In contrast to the regular `kill` binary, `icinga2 internal signal` drops
permissions before sending the signal. This is important as the PID file can be
written by the Icinga user, dropping the permissions prevents that user from
using this to send signals to processes it is not supposed to signal.
SIGUSR1 wasn't among the list of signals supported by `icinga2 internal
signal`, so it is added there.
Except for the switch case, the script was written with tab indentation.
With tabstop of 4 spaces, the indentation in the switch case would make
sense, but I assume this is just a glitch of the editor.
When executing `false || (echo bad; exit 1)`, the call to `exit` won't
exit the script, it will only exit the subshell and the exit code will
be stored in the return code `$?`.
Since this is an error, we have to exit the script properly.
Add target network-online.target as requirement.
Service Icinga2 won't start before target is finally reached.
This prevents Icinga2 from failing if no entry for hostname.domain
is set in /etc/hosts
icinga2.service used `-e ${ICINGA2_ERROR_LOG}`, but this is documented
as having no effect without `-d`. Furthermore, icinga2 under systemd
unconditionally logged everything to the system log (but without setting
the log level etc), which contradicted the documentation. (Issue #6339)
Stop icinga2 on systemd from logging to stdout - and hence the system log -
once it has finished starting up. Just like when you start icinga2 from a
terminal using `-d`. And just like -d, we stop logging fatal errors to
stderr, and instead write to the log file passed with `-e`.
As per docs, mainlog (icinga2.log) is already enabled by default. And
pre-startup messages including config errors will still appear in the
system log.
This uses a new option --close-stdio, which has the same effect on logging as
--daemonize, but does not fork or call setsid().
For this purpose, I moved setsid() up and into Daemonize().
Consequence of that last point: if anyone is weird enough to specify a TTY
device file as the fatal error log (-e option), that will become icinga's
controlling terminal, which you generally don't want as a daemon. This
makes it consistent with the existing behaviour for icinga mainlog. For
this reason you're supposed to use O_NOCTTY in Linux daemons. But I wasn't
sure where icinga would want to put the ugly `#ifdef _WIN32 ... #else ...`.
This reverts commit 592fb22c7fe4d291e630a2b6126312d088ce60d7.
We have the problem that Systemd doesn't expand shell variables
into our environment.
During the upgrade cycle this would maybe render a wrong PID file
location, thus resulting in wrong 'safe-reload' behaviour.
This is only for a clean upgrade path from 2.8.x to 2.9.0,
the proper fix is to ensure that the sysconfig file is empty
and keep our own defaults, or modified from the user.
refs #6434
The sysconfig file now only contains the defaults as comments, changes
made there are given to the init.d script, prepare-dirs, safe-reload and
Icinga 2 itself. If nothing is set in the sysconfig file (as is the
default as all lines are commented out) the defaults are used.
fixes#6255
This also disables setting a value by default.
Packaging should decide to install the config file:
`/etc/systemd/system/icinga2.service.d`
fixes#5611
Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
Icinga2 fails with 'Cannot bind TCP socket for host',
if other services requiring network.target are not installed.
Signed-off-by: Jean Flach <jean-marcel.flach@netways.de>
fixes#10968
