Browse Source

Fix loss of service due to systemd's depencency cycle breaking

Christoph Biedl 5 months ago
parent
commit
720b9b82c5

+ 62 - 0
debian/patches/cherry-pick.v7-4-g7778512.fixed-ordering-cycle-found-causing-spurious-issues-during-boot-no.patch

@@ -0,0 +1,62 @@
+Subject: Fixed Ordering cycle found, causing spurious issues during boot (no (...)
+Origin: v7-4-g7778512 <https://github.com/latchset/tang/commit/v7-4-g7778512>
+Upstream-Author: Renaud Métrich <rmetrich@redhat.com>
+Date: Thu Jan 30 09:07:21 2020 +0100
+
+    Fixed Ordering cycle found, causing spurious issues during boot (no
+    tangd.socket enabled, or no network, etc.)
+
+    This commit fixes the following ordering cycle found on Fedora 30+ and
+    RHEL 8.1:
+
+    -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< --------
+    systemd[1]: sockets.target: Found ordering cycle on tangd.socket/start
+    systemd[1]: sockets.target: Found dependency on tangd-keygen.service/start
+    systemd[1]: sockets.target: Found dependency on basic.target/start
+    systemd[1]: sockets.target: Found dependency on sockets.target/start
+    systemd[1]: sockets.target: Job tangd.socket/start deleted to break ordering cycle starting with sockets.target/start
+    [ SKIP ] Ordering cycle found, skipping Tang Server socket
+    -------- 8< ---------------- 8< ---------------- 8< ---------------- 8< --------
+
+    This is tracked by Red Hat through BZ #1792173
+    (https://bugzilla.redhat.com/show_bug.cgi?id=1792173)
+
+    The previous implementation of the Tang socket was making it depend on
+    services, which is not how sockets are expected to be configured.
+    Additionally, the Tang socket was installed in multi-user.target instead
+    of sockets.target.
+
+    This implementation creates a "standard" socket installed in
+    sockets.target, and modifies the corresponding service so that it makes
+    sure the requirement on the key presence is met.
+    The requirement on tangd-update.service has been removed since it is
+    useless: the service doesn't need tangd-update.service at all.
+
+--- a/units/tangd.socket.in
++++ b/units/tangd.socket.in
+@@ -1,14 +1,9 @@
+ [Unit]
+ Description=Tang Server socket
+-Requires=tangd-keygen.service
+-Requires=tangd-update.service
+-Requires=tangd-update.path
+-After=tangd-keygen.service
+-After=tangd-update.service
+ 
+ [Socket]
+ ListenStream=80
+ Accept=true
+ 
+ [Install]
+-WantedBy=multi-user.target
++WantedBy=sockets.target
+--- a/units/tangd@.service.in
++++ b/units/tangd@.service.in
+@@ -1,5 +1,7 @@
+ [Unit]
+ Description=Tang Server
++Requires=tangd-keygen.service
++After=tangd-keygen.service
+ 
+ [Service]
+ StandardInput=socket

+ 3 - 0
debian/patches/series

@@ -1,4 +1,7 @@
 
+# cherry-picked commits. Keep in upstream's chronological order
+cherry-pick.v7-4-g7778512.fixed-ordering-cycle-found-causing-spurious-issues-during-boot-no.patch
+
 # patches for upstream
 upstream.use-asciidoctor-to-build-manpages.patch
 upstream.add-systemd-documentation-key.patch

+ 2 - 2
debian/patches/upstream.add-systemd-documentation-key.patch

@@ -9,6 +9,6 @@ Bug: https://github.com/latchset/tang/issues/49
  [Unit]
  Description=Tang Server
 +Documentation=man:tangd(8)
+ Requires=tangd-keygen.service
+ After=tangd-keygen.service
  
- [Service]
- StandardInput=socket