LighttpdOnSolaris » History » Revision 15
Revision 14 (alexs77, 2008-09-11 09:54) → Revision 15/16 (alexs77, 2012-08-11 10:42)
h1. Running lighttpd on Solaris Service Management Facility (SMF)
If you want to use native Solaris management facility (SMF), you have to create two files describing lighttpd service:
h2. Manifest file: /var/svc/manifest/network/lighttpd.xml
<pre>
#!text/xml
<?xml version="1.0"?>
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
Copyright 2005 Sergiusz Pawlowicz. All rights reserved.
http://pawlowicz.name/
Use is subject to license terms.
ident "0.1"
Modified by Shanti Subramanyam to restrict privileges
-->
<service_bundle type='manifest' name='lighttpd'>
<service
name='network/lighttpd'
type='service'
version='1'>
<!--
Because we may have multiple instances of network/lighttpd
provided by different implementations, we keep dependencies
and methods within the instance.
-->
<instance name='lighttpd' enabled='false'>
<dependency name='loopback'
grouping='require_all'
restart_on='error'
type='service'>
<service_fmri value='svc:/network/loopback:default'/>
</dependency>
<dependency name='physical'
grouping='optional_all'
restart_on='error'
type='service'>
<service_fmri value='svc:/network/physical:default'/>
</dependency>
<dependency name='multiuser-server'
grouping='require_all'
restart_on='error'
type='service'>
<service_fmri value='svc:/milestone/multi-user-server:default'/>
</dependency>
<!-- restrict privileges and run as user webservd -->
<method_context>
<method_credential
user='webservd' group='webservd'
privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' />
</method_context>
<exec_method
type='method'
name='start'
exec='/lib/svc/method/http-lighttpd start'
timeout_seconds='60' />
<exec_method
type='method'
name='stop'
exec='/lib/svc/method/http-lighttpd stop'
timeout_seconds='60' />
<exec_method
type='method'
name='refresh'
exec='/lib/svc/method/http-lighttpd refresh'
timeout_seconds='60' />
<property_group name='startd' type='framework'>
<!-- sub-process core dumps shouldn't restart
session -->
<propval name='ignore_error' type='astring'
value='core,signal' />
</property_group>
</instance>
<template>
<common_name>
<loctext xml:lang='C'>
Lighttpd HTTP server
</loctext>
</common_name>
<documentation>
<manpage title='lighttpd' section='1M' />
<doc_link name='lighttpd.net'
uri='http://www.lighttpd.net/' />
</documentation>
</template>
</service>
</service_bundle>
</pre>
h2. init file: /lib/svc/method/http-lighttpd
<pre>
#!sh
#!/sbin/sh
#
# Copyright 2005 Sergiusz Pawlowicz All rights reserved.
# Use is subject to license terms.
#
# ident "0.1"
#
LIGHTTPD_HOME=/global/lighttpd
CONF_FILE=/etc/lighttpd/lighttpd.conf
PIDFILE=/var/run/lighttpd.pid
HTTPD="${LIGHTTPD_HOME}/sbin/lighttpd"
[ ! -f ${CONF_FILE} ] && exit $CONF_FILE
case "$1" in
start)
/bin/rm -f ${PIDFILE}
# Enable NCA:
NCAKMODCONF=/etc/nca/ncakmod.conf
if [ -f $NCAKMODCONF ]; then
. $NCAKMODCONF
if [ "x$status" = "xenabled" ]; then
HTTPD="env LD_PRELOAD=/usr/lib/ncad_addr.so $HTTPD"
fi
fi
exec $HTTPD -f ${CONF_FILE} 2>&1
;;
refresh)
if [ -f "$PIDFILE" ]; then
/usr/bin/kill -HUP `/usr/bin/cat $PIDFILE`
fi
;;
stop)
if [ -f "$PIDFILE" ]; then
/usr/bin/kill -QUIT `/usr/bin/cat $PIDFILE`
fi
;;
*)
echo "Usage: $0 {start|stop|refresh}"
exit 1
;;
esac
</pre>
h2. Making use of this
h3. Import
Now import the file into SMF database:
<pre>
#!ShellExample
# svccfg -v import /var/svc/manifest/network/lighttpd.xml
</pre>
h3. Enable
<pre>
#!ShellExample
# svcadm enable network/lighttpd
</pre>
h3. Check
<pre>
#!ShellExample
# svcs -l network/lighttpd
fmri svc:/network/lighttpd:lighttpd
name Lighttpd HTTP server
enabled true
state online
next_state none
state_time Sun Sep 25 14:21:49 2005
logfile /var/svc/log/network-lighttpd:lighttpd.log
restarter svc:/system/svc/restarter:default
contract_id 143
dependency require_all/error svc:/network/loopback:default (online)
dependency optional_all/error svc:/network/physical:default (online)
dependency require_all/error svc:/milestone/multi-user-server:default (online)
</pre>
Of course it is simple example of such a service, if you have better one, please cut and paste it here.
h3. Caution!
If you experience high CPU load after enabling this service, you might want to read the "Lighttpd SMF troubles":http://blogs.sun.com/mandy/entry/lighttpd_smf_troubles blog entry. It advises to *NOT* have SMF set the username/groupname and instead use the [[server_usernameDetails|server.username]] [[server.usernameDetails|server.username]] and [[server_groupnameDetails|server.groupname]] [[server.groupnameDetails|server.groupname]] settings in the configuration file. To do so, the following section should be replaced in the lighttpd.xml file:
<pre>
#!text/xml
<!-- restrict privileges and run as user webservd -->
<method_context>
<method_credential
user='webservd' group='webservd'
privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' />
</method_context>
</pre>
Replace that with:
<pre>
#!text/xml
<method_context/>
</pre>