| Summary: | www-servers/nginx - init.d script should not check configuration on reload/upgrade (upstream said) | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
| Component: | Current packages | Assignee: | No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed> |
| Status: | CONFIRMED --- | ||
| Severity: | normal | CC: | bugs, dev-zero, proxy-maint |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://mailman.nginx.org/pipermail/nginx/2013-August/040193.html | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Thomas Deutschmann (RETIRED)
2013-08-17 12:44:59 UTC
Sounds ok to me (if it only applies to reload/upgrade). Patch? (In reply to Johan Bergström from comment #1) > Sounds ok to me (if it only applies to reload/upgrade). Patch? Wouldn't it be more reasonable to change the nginx return value if the reload isn't ok (for instance, configuration syntax error)? Which return value? We are sending a signal using "kill". So all we will get is a return value from "kill"... we never know (without checking nginx's error log) if HUP'ing was really successful. Or am I missing something? We changed it to use `nginx -t` at some point and evaluate this return value. So I guess we can close this as FIXED. This bug seems to have been mistakenly closed as FIXED. The argument was to *remove* a config check (using nginx -t), not to add it.
Assuming the arguments presented in the original report and the referenced bug thread still hold (and I'd say they do), the original proposed resolution looks good to me, at least for the 'reload' action.
That is:
> A better message would be "Sending SIGHUP to nginx" using
> ebegin and when succeed, show an einfo or ewarn telling the user to watch logs for
> errors, due to nginx may have refused to reload, see http://mailman.nginx.org/pipermail
> /nginx/2013-August/040186.html
So let's re-opening this bug for further discussions: The problem: ============ Problem 1: `nginx -t` isn't reliable/can lead to unexpected results The command will always use the binary from disk. This version don't have to match which the version of the running nginx master process. That means even if `nginx -t` succeeded (because your configuration is valid with the nginx version on disk) you could have an invalid configuration for the _running_ nginx version. (and that's why https://bugs.gentoo.org/show_bug.cgi?id=481456#c4 wasn't a fix for this bug) Problem 2: Duplicated time consuming work when dealing with large configurations It is duplicated work because the nginx master process will do the same check when receiving the HUP signal. Regarding problem 1: We could record nginx' version in OpenRC (service_set_value) and only allow reload when the nginx version from disk matches the one running. Then we should never hit such a situation. However we should indicate in the output that we only sent the command to reload but cannot tell if nginx is now really using the new configuration (only nginx can you tell). I.e. it is possible that nginx rejects reloading and keep using the old configuration from memory: # grep `pgrep --uid 0 nginx` /var/log/nginx/error_log 2016/03/04 14:17:03 [emerg] 26354#26354: unknown directive "this_will_break_configuration" in /etc/nginx/nginx.conf:67 The only reliable way, which can be used in scripts/CFM tools, seems to be the "upgrade" command. Does anybody knows a reason why you shouldn't always use "upgrade"? Regarding problem 2: I am not sure if we need to address this problem. While I agree that this can double nginx startup time I prefer a response I can use in scripts. But we could add "skip_cfgcheck_on_{reload,restart,start}" in /etc/conf.d/nginx to allow users to bypass these checks. |