782: init scripts outdated, should be removed Fixed 2017-01-14

Associated revisions

Revision 6c1e6e66 (diff)
Added by gstrauss 4 months ago

[core] graceful restart with SIGUSR1 (fixes #2785)

more consistent cleanup of resources at shutdown
(e.g. upon error conditions)

Notes: graceful restart with SIGUSR1
- not available if chroot()ed, oneshot mode, or if idle timeout occurs
- preserve process id (pid)
- preserve existing listen sockets
- i.e. does not close old listen sockets from prior configs
(even if old listen sockets no longer in the new config)
(sockets may have been bound w/ root privileges no longer available)
- will fail to add listen sockets from new config if privileges
lighttpd configured to drop privileges to non-root user, and
new listen socket attempts to bind to low-numbered port requiring
root privileges.
- will fail if listen sockets in new config conflict with any previous
old listen sockets
- These failure modes will result in lighttpd shutting down instead of
graceful restart. These failure modes are not detectable with
preflight checks ('lighttpd tt -f lighttpd.conf') because the
new instance of lighttpd running the preflight check does not
known config state of n prior graceful restarts, or even the
config state of the currently running lighttpd server.
due to lighttpd feature of optionally managing backends
(e.g. fastcgi and scgi via "bin-path"), lighttpd must wait for
all child processes to exit prior to restarting. Restarting new
workers while old workers (and old backends) were still running would
result in failure of restarted lighttpd process to be able to bind to
sockets already in use by old backends (e.g. unix "socket" path)

x-ref:
"graceful restart with SIGUSR1"
https://redmine.lighttpd.net/issues/2785

History

#1 Updated by gstrauss 4 months ago

  • Related to Bug #2782: init scripts outdated, should be removed added

#2 Updated by gstrauss 4 months ago

The following is not included in the upcoming patch, but is being considered.

Should lighttpd be modified to add graceful reload of configuration when lighttpd receives SIGHUP? Current lighttpd behavior is to just re-open error and access log files, and this should be preserved, but since reloading configuration on SIGHUP is a widely accepted convention, let's consider if lighttpd should add this behavior on SIGHUP, too.

--- a/src/server.c
+++ b/src/server.c
@@ -1362,6 +1362,7 @@ static int server_main (server * const srv, int argc, char **argv) {
                                                 */
                                                if (handle_sig_hup) {
                                                        handle_sig_hup = 0;
+                                                       if (buffer_string_is_empty(srv->srvconf.changeroot)) raise(SIGUSR1);

                                                        log_error_cycle(srv);

@@ -1513,6 +1514,7 @@ static int server_main (server * const srv, int argc, char **argv) {

                        /* reset notification */
                        handle_sig_hup = 0;
+                       if (buffer_string_is_empty(srv->srvconf.changeroot) && 0 == oneshot_fd) raise(SIGUSR1);

                        /* cycle logfiles */

#3 Updated by gstrauss 3 months ago

  • Status changed from Patch Pending to Fixed
  • % Done changed from 0 to 100

Also available in: Atom