From 94399e06f8091f2bf72dd76a2ffaf4e27f8392eb Mon Sep 17 00:00:00 2001 From: Jan Kaluza Date: Fri, 22 Aug 2014 12:11:38 +0200 Subject: [PATCH] mod_systemd: updated to the latest version - use -lsystemd instead of -lsystemd-daemon (#1125084) - fix possible crash in SIGINT handling (#958934) --- httpd-2.4.10-detect-systemd.patch | 48 ++++++++ httpd-2.4.10-mod_systemd.patch | 172 ++++++++++++++++++++++++++++ httpd-2.4.10-sigint.patch | 45 ++++++++ httpd-2.4.3-mod_systemd.patch | 163 -------------------------- httpd-2.4.9-socket-activation.patch | 37 ------ httpd.spec | 15 ++- 6 files changed, 278 insertions(+), 202 deletions(-) create mode 100644 httpd-2.4.10-detect-systemd.patch create mode 100644 httpd-2.4.10-mod_systemd.patch create mode 100644 httpd-2.4.10-sigint.patch delete mode 100644 httpd-2.4.3-mod_systemd.patch diff --git a/httpd-2.4.10-detect-systemd.patch b/httpd-2.4.10-detect-systemd.patch new file mode 100644 index 0000000..a22178b --- /dev/null +++ b/httpd-2.4.10-detect-systemd.patch @@ -0,0 +1,48 @@ +diff --git a/acinclude.m4 b/acinclude.m4 +index 580eb4a..bd7e2c9 100644 +--- a/acinclude.m4 ++++ b/acinclude.m4 +@@ -594,6 +594,30 @@ AC_DEFUN(APACHE_CHECK_OPENSSL,[ + fi + ]) + ++AC_DEFUN(APACHE_CHECK_SYSTEMD, [ ++dnl Check for systemd support for listen.c's socket activation. ++case $host in ++*-linux-*) ++ if test -n "$PKGCONFIG" && $PKGCONFIG --exists libsystemd; then ++ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd` ++ elif test -n "$PKGCONFIG" && $PKGCONFIG --exists libsystemd-daemon; then ++ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd-daemon` ++ else ++ AC_CHECK_LIB(systemd-daemon, sd_notify, SYSTEMD_LIBS="-lsystemd-daemon") ++ fi ++ if test -n "$SYSTEMD_LIBS"; then ++ AC_CHECK_HEADERS(systemd/sd-daemon.h) ++ if test "${ac_cv_header_systemd_sd_daemon_h}" = "no" || test -z "${SYSTEMD_LIBS}"; then ++ AC_MSG_WARN([Your system does not support systemd.]) ++ else ++ APR_ADDTO(LIBS, [$SYSTEMD_LIBS]) ++ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if systemd is supported]) ++ fi ++ fi ++ ;; ++esac ++]) ++ + dnl + dnl APACHE_EXPORT_ARGUMENTS + dnl Export (via APACHE_SUBST) the various path-related variables that +diff --git a/configure.in b/configure.in +index 19a5f88..f096de3 100644 +--- a/configure.in ++++ b/configure.in +@@ -509,6 +509,8 @@ if test "$ac_cv_struct_tm_gmtoff" = "yes"; then + AC_DEFINE(HAVE_GMTOFF, 1, [Define if struct tm has a tm_gmtoff field]) + fi + ++APACHE_CHECK_SYSTEMD ++ + dnl ## Set up any appropriate OS-specific environment variables for apachectl + + case $host in diff --git a/httpd-2.4.10-mod_systemd.patch b/httpd-2.4.10-mod_systemd.patch new file mode 100644 index 0000000..88d76ac --- /dev/null +++ b/httpd-2.4.10-mod_systemd.patch @@ -0,0 +1,172 @@ +diff --git a/modules/arch/unix/config5.m4 b/modules/arch/unix/config5.m4 +index 77027a8..7a13d5a 100644 +--- a/modules/arch/unix/config5.m4 ++++ b/modules/arch/unix/config5.m4 +@@ -18,6 +18,16 @@ APACHE_MODULE(privileges, Per-virtualhost Unix UserIDs and enhanced security for + fi + ]) + ++APACHE_MODULE(systemd, Systemd support, , , all, [ ++ if test "${ac_cv_header_systemd_sd_daemon_h}" = "no" || test -z "${SYSTEMD_LIBS}"; then ++ AC_MSG_WARN([Your system does not support systemd.]) ++ enable_systemd="no" ++ else ++ APR_ADDTO(MOD_SYSTEMD_LDADD, [$SYSTEMD_LIBS]) ++ enable_systemd="yes" ++ fi ++]) ++ + APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current]) + + APACHE_MODPATH_FINISH +diff --git a/modules/arch/unix/mod_systemd.c b/modules/arch/unix/mod_systemd.c +new file mode 100644 +index 0000000..5381c98 +--- /dev/null ++++ b/modules/arch/unix/mod_systemd.c +@@ -0,0 +1,145 @@ ++/* Licensed to the Apache Software Foundation (ASF) under one or more ++ * contributor license agreements. See the NOTICE file distributed with ++ * this work for additional information regarding copyright ownership. ++ * The ASF licenses this file to You under the Apache License, Version 2.0 ++ * (the "License"); you may not use this file except in compliance with ++ * the License. You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ * ++ */ ++ ++#include ++#include ++#include "ap_mpm.h" ++#include ++#include ++#include ++#include ++#include ++#include ++#include "unixd.h" ++#include "scoreboard.h" ++#include "mpm_common.h" ++ ++#include "systemd/sd-daemon.h" ++ ++#if APR_HAVE_UNISTD_H ++#include ++#endif ++ ++static int shutdown_timer = 0; ++static int shutdown_counter = 0; ++static unsigned long bytes_served; ++static pid_t mainpid; ++ ++static int systemd_pre_mpm(apr_pool_t *p, ap_scoreboard_e sb_type) ++{ ++ int rv; ++ ++ ap_extended_status = 1; ++ mainpid = getpid(); ++ ++ rv = sd_notifyf(0, "READY=1\n" ++ "STATUS=Processing requests...\n" ++ "MAINPID=%" APR_PID_T_FMT, mainpid); ++ if (rv < 0) { ++ ap_log_perror(APLOG_MARK, APLOG_ERR, 0, p, APLOGNO(02395) ++ "sd_notifyf returned an error %d", rv); ++ } ++ ++ return OK; ++} ++ ++static int systemd_monitor(apr_pool_t *p, server_rec *s) ++{ ++ ap_sload_t sload; ++ apr_interval_time_t up_time; ++ char bps[5]; ++ int rv; ++ ++ ap_get_sload(&sload); ++ /* up_time in seconds */ ++ up_time = (apr_uint32_t) apr_time_sec(apr_time_now() - ++ ap_scoreboard_image->global->restart_time); ++ ++ apr_strfsize((unsigned long)((float) (sload.bytes_served) ++ / (float) up_time), bps); ++ ++ rv = sd_notifyf(0, "READY=1\n" ++ "STATUS=Total requests: %lu; Idle/Busy workers %d/%d;" ++ "Requests/sec: %.3g; Bytes served/sec: %sB/sec\n", ++ sload.access_count, sload.idle, sload.busy, ++ ((float) sload.access_count) / (float) up_time, bps); ++ ++ if (rv < 0) { ++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02396) ++ "sd_notifyf returned an error %d", rv); ++ } ++ ++ /* Shutdown httpd when nothing is sent for shutdown_timer seconds. */ ++ if (sload.bytes_served == bytes_served) { ++ /* mpm_common.c: INTERVAL_OF_WRITABLE_PROBES is 10 */ ++ shutdown_counter += 10; ++ if (shutdown_timer > 0 && shutdown_counter >= shutdown_timer) { ++ rv = sd_notifyf(0, "READY=1\n" ++ "STATUS=Stopped as result of IdleShutdown " ++ "timeout."); ++ if (rv < 0) { ++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02804) ++ "sd_notifyf returned an error %d", rv); ++ } ++ kill(mainpid, AP_SIG_GRACEFUL); ++ } ++ } ++ else { ++ shutdown_counter = 0; ++ } ++ ++ bytes_served = sload.bytes_served; ++ ++ return DECLINED; ++} ++ ++static void systemd_register_hooks(apr_pool_t *p) ++{ ++ /* We know the PID in this hook ... */ ++ ap_hook_pre_mpm(systemd_pre_mpm, NULL, NULL, APR_HOOK_LAST); ++ /* Used to update httpd's status line using sd_notifyf */ ++ ap_hook_monitor(systemd_monitor, NULL, NULL, APR_HOOK_MIDDLE); ++} ++ ++static const char *set_shutdown_timer(cmd_parms *cmd, void *dummy, ++ const char *arg) ++{ ++ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); ++ if (err != NULL) { ++ return err; ++ } ++ ++ shutdown_timer = atoi(arg); ++ return NULL; ++} ++ ++static const command_rec systemd_cmds[] = ++{ ++AP_INIT_TAKE1("IdleShutdown", set_shutdown_timer, NULL, RSRC_CONF, ++ "Number of seconds in idle-state after which httpd is shutdown"), ++ {NULL} ++}; ++ ++AP_DECLARE_MODULE(systemd) = { ++ STANDARD20_MODULE_STUFF, ++ NULL, ++ NULL, ++ NULL, ++ NULL, ++ systemd_cmds, ++ systemd_register_hooks, ++}; diff --git a/httpd-2.4.10-sigint.patch b/httpd-2.4.10-sigint.patch new file mode 100644 index 0000000..7574a9c --- /dev/null +++ b/httpd-2.4.10-sigint.patch @@ -0,0 +1,45 @@ +From 20656c3b77cc548b59fea3bde5e2b7705d71c427 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jan=20Kalu=C5=BEa?= +Date: Mon, 18 Aug 2014 07:43:43 +0000 +Subject: [PATCH] prefork: Ignore SIGINT in child. This fixes race-condition in + signals handling when httpd is runnning on foreground and user hits ctrl+c. + In this case, SIGINT is sent to all children followed by SIGTERM from the + main process, which interrupts the SIGINT handler and leads to inconsistency + (process freezes or crashes). + +git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1618555 13f79535-47bb-0310-9956-ffa450edef68 +--- + server/mpm/prefork/prefork.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/server/mpm/prefork/prefork.c b/server/mpm/prefork/prefork.c +index 8790ec0..d6c038b 100644 +--- a/server/mpm/prefork/prefork.c ++++ b/server/mpm/prefork/prefork.c +@@ -222,6 +222,9 @@ static void clean_child_exit(int code) + { + mpm_state = AP_MPMQ_STOPPING; + ++ apr_signal(SIGHUP, SIG_IGN); ++ apr_signal(SIGTERM, SIG_IGN); ++ + if (pchild) { + apr_pool_destroy(pchild); + } +@@ -817,6 +820,13 @@ static int make_child(server_rec *s, int slot) + */ + apr_signal(SIGHUP, just_die); + apr_signal(SIGTERM, just_die); ++ /* Ignore SIGINT in child. This fixes race-condition in signals ++ * handling when httpd is runnning on foreground and user hits ctrl+c. ++ * In this case, SIGINT is sent to all children followed by SIGTERM ++ * from the main process, which interrupts the SIGINT handler and ++ * leads to inconsistency. ++ */ ++ apr_signal(SIGINT, SIG_IGN); + /* The child process just closes listeners on AP_SIG_GRACEFUL. + * The pod is used for signalling the graceful restart. + */ +-- +2.0.4 + diff --git a/httpd-2.4.3-mod_systemd.patch b/httpd-2.4.3-mod_systemd.patch deleted file mode 100644 index a9b1fd9..0000000 --- a/httpd-2.4.3-mod_systemd.patch +++ /dev/null @@ -1,163 +0,0 @@ ---- httpd-2.4.3/modules/arch/unix/config5.m4.systemd -+++ httpd-2.4.3/modules/arch/unix/config5.m4 -@@ -18,6 +18,19 @@ APACHE_MODULE(privileges, Per-virtualhos - fi - ]) - -+ -+APACHE_MODULE(systemd, Systemd support, , , $unixd_mods_enabled, [ -+ AC_CHECK_LIB(systemd-daemon, sd_notify, SYSTEMD_LIBS="-lsystemd-daemon") -+ AC_CHECK_HEADERS(systemd/sd-daemon.h, [ap_HAVE_SD_DAEMON_H="yes"], [ap_HAVE_SD_DAEMON_H="no"]) -+ if test $ap_HAVE_SD_DAEMON_H = "no" || test -z "${SYSTEMD_LIBS}"; then -+ AC_MSG_WARN([Your system does not support systemd.]) -+ enable_systemd="no" -+ else -+ APR_ADDTO(MOD_SYSTEMD_LDADD, [$SYSTEMD_LIBS]) -+ enable_systemd="yes" -+ fi -+]) -+ - APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current]) - - APACHE_MODPATH_FINISH ---- httpd-2.4.3/modules/arch/unix/mod_systemd.c.systemd -+++ httpd-2.4.3/modules/arch/unix/mod_systemd.c -@@ -0,0 +1,138 @@ -+/* Licensed to the Apache Software Foundation (ASF) under one or more -+ * contributor license agreements. See the NOTICE file distributed with -+ * this work for additional information regarding copyright ownership. -+ * The ASF licenses this file to You under the Apache License, Version 2.0 -+ * (the "License"); you may not use this file except in compliance with -+ * the License. You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ * -+ */ -+ -+#include -+#include -+#include "ap_mpm.h" -+#include -+#include -+#include -+#include -+#include -+#include "unixd.h" -+#include "scoreboard.h" -+#include "mpm_common.h" -+ -+#include "systemd/sd-daemon.h" -+ -+#if APR_HAVE_UNISTD_H -+#include -+#endif -+ -+#define KBYTE 1024 -+ -+static pid_t pid; /* PID of the main httpd instance */ -+static int server_limit, thread_limit, threads_per_child, max_servers; -+static time_t last_update_time; -+static unsigned long last_update_access; -+static unsigned long last_update_kbytes; -+ -+static int systemd_pre_mpm(apr_pool_t *p, ap_scoreboard_e sb_type) -+{ -+ int rv; -+ last_update_time = time(0); -+ -+ ap_mpm_query(AP_MPMQ_HARD_LIMIT_THREADS, &thread_limit); -+ ap_mpm_query(AP_MPMQ_HARD_LIMIT_DAEMONS, &server_limit); -+ ap_mpm_query(AP_MPMQ_MAX_THREADS, &threads_per_child); -+ /* work around buggy MPMs */ -+ if (threads_per_child == 0) -+ threads_per_child = 1; -+ ap_mpm_query(AP_MPMQ_MAX_DAEMONS, &max_servers); -+ -+ pid = getpid(); -+ -+ rv = sd_notifyf(0, "READY=1\n" -+ "STATUS=Processing requests...\n" -+ "MAINPID=%lu", -+ (unsigned long) pid); -+ if (rv < 0) { -+ ap_log_perror(APLOG_MARK, APLOG_ERR, 0, p, -+ "sd_notifyf returned an error %d", rv); -+ } -+ -+ return OK; -+} -+ -+static int systemd_monitor(apr_pool_t *p, server_rec *s) -+{ -+ int i, j, res, rv; -+ process_score *ps_record; -+ worker_score *ws_record; -+ unsigned long access = 0; -+ unsigned long bytes = 0; -+ unsigned long kbytes = 0; -+ char bps[5]; -+ time_t now = time(0); -+ time_t elapsed = now - last_update_time; -+ -+ for (i = 0; i < server_limit; ++i) { -+ ps_record = ap_get_scoreboard_process(i); -+ for (j = 0; j < thread_limit; ++j) { -+ ws_record = ap_get_scoreboard_worker_from_indexes(i, j); -+ if (ap_extended_status && !ps_record->quiescing && ps_record->pid) { -+ res = ws_record->status; -+ if (ws_record->access_count != 0 || -+ (res != SERVER_READY && res != SERVER_DEAD)) { -+ access += ws_record->access_count; -+ bytes += ws_record->bytes_served; -+ if (bytes >= KBYTE) { -+ kbytes += (bytes >> 10); -+ bytes = bytes & 0x3ff; -+ } -+ } -+ } -+ } -+ } -+ -+ apr_strfsize((unsigned long)(KBYTE *(float) (kbytes - last_update_kbytes) -+ / (float) elapsed), bps); -+ -+ rv = sd_notifyf(0, "READY=1\n" -+ "STATUS=Total requests: %lu; Current requests/sec: %.3g; " -+ "Current traffic: %sB/sec\n", access, -+ ((float)access - last_update_access) / (float) elapsed, bps); -+ if (rv < 0) { -+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(00000) -+ "sd_notifyf returned an error %d", rv); -+ } -+ -+ last_update_access = access; -+ last_update_kbytes = kbytes; -+ last_update_time = now; -+ -+ return DECLINED; -+} -+ -+static void systemd_register_hooks(apr_pool_t *p) -+{ -+ /* We know the PID in this hook ... */ -+ ap_hook_pre_mpm(systemd_pre_mpm, NULL, NULL, APR_HOOK_LAST); -+ /* Used to update httpd's status line using sd_notifyf */ -+ ap_hook_monitor(systemd_monitor, NULL, NULL, APR_HOOK_MIDDLE); -+} -+ -+module AP_MODULE_DECLARE_DATA systemd_module = -+{ -+ STANDARD20_MODULE_STUFF, -+ NULL, -+ NULL, -+ NULL, -+ NULL, -+ NULL, -+ systemd_register_hooks, -+}; diff --git a/httpd-2.4.9-socket-activation.patch b/httpd-2.4.9-socket-activation.patch index 87397f9..fa62573 100644 --- a/httpd-2.4.9-socket-activation.patch +++ b/httpd-2.4.9-socket-activation.patch @@ -1,40 +1,3 @@ -diff --git a/configure.in b/configure.in -index 19a5f88..a2cd821 100644 ---- a/configure.in -+++ b/configure.in -@@ -509,6 +509,19 @@ if test "$ac_cv_struct_tm_gmtoff" = "yes"; then - AC_DEFINE(HAVE_GMTOFF, 1, [Define if struct tm has a tm_gmtoff field]) - fi - -+dnl Check for systemd support for listen.c's socket activation. -+case $host in -+*-linux-*) -+ AC_CHECK_LIB(systemd-daemon, sd_notify, SYSTEMD_LIBS="-lsystemd-daemon") -+ AC_CHECK_HEADERS(systemd/sd-daemon.h) -+ if test "${ac_cv_header_systemd_sd_daemon_h}" = "no" || test -z "${SYSTEMD_LIBS}"; then -+ AC_MSG_WARN([Your system does not support systemd.]) -+ else -+ APR_ADDTO(LIBS, $SYSTEMD_LIBS) -+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if systemd is supported]) -+ fi -+esac -+ - dnl ## Set up any appropriate OS-specific environment variables for apachectl - - case $host in -diff --git a/modules/arch/unix/config5.m4 b/modules/arch/unix/config5.m4 -index 0b89435..a08550a 100644 ---- a/modules/arch/unix/config5.m4 -+++ b/modules/arch/unix/config5.m4 -@@ -22,7 +22,7 @@ APACHE_MODULE(privileges, Per-virtualhost Unix UserIDs and enhanced security for - APACHE_MODULE(systemd, Systemd support, , , $unixd_mods_enabled, [ - AC_CHECK_LIB(systemd-daemon, sd_notify, SYSTEMD_LIBS="-lsystemd-daemon") - AC_CHECK_HEADERS(systemd/sd-daemon.h, [ap_HAVE_SD_DAEMON_H="yes"], [ap_HAVE_SD_DAEMON_H="no"]) -- if test $ap_HAVE_SD_DAEMON_H = "no" || test -z "${SYSTEMD_LIBS}"; then -+ if test "${ac_cv_header_systemd_sd_daemon_h}" = "no" || test -z "${SYSTEMD_LIBS}"; then - AC_MSG_WARN([Your system does not support systemd.]) - enable_systemd="no" - else diff --git a/server/listen.c b/server/listen.c index 7950a10..428fa5e 100644 --- a/server/listen.c diff --git a/httpd.spec b/httpd.spec index 7d9ea42..984160a 100644 --- a/httpd.spec +++ b/httpd.spec @@ -14,7 +14,7 @@ Summary: Apache HTTP Server Name: httpd Version: 2.4.10 -Release: 6%{?dist} +Release: 7%{?dist} URL: http://httpd.apache.org/ Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source1: index.html @@ -55,13 +55,15 @@ Patch2: httpd-2.4.9-apxs.patch Patch3: httpd-2.4.1-deplibs.patch Patch5: httpd-2.4.3-layout.patch Patch6: httpd-2.4.3-apctl-systemd.patch +# Needed for socket activation and mod_systemd patch +Patch19: httpd-2.4.10-detect-systemd.patch # Features/functional changes Patch23: httpd-2.4.4-export.patch Patch24: httpd-2.4.1-corelimit.patch Patch25: httpd-2.4.1-selinux.patch Patch26: httpd-2.4.4-r1337344+.patch Patch27: httpd-2.4.2-icons.patch -Patch29: httpd-2.4.3-mod_systemd.patch +Patch29: httpd-2.4.10-mod_systemd.patch Patch30: httpd-2.4.4-cachehardmax.patch Patch31: httpd-2.4.6-sslmultiproxy.patch Patch34: httpd-2.4.9-socket-activation.patch @@ -69,6 +71,7 @@ Patch35: httpd-2.4.10-sslciphdefault.patch # Bug fixes Patch55: httpd-2.4.4-malformed-host.patch Patch56: httpd-2.4.4-mod_unique_id.patch +Patch57: httpd-2.4.10-sigint.patch License: ASL 2.0 Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root @@ -194,6 +197,8 @@ interface for storing and accessing per-user session data. %patch5 -p1 -b .layout %patch6 -p1 -b .apctlsystemd +%patch19 -p1 -b .detectsystemd + %patch23 -p1 -b .export %patch24 -p1 -b .corelimit %patch25 -p1 -b .selinux @@ -207,6 +212,7 @@ interface for storing and accessing per-user session data. %patch55 -p1 -b .malformedhost %patch56 -p1 -b .uniqueid +%patch57 -p1 -b .sigint # Patch in the vendor string sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h @@ -661,6 +667,11 @@ rm -rf $RPM_BUILD_ROOT %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Fri Aug 22 2014 Jan Kaluza - 2.4.10-7 +- mod_systemd: updated to the latest version +- use -lsystemd instead of -lsystemd-daemon (#1125084) +- fix possible crash in SIGINT handling (#958934) + * Thu Aug 21 2014 Joe Orton - 2.4.10-6 - mod_ssl: treat "SSLCipherSuite PROFILE=..." as special (#1109119) - switch default ssl.conf to use PROFILE=SYSTEM (#1109119)