Project

General

Profile

Actions

LighttpdOnSolaris » History » Revision 13

« Previous | Revision 13/15 (diff) | Next »
alexs77, 2008-09-11 09:54
Add warning note about possible high CPU load problem, per http://blogs.sun.com/mandy/entry/lighttpd_smf_troubles


= Running lighttpd on Solaris Service Management Facility (SMF) =

If you want to use native Solaris management facility (SMF), you have to create two files describing lighttpd service:

Manifest file: /var/svc/manifest/network/lighttpd.xml

{{{
#!text/xml

<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
Copyright 2005 Sergiusz Pawlowicz. All rights reserved.
http://pawlowicz.name/
Use is subject to license terms.

ident       "0.1"
Modified by Shanti Subramanyam to restrict privileges
-->

<service_bundle type='manifest' name='lighttpd'>

<service
name='network/lighttpd'
type='service'
version='1'>

&lt;!--
Because we may have multiple instances of network/lighttpd
provided by different implementations, we keep dependencies
and methods within the instance.
-->
&lt;instance name='lighttpd' enabled='false'&gt;
&lt;dependency name='loopback'
grouping='require_all'
restart_on='error'
type='service'>
&lt;service_fmri value='svc:/network/loopback:default'/&gt;
&lt;/dependency&gt;
&lt;dependency name='physical'
grouping='optional_all'
restart_on='error'
type='service'>
&lt;service_fmri value='svc:/network/physical:default'/&gt;
&lt;/dependency&gt;
&lt;dependency name='multiuser-server'
grouping='require_all'
restart_on='error'
type='service'>
&lt;service_fmri value='svc:/milestone/multi-user-server:default'/&gt;
&lt;/dependency&gt;
&lt;!-- restrict privileges and run as user webservd --&gt;
&lt;method_context&gt;
&lt;method_credential
user='webservd' group='webservd'
privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' />
&lt;/method_context&gt;
&lt;exec_method
type='method'
name='start'
exec='/lib/svc/method/http-lighttpd start'
timeout_seconds='60' />
&lt;exec_method
type='method'
name='stop'
exec='/lib/svc/method/http-lighttpd stop'
timeout_seconds='60' />
&lt;exec_method
type='method'
name='refresh'
exec='/lib/svc/method/http-lighttpd refresh'
timeout_seconds='60' />
&lt;property_group name='startd' type='framework'&gt;
&lt;!-- sub-process core dumps shouldn't restart
session -->
&lt;propval name='ignore_error' type='astring'
value='core,signal' />
&lt;/property_group&gt;
&lt;/instance&gt;
&lt;template&gt;
&lt;common_name&gt;
&lt;loctext xml:lang='C'&gt;
Lighttpd HTTP server
&lt;/loctext&gt;
&lt;/common_name&gt;
&lt;documentation&gt;
&lt;manpage title='lighttpd' section='1M' /&gt;
&lt;doc_link name='lighttpd.net'
uri='http://www.lighttpd.net/' />
&lt;/documentation&gt;
&lt;/template&gt;
&lt;/service&gt;

</service_bundle>
}}}

init file: /lib/svc/method/http-lighttpd {{{
#!sh
#!/sbin/sh #
  1. Copyright 2005 Sergiusz Pawlowicz All rights reserved.
  2. Use is subject to license terms. #
  3. ident "0.1" #

LIGHTTPD_HOME=/global/lighttpd
CONF_FILE=/etc/lighttpd/lighttpd.conf
PIDFILE=/var/run/lighttpd.pid
HTTPD="${LIGHTTPD_HOME}/sbin/lighttpd"

[ ! -f ${CONF_FILE} ] && exit $CONF_FILE

case "$1" in
start)
/bin/rm -f ${PIDFILE}
  1. Enable NCA:
    NCAKMODCONF=/etc/nca/ncakmod.conf
    if [ -f $NCAKMODCONF ]; then
    . $NCAKMODCONF
    if [ "x$status" = "xenabled" ]; then
    HTTPD="env LD_PRELOAD=/usr/lib/ncad_addr.so $HTTPD"
    fi
    fi
    exec $HTTPD -f ${CONF_FILE} 2>&1
    ;;
    refresh)
    if [ -f "$PIDFILE" ]; then
    /usr/bin/kill -HUP `/usr/bin/cat $PIDFILE`
    fi
    ;;
    stop)
    if [ -f "$PIDFILE" ]; then
    /usr/bin/kill -QUIT `/usr/bin/cat $PIDFILE`
    fi
    ;;
    *)
    echo "Usage: $0 {start|stop|refresh}"
    exit 1
    ;;
    esac
    }}}
Making use of this

=== Import ===

Now import the file into SMF database:

{{{
#!ShellExample
  1. svccfg -v import /var/svc/manifest/network/lighttpd.xml
    }}}

=== Enable ===

{{{
#!ShellExample
  1. svcadm enable network/lighttpd
    }}}

=== Check ===

{{{
#!ShellExample
  1. svcs -l network/lighttpd
    fmri svc:/network/lighttpd:lighttpd
    name Lighttpd HTTP server
    enabled true
    state online
    next_state none
    state_time Sun Sep 25 14:21:49 2005
    logfile /var/svc/log/network-lighttpd:lighttpd.log
    restarter svc:/system/svc/restarter:default
    contract_id 143
    dependency require_all/error svc:/network/loopback:default (online)
    dependency optional_all/error svc:/network/physical:default (online)
    dependency require_all/error svc:/milestone/multi-user-server:default (online)
    }}}

Of course it is simple example of such a service, if you have better one, please cut and paste it here.

=== Caution! ===

If you experience high CPU load after enabling this service, you might want to read the [http://blogs.sun.com/mandy/entry/lighttpd_smf_troubles Lighttpd SMF troubles] blog entry. It advises to '''NOT''' have SMF set the username/groupname and instead use the [wiki:server.usernameDetails server.username] and [wiki:server.groupnameDetails server.groupname] settings in the configuration file. To do so, the following section should be replaced in the lighttpd.xml file:

{{{
#!text/xml
<!-- restrict privileges and run as user webservd -->
<method_context>
<method_credential
user='webservd' group='webservd'
privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' />
</method_context>
}}}

Replace that with:

{{{
#!text/xml
<method_context/>
}}}

Updated by alexs77 about 12 years ago · 13 revisions