FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 05-30-2012, 09:57 PM
Nataraj
 
Default need assist with upstart config problem

On 05/30/2012 02:00 PM, James B. Byrne wrote:
> I am trying, without success, to create an upstart config file to
> automatically start and restart an ssh proxy. The command sting that
> I use in the script has been checked and verified from the shell but
> it fails in the upstart file.
>
> The file contents are:
>
> . . .
> # proxy is used to authenticate smtp submissions
> # so start it before the postfix service starts
> start on starting postfix
>
> # Take down proxy after postfix stops
> stop on stopped postfix
>
> # tell upstart that this script creates a daemon
> # and have upstart manage PID creation
> # but it is generally a bad idea to use this with a
> # script / end script block, use exec() instead
> # no fork in ssh
> #expect fork
>
> # restart automatically if connection fails
> respawn
>
> # for script debugging with strace
> # but not available in 0.6.3 of course
> #debug
> # use strace -p <pid> -o /tmp/upstart_debug.log -Ff -s 1024 -v
>
>
> # Setup script configuration variables:
>
> # localhost means we do not expose proxy to internet
> env LOCAL_HOST=localhost
>
> # port 143 is default IMAP service port for plain text connections
> env LOCAL_PORT=143
>
> # ports less than 1024 require root privileges to establish
> # this must be a passwordless login using PKI certificates
> # requires one time setup of local root user ssh key and cert
> # and adding this host's root user cert to authorized_keys of
> # login host's root user.
> env LOGIN_USER=root
>
> # login PKI credentials for LOGIN_USER
> env LOGIN_IDENT=/root/.ssh/id_rsa
>
> # login host, may be different than remote host for port forwarding
> # must resolve to an address that sshd login server listens on
> env LOGIN_HOST=inet07.hamilton.harte-lyne.ca
>
> # the remote host destination for port forwarding
> env REMOTE_HOST=inet07.hamilton.harte-lyne.ca
>
> # port that remote service listens on
> env REMOTE_PORT=143
>
> # Locate ssh binary
> env SSH_BINARY=/usr/bin/ssh
>
> # SSH options used:
>
> ### -D : "dynamic" app-level port forwarding - not used. ###
>
> # -f : run in background without a terminal implies -n
>
> # -i : identity file for pki login credentials
>
> # -l : login user name
>
> # -L local_host:local_port:remote_host:remote_port
> # : Establishes proxy connection from local port
> # port on the remote host.
>
> # -n : stdin from /dev/null, must be used when ssh is run in bg.
>
> # -N : Do not run a command on the remote host. Otherwise an
> # error results because we are not initiating a session.
>
> # -o ExitOnForwardFailure=yes : Wait until connection successfully
> # completes before daemonizing
>
> # -o ServerAliveInterval=15 : Keep connection alive every 15 seconds
>
> # -q : Run quietly, do not produce local output.
>
> # -T : disable pseudo-tty allocation
>
> # SSH options used
> env SSH_OPTIONS=" -o ExitOnForwardFailure=yes "
> env SSH_OPTIONS=${SSH_OPTIONS}" -o ServerAliveInterval=15 "
>
> # SSH switches used:
> env SSH_SWITCHES=" -fNqT "
>
> exec ${SSH_BINARY} ${SSH_OPTIONS} ${SSH_SWITCHES} -l ${LOGIN_USER} -i
> ${LOGIN_IDENT} -L
> ${LOCAL_HOST}:${LOCAL_PORT}:${REMOTE_HOST}:${REMOT E_PORT}
> ${LOGIN_HOST}
>
> # EOF
>
> The exec is all one line.
>
> I have tried removing -f from the switches but this makes no
> difference. Whenever I start this job it immediately fails with the
> following in the syslog:
>
> . . .
> May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process ended,
> respawning
> May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process (3393)
> terminated with status 255
> May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process ended,
> respawning
> May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process (3397)
> terminated with status 255
> May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy respawning too fast,
> stopped
>
> Is what I am doing wrong obvious to anyone?
>
>

The '-f option' tells SSH to run in the background, but normally upstart
expects to wait for the process. Maybe you want '-n' instead of '-f'.
Alternatively, if you run a program in the background you could specify
'task' in the config file to tell upstart not to wait for the process
(you couldn't use respawn with that because then the process is not
managed by upstart anymore).

Nataraj

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 05-31-2012, 07:33 PM
"James B. Byrne"
 
Default need assist with upstart config problem

On Wed May 30 17:57:49 EDT 2012, Nataraj wrote:
> On Wed, May 30, 2012 17:00, James B. Byrne wrote:
>> I am trying, without success, to create an upstart config file to
>> automatically start and restart an ssh proxy. The command sting that
>> I use in the script has been checked and verified from the shell but
>> it fails in the upstart file.
>>
> The '-f option' tells SSH to run in the background, but normally
> upstart expects to wait for the process. Maybe you want '-n'
> instead of '-f'. Alternatively, if you run a program in the
> background you could specify 'task' in the config file to tell
> upstart not to wait for the process (you couldn't use respawn
> with that because then the process is not managed by upstart
> anymore).

The problem in my script appears to be this:

# SSH switches used:
env SSH_SWITCHES=""
env SSH_SWITCHES=${SSH_SWITCHES}" -nNqT -vvv "

Upon further investigation I discovered that the env stanza does not
expand previously defined variables. My attempt at concatenating
values results in the key name being used instead of its value.
In other words: '${SSH_SWITCHES} -nNqT -vvv' is what results and not
simply '-nNqT -vvv' as one might expect. Exporting the value between
env stanzas does not change this behaviour.

Eliminating the concatenation attempts resolved the issue.


--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 10:11 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org