Actions
Running lighttpd on Solaris Service Management Facility (SMF)¶
If you want to use native Solaris management facility (SMF), you have to create two files describing lighttpd service:
Manifest file: /var/svc/manifest/network/lighttpd.xml¶
#!text/xml
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
Copyright 2005 Sergiusz Pawlowicz. All rights reserved.
http://pawlowicz.name/
Use is subject to license terms.
ident "0.1"
Modified by Shanti Subramanyam to restrict privileges
-->
<service_bundle type='manifest' name='lighttpd'>
<service
name='network/lighttpd'
type='service'
version='1'>
<!--
Because we may have multiple instances of network/lighttpd
provided by different implementations, we keep dependencies
and methods within the instance.
-->
<instance name='lighttpd' enabled='false'>
<dependency name='loopback'
grouping='require_all'
restart_on='error'
type='service'>
<service_fmri value='svc:/network/loopback:default'/>
</dependency>
<dependency name='physical'
grouping='optional_all'
restart_on='error'
type='service'>
<service_fmri value='svc:/network/physical:default'/>
</dependency>
<dependency name='multiuser-server'
grouping='require_all'
restart_on='error'
type='service'>
<service_fmri value='svc:/milestone/multi-user-server:default'/>
</dependency>
<!-- restrict privileges and run as user webservd -->
<method_context>
<method_credential
user='webservd' group='webservd'
privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' />
</method_context>
<exec_method
type='method'
name='start'
exec='/lib/svc/method/http-lighttpd start'
timeout_seconds='60' />
<exec_method
type='method'
name='stop'
exec='/lib/svc/method/http-lighttpd stop'
timeout_seconds='60' />
<exec_method
type='method'
name='refresh'
exec='/lib/svc/method/http-lighttpd refresh'
timeout_seconds='60' />
<property_group name='startd' type='framework'>
<!-- sub-process core dumps shouldn't restart
session -->
<propval name='ignore_error' type='astring'
value='core,signal' />
</property_group>
</instance>
<template>
<common_name>
<loctext xml:lang='C'>
Lighttpd HTTP server
</loctext>
</common_name>
<documentation>
<manpage title='lighttpd' section='1M' />
<doc_link name='lighttpd.net'
uri='http://www.lighttpd.net/' />
</documentation>
</template>
</service>
</service_bundle>
init file: /lib/svc/method/http-lighttpd¶
#!sh
#!/sbin/sh
#
# Copyright 2005 Sergiusz Pawlowicz All rights reserved.
# Use is subject to license terms.
#
# ident "0.1"
#
LIGHTTPD_HOME=/global/lighttpd
CONF_FILE=/etc/lighttpd/lighttpd.conf
PIDFILE=/var/run/lighttpd.pid
HTTPD="${LIGHTTPD_HOME}/sbin/lighttpd"
[ ! -f ${CONF_FILE} ] && exit $CONF_FILE
case "$1" in
start)
/bin/rm -f ${PIDFILE}
# Enable NCA:
NCAKMODCONF=/etc/nca/ncakmod.conf
if [ -f $NCAKMODCONF ]; then
. $NCAKMODCONF
if [ "x$status" = "xenabled" ]; then
HTTPD="env LD_PRELOAD=/usr/lib/ncad_addr.so $HTTPD"
fi
fi
exec $HTTPD -f ${CONF_FILE} 2>&1
;;
refresh)
if [ -f "$PIDFILE" ]; then
/usr/bin/kill -HUP `/usr/bin/cat $PIDFILE`
fi
;;
stop)
if [ -f "$PIDFILE" ]; then
/usr/bin/kill -QUIT `/usr/bin/cat $PIDFILE`
fi
;;
*)
echo "Usage: $0 {start|stop|refresh}"
exit 1
;;
esac
Making use of this¶
Import¶
Now import the file into SMF database:
#!ShellExample # svccfg -v import /var/svc/manifest/network/lighttpd.xml
Enable¶
#!ShellExample # svcadm enable network/lighttpd
Check¶
#!ShellExample # svcs -l network/lighttpd fmri svc:/network/lighttpd:lighttpd name Lighttpd HTTP server enabled true state online next_state none state_time Sun Sep 25 14:21:49 2005 logfile /var/svc/log/network-lighttpd:lighttpd.log restarter svc:/system/svc/restarter:default contract_id 143 dependency require_all/error svc:/network/loopback:default (online) dependency optional_all/error svc:/network/physical:default (online) dependency require_all/error svc:/milestone/multi-user-server:default (online)
Of course it is simple example of such a service, if you have better one, please cut and paste it here.
Caution!¶
If you experience high CPU load after enabling this service, you might want to read the Lighttpd SMF troubles blog entry. It advises to NOT have SMF set the username/groupname and instead use the server.username and server.groupname settings in the configuration file. To do so, the following section should be replaced in the lighttpd.xml file:
#!text/xml
<!-- restrict privileges and run as user webservd -->
<method_context>
<method_credential
user='webservd' group='webservd'
privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' />
</method_context>
Replace that with:
#!text/xml
<method_context/>
Updated by gstrauss almost 3 years ago · 16 revisions