Project

General

Profile

LighttpdOnSolaris » History » Revision 15

Revision 14 (alexs77, 2008-09-11 09:54) → Revision 15/16 (alexs77, 2012-08-11 10:42)

h1. Running lighttpd on Solaris Service Management Facility (SMF) 


 If you want to use native Solaris management facility (SMF), you have to create two files describing lighttpd service: 


 h2. Manifest file: /var/svc/manifest/network/lighttpd.xml 



 <pre> 

 #!text/xml 
 <?xml version="1.0"?> 
 <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> 
 <!-- 
     Copyright 2005 Sergiusz Pawlowicz.    All rights reserved. 
     http://pawlowicz.name/ 
     Use is subject to license terms. 
 
     ident         "0.1" 

     Modified by Shanti Subramanyam to restrict privileges 
 --> 

 <service_bundle type='manifest' name='lighttpd'> 

 <service 
         name='network/lighttpd' 
         type='service' 
         version='1'> 

         <!-- 
           Because we may have multiple instances of network/lighttpd 
           provided by different implementations, we keep dependencies 
           and methods within the instance. 
         --> 

         <instance name='lighttpd' enabled='false'> 
                 <dependency name='loopback' 
                     grouping='require_all' 
                     restart_on='error' 
                     type='service'> 
                         <service_fmri value='svc:/network/loopback:default'/> 
                 </dependency> 

                 <dependency name='physical' 
                     grouping='optional_all' 
                     restart_on='error' 
                     type='service'> 
                         <service_fmri value='svc:/network/physical:default'/> 
                 </dependency> 

                 <dependency name='multiuser-server' 
                     grouping='require_all' 
                     restart_on='error' 
                     type='service'> 
                         <service_fmri value='svc:/milestone/multi-user-server:default'/> 
                 </dependency> 
                
                 <!-- restrict privileges and run as user webservd --> 
                 <method_context> 
                        <method_credential 
                                 user='webservd' group='webservd' 
                                 privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' /> 
                 </method_context> 


                 <exec_method 
                         type='method' 
                         name='start' 
                         exec='/lib/svc/method/http-lighttpd start' 
                         timeout_seconds='60' /> 

                 <exec_method 
                         type='method' 
                         name='stop' 
                         exec='/lib/svc/method/http-lighttpd stop' 
                         timeout_seconds='60' /> 


                 <exec_method 
                         type='method' 
                         name='refresh' 
                         exec='/lib/svc/method/http-lighttpd refresh' 
                         timeout_seconds='60' /> 

                 <property_group name='startd' type='framework'> 
                         <!-- sub-process core dumps shouldn't restart 
                                 session --> 
                         <propval name='ignore_error' type='astring' 
                                 value='core,signal' /> 
                 </property_group> 

         </instance> 

         <template> 
                 <common_name> 
                         <loctext xml:lang='C'> 
                                 Lighttpd HTTP server 
                         </loctext> 
                 </common_name> 
                 <documentation> 
                         <manpage title='lighttpd' section='1M' /> 
                         <doc_link name='lighttpd.net' 
                                 uri='http://www.lighttpd.net/' /> 
                 </documentation> 
         </template> 
 </service> 

 </service_bundle> 
 </pre> 



 h2. init file: /lib/svc/method/http-lighttpd 



 <pre> 

 #!sh 
 #!/sbin/sh 
 # 
 # Copyright 2005 Sergiusz Pawlowicz    All rights reserved. 
 # Use is subject to license terms. 
 # 
 # ident "0.1" 
 # 


 LIGHTTPD_HOME=/global/lighttpd 
 CONF_FILE=/etc/lighttpd/lighttpd.conf 
 PIDFILE=/var/run/lighttpd.pid 
 HTTPD="${LIGHTTPD_HOME}/sbin/lighttpd" 

 [ ! -f ${CONF_FILE} ] &&    exit $CONF_FILE 

 case "$1" in 
 start) 
         /bin/rm -f ${PIDFILE} 
 # Enable NCA: 
         NCAKMODCONF=/etc/nca/ncakmod.conf 
         if [ -f $NCAKMODCONF ]; then 
             . $NCAKMODCONF 
             if [ "x$status" = "xenabled" ]; then 
                  HTTPD="env LD_PRELOAD=/usr/lib/ncad_addr.so $HTTPD" 
             fi 
         fi 
         exec $HTTPD -f ${CONF_FILE} 2>&1 
         ;; 
 refresh) 
         if [ -f "$PIDFILE" ]; then 
                 /usr/bin/kill -HUP `/usr/bin/cat $PIDFILE` 
         fi 
         ;; 
 stop) 
         if [ -f "$PIDFILE" ]; then 
                 /usr/bin/kill -QUIT `/usr/bin/cat $PIDFILE` 
         fi 
         ;; 
 *) 
         echo "Usage: $0 {start|stop|refresh}" 
         exit 1 
         ;; 
 esac 
 </pre> 



 h2. Making use of this 



 h3. Import 


 Now import the file into SMF database: 


 <pre> 

 #!ShellExample 
 # svccfg -v import /var/svc/manifest/network/lighttpd.xml 
 </pre> 



 h3. Enable 



 <pre> 

 #!ShellExample 
 # svcadm enable network/lighttpd 
 </pre> 



 h3. Check 



 <pre> 

 #!ShellExample 
 # svcs -l network/lighttpd 
 fmri           svc:/network/lighttpd:lighttpd 
 name           Lighttpd HTTP server 
 enabled        true 
 state          online 
 next_state     none 
 state_time     Sun Sep 25 14:21:49 2005 
 logfile        /var/svc/log/network-lighttpd:lighttpd.log 
 restarter      svc:/system/svc/restarter:default 
 contract_id    143 
 dependency     require_all/error svc:/network/loopback:default (online) 
 dependency     optional_all/error svc:/network/physical:default (online) 
 dependency     require_all/error svc:/milestone/multi-user-server:default (online) 
 </pre> 


 Of course it is simple example of such a service, if you have better one, please cut and paste it here. 



 h3. Caution! 


 If you experience high CPU load after enabling this service, you might want to read the "Lighttpd SMF troubles":http://blogs.sun.com/mandy/entry/lighttpd_smf_troubles blog entry. It advises to *NOT* have SMF set the username/groupname and instead use the [[server_usernameDetails|server.username]] [[server.usernameDetails|server.username]] and [[server_groupnameDetails|server.groupname]] [[server.groupnameDetails|server.groupname]] settings in the configuration file. To do so, the following section should be replaced in the lighttpd.xml file: 


 <pre> 

 #!text/xml 
                 <!-- restrict privileges and run as user webservd --> 
                 <method_context> 
                        <method_credential 
                                 user='webservd' group='webservd' 
                                 privileges='basic,!proc_session,!proc_info,!file_link_any,net_privaddr' /> 
                 </method_context> 
 </pre> 


 Replace that with: 


 <pre> 

 #!text/xml 
                 <method_context/> 
 </pre>