Skip to content

nixos/switch-to-configuration: restart changed socket units #50340

Closed
fpletz wants to merge 3 commits intoNixOS:masterfrom
mayflower:fix/socket-change-activation
Closed

nixos/switch-to-configuration: restart changed socket units #50340
fpletz wants to merge 3 commits intoNixOS:masterfrom
mayflower:fix/socket-change-activation

Conversation

@fpletz
Copy link
Member

@fpletz fpletz commented Nov 14, 2018

Motivation for this change

Previously, socket units wouldn't be restarted if they were changed. To restart the socket, the service the socket is attached to needs to be stopped first before the socket can be restarted.

Discovered while converting fcgiwrap to full socket activation support and writing a test for it. These changes are also part of this PR as is the test that checks using fcgiwrap if sockets are properly restarted.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Fits CONTRIBUTING.md.

@fpletz fpletz added 0.kind: enhancement Add something new or improve an existing system. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS labels Nov 14, 2018
@fpletz fpletz requested a review from infinisil as a code owner November 14, 2018 03:12
@GrahamcOfBorg GrahamcOfBorg added the 8.has: module (update) This PR changes an existing module in `nixos/` label Nov 14, 2018
@fpletz
nixos/switch-to-configuration: restart changed socket units
e4cba5a 
Previously, socket units wouldn't be restarted if they were
changed. To restart the socket, the service the socket is attached
to needs to be stopped first before the socket can be restarted.
@fpletz
fcgiwrap module: switch to full socket activation
c282114
@fpletz
fcgiwrap: add patch to support changing workdir
c831e81
@fpletz fpletz force-pushed the fix/socket-change-activation branch from 795266e to c831e81 Compare November 14, 2018 03:25
@fpletz fpletz added the 8.has: changelog This PR adds or changes release notes label Nov 14, 2018
@fpletz
Copy link
Member Author

fpletz commented Nov 14, 2018

@GrahamcOfBorg test fcgiwrap systemd

@GrahamcOfBorg
Copy link

GrahamcOfBorg commented Nov 14, 2018

No attempt on x86_64-linux (full log)

The following builds were skipped because they don't evaluate on x86_64-linux: tests.fcgiwrap, tests.systemd

Partial log (click to expand)

error: while evaluating 'recursiveUpdate' at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:415:26, called from /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:148:28:
while evaluating 'recursiveUpdateUntil' at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:384:37, called from /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:416:5:
while evaluating 'zipAttrsWith' at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:347:21, called from /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:394:8:
while evaluating 'zipAttrsWithNames' at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:332:33, called from /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:347:27:
while evaluating anonymous function at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/lists.nix:113:41, called from /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/lib/attrsets.nix:347:46:
while evaluating the attribute 'systemd' at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/nixos/tests/all-tests.nix:198:3:
while evaluating 'handleTest' at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/nixos/tests/all-tests.nix:17:22, called from /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/nixos/tests/all-tests.nix:198:13:
while evaluating 'discoverTests' at /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/nixos/tests/all-tests.nix:13:19, called from /var/lib/gc-of-borg/.nix-test-rs/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/rbvermaa-spot/nixos/tests/all-tests.nix:18:5:
access to path '/nix/store/g6rn7lxamwwl6rwn2xqsnq6gbqrw336c-rbvermaa-spot' is forbidden in restricted mode

@GrahamcOfBorg
Copy link

GrahamcOfBorg commented Nov 14, 2018

No attempt on aarch64-linux (full log)

The following builds were skipped because they don't evaluate on aarch64-linux: tests.fcgiwrap, tests.systemd

Partial log (click to expand)

Cannot nix-instantiate `tests.systemd' because:
error: while evaluating 'recursiveUpdate' at /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:415:26, called from /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:148:28:
while evaluating 'recursiveUpdateUntil' at /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:384:37, called from /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:416:5:
while evaluating 'zipAttrsWith' at /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:347:21, called from /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:394:8:
while evaluating 'zipAttrsWithNames' at /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:332:33, called from /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/lib/attrsets.nix:347:27:
while evaluating the attribute 'systemd' at /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/nixos/tests/all-tests.nix:198:3:
while evaluating 'handleTest' at /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/nixos/tests/all-tests.nix:17:22, called from /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/nixos/tests/all-tests.nix:198:13:
while evaluating 'discoverTests' at /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/nixos/tests/all-tests.nix:13:19, called from /var/lib/gc-of-borg/nix-test-rs-32/repo/38dca4e3aa6bca43ea96d2fcc04e8229/builder/grahamc-aarch64-community-32/nixos/tests/all-tests.nix:18:5:
access to path '/nix/store/i7qg1qsz4idr6a68pfiz9dk1m34vp31x-grahamc-aarch64-community-32' is forbidden in restricted mode

@GrahamcOfBorg GrahamcOfBorg added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. labels Nov 14, 2018
@fpletz
Copy link
Member Author

fpletz commented Nov 14, 2018

Tests work fine for me. Seems to be an ofborg glitch. cc @grahamc

@GrahamcOfBorg GrahamcOfBorg added the 8.has: documentation This PR adds or changes documentation label Nov 14, 2018
@GrahamcOfBorg
Copy link

GrahamcOfBorg commented Nov 14, 2018

Success on x86_64-linux (full log)

Attempted: fcgiwrap

Partial log (click to expand)

moving /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0/man to /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0/share/man
shrinking RPATHs of ELF executables and libraries in /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0
shrinking /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0/sbin/fcgiwrap
gzipping man pages under /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0/share/man/
strip is /nix/store/vcc4svb8gy29g4pam2zja6llkbcwsyiq-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0/sbin
patching script interpreter paths in /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0
checking for references to /build in /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0...
moving /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0/sbin/* to /nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0/bin
/nix/store/vrs3ppxmq302la93xi6w02k1f3ab0x78-fcgiwrap-1.1.0

@GrahamcOfBorg
Copy link

GrahamcOfBorg commented Nov 14, 2018

No attempt on x86_64-darwin (full log)

The following builds were skipped because they don't evaluate on x86_64-darwin: fcgiwrap

Partial log (click to expand)


a) For `nixos-rebuild` you can set
  { nixpkgs.config.allowUnsupportedSystem = true; }
in configuration.nix to override this.

b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
  { allowUnsupportedSystem = true; }
to ~/.config/nixpkgs/config.nix.

@GrahamcOfBorg
Copy link

GrahamcOfBorg commented Nov 14, 2018

Success on aarch64-linux (full log)

Attempted: fcgiwrap

Partial log (click to expand)

moving /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0/man to /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0/share/man
shrinking RPATHs of ELF executables and libraries in /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0
shrinking /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0/sbin/fcgiwrap
gzipping man pages under /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0/share/man/
strip is /nix/store/p9akxn2sfy4wkhqdqa3li97pc6jaz3r1-binutils-2.30/bin/strip
stripping (with command strip and flags -S) in /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0/sbin
patching script interpreter paths in /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0
checking for references to /build in /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0...
moving /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0/sbin/* to /nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0/bin
/nix/store/la4910f8rrlc304y9qpqizyw9s11s3vn-fcgiwrap-1.1.0

@lheckemann
Copy link
Member

lheckemann commented Nov 14, 2018
edited
Loading

For the ofborg problem: https://logs.nix.samueldr.com/nixos-borg/2018-11-13#1542105665-1542108034; (caused by #50233)

lheckemann
lheckemann reviewed Nov 15, 2018
View reviewed changes
Copy link
Member

@lheckemann lheckemann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall LGTM!

nixos/doc/manual/release-notes/rl-1903.xml
addresses as defined in
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
</para>
</listitem>
Copy link
Member

@lheckemann lheckemann Nov 15, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should there also be a note about socket restarts in here?

Copy link
Member Author

@fpletz fpletz Nov 15, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, yeah. you're right. Adding socking restart support is kind of a bugfix though. I'll add a paragraph.

nixos/modules/services/web-servers/fcgiwrap.nix
socketMode = mkOption {
type = types.str;
default = "0660";
description = "File mode of the socket if it is defined as a Unix socket.";
Copy link
Member

@lheckemann lheckemann Nov 15, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suggest we don't bikeshed this PR on this discussion, but…

Would it maybe make sense to make a socket type which contains all these options, since it may well be used in multiple places? It doesn't seem that nice to have these settings which are essentially aliases for systemd.sockets.fcgiwrap.socketConfig.*.

@mmahut
Copy link
Member

mmahut commented Aug 13, 2019

Are there any updates on this pull request, please?

@lheckemann lheckemann mentioned this pull request Nov 21, 2019
Merged
3 tasks
@domenkozar
Copy link
Member

domenkozar commented Nov 26, 2019

Done in #73871, fcgiwrap needs a new PR :)

@domenkozar domenkozar closed this Nov 26, 2019
@fpletz fpletz deleted the fix/socket-change-activation branch December 7, 2019 11:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@globin globin globin approved these changes

@infinisil infinisil Awaiting requested review from infinisil

+2 more reviewers

@lheckemann lheckemann lheckemann left review comments

@aneeshusa aneeshusa aneeshusa left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

0.kind: enhancement Add something new or improve an existing system. 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: changelog This PR adds or changes release notes 8.has: documentation This PR adds or changes documentation 8.has: module (update) This PR changes an existing module in `nixos/` 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@fpletz @GrahamcOfBorg @lheckemann @mmahut @domenkozar @globin @aneeshusa