| Message ID | 63ee158e-d202-3fe4-bf4c-ac7cba80accf@ipfire.org |
|---|---|
| State | Rejected |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4KLv031nkrz3wtb for <patchwork@web04.haj.ipfire.org>; Sun, 20 Mar 2022 10:20:35 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4KLv005yvDz35X; Sun, 20 Mar 2022 10:20:32 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4KLv005Szzz2yZk; Sun, 20 Mar 2022 10:20:32 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4KLtzy4y3Bz2yRl for <development@lists.ipfire.org>; Sun, 20 Mar 2022 10:20:30 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4KLtzx0s1tz1ly for <development@lists.ipfire.org>; Sun, 20 Mar 2022 10:20:28 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1647771629; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SaGsq/1dBp2tqO5yhE3DZ2X/86/WWk1I/Z1senPnkz4=; b=oEAfg8Uk3o51foKBzCkWbX8Mj53+dV23KwvqklQdeKjcI1WiI+XpLPkTDJc1iMmpEZ9fQm yAGmFF/+AZ1UW0Bg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1647771629; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SaGsq/1dBp2tqO5yhE3DZ2X/86/WWk1I/Z1senPnkz4=; b=gqJXqFoO5K7jOyhVRxiwGVGKOixVFcQWEVJfNvWHufnkMo1FgRpgKE5YmFwuYegYwbxgCB fPhQQjoQpexkXHdm3vy4IzgWB00O7x4cGctyRf4srsLeIV8WH4HVFVdeLAJQHLDGtkI1wy uzMMbpY4up7FDi/jL40e+GQQsXikRebVInXmDTrKK+QNcMUedXx30v2wAOOSJRu7l8GcZV UshgFOMtc1RerSsTOACfmxoTd5Fme34rzb4sbdkZyxarTmDrtiB1OTkyy8jH2eRFRMhyXX RvoFJgLw7/vrKIQ6fyJy/vh6vr0Y4Qq4mgB4f/wa3plPcc5uUK3GT3ptCBJqIw== Message-ID: <63ee158e-d202-3fe4-bf4c-ac7cba80accf@ipfire.org> Date: Sun, 20 Mar 2022 10:20:26 +0000 MIME-Version: 1.0 Content-Language: en-US To: "IPFire: Development" <development@lists.ipfire.org> From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@ipfire.org> Subject: [PATCH] Core Update 165: Restart Squid during the update Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
Core Update 165: Restart Squid during the update
|
|
Commit Message
Peter Müller
March 20, 2022, 10:20 a.m. UTC
Fixes: #12810
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
config/rootfiles/core/165/update.sh | 1 +
1 file changed, 1 insertion(+)
Comments
Why is this necessary? > On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: > > Fixes: #12810 > > Signed-off-by: Peter Müller <peter.mueller@ipfire.org> > --- > config/rootfiles/core/165/update.sh | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh > index ffb552c80..2c2e6a10c 100644 > --- a/config/rootfiles/core/165/update.sh > +++ b/config/rootfiles/core/165/update.sh > @@ -128,6 +128,7 @@ ldconfig > # Start services > telinit u > /etc/rc.d/init.d/firewall restart > +/etc/rc.d/init.d/squid restart > > # Fix ownership of classification file. > chown nobody:nobody /usr/share/suricata/classification.config > -- > 2.34.1
Hello Michael, thanks for your reply. This is necessary because (a) we ship a new version of Squid with Core Update 165 and (b) not restarting Squid afterwards caused the web proxy to stall on my testing machine. Thanks, and best regards, Peter Müller > Why is this necessary? > >> On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: >> >> Fixes: #12810 >> >> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >> --- >> config/rootfiles/core/165/update.sh | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh >> index ffb552c80..2c2e6a10c 100644 >> --- a/config/rootfiles/core/165/update.sh >> +++ b/config/rootfiles/core/165/update.sh >> @@ -128,6 +128,7 @@ ldconfig >> # Start services >> telinit u >> /etc/rc.d/init.d/firewall restart >> +/etc/rc.d/init.d/squid restart >> >> # Fix ownership of classification file. >> chown nobody:nobody /usr/share/suricata/classification.config >> -- >> 2.34.1 >
Hello, > On 20 Mar 2022, at 18:32, Peter Müller <peter.mueller@ipfire.org> wrote: > > Hello Michael, > > thanks for your reply. > > This is necessary because (a) we ship a new version of Squid with Core Update 165 > and No we don’t: https://git.ipfire.org/?p=ipfire-2.x.git;a=tree;f=config/rootfiles/core/165/filelists;h=e076d53f7689728aa68cddaf438de39f59a5f9ac;hb=HEAD Should we? > (b) not restarting Squid afterwards caused the web proxy to stall on my testing > machine. > > Thanks, and best regards, > Peter Müller > > >> Why is this necessary? >> >>> On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: >>> >>> Fixes: #12810 >>> >>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >>> --- >>> config/rootfiles/core/165/update.sh | 1 + >>> 1 file changed, 1 insertion(+) >>> >>> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh >>> index ffb552c80..2c2e6a10c 100644 >>> --- a/config/rootfiles/core/165/update.sh >>> +++ b/config/rootfiles/core/165/update.sh >>> @@ -128,6 +128,7 @@ ldconfig >>> # Start services >>> telinit u >>> /etc/rc.d/init.d/firewall restart >>> +/etc/rc.d/init.d/squid restart >>> >>> # Fix ownership of classification file. >>> chown nobody:nobody /usr/share/suricata/classification.config >>> -- >>> 2.34.1 >>
Hi Peter, On 20/03/2022 19:32, Peter Müller wrote: > Hello Michael, > > thanks for your reply. > > This is necessary because (a) we ship a new version of Squid with Core Update 165 > and (b) not restarting Squid afterwards caused the web proxy to stall on my testing > machine. Following is for info. On my vm testbed I have all items running on the Services table and after the CU to 165 they were all still running. I have never had a problem with the Web Proxy stopping running after any Core Update. However there have been threads where people have reported occasionally that there web proxy has stopped after a core update but usually a reboot resolved that. Some people have reported, and I think there is still a bug open on this, where the web proxy periodically stops working in normal operation and has to be restarted or IPFire has to be rebooted to restart it. Unfortunately those bug/thread originators have not usually provided logs or the logs provided have not shown any issue. Regards, Adolf. > Thanks, and best regards, > Peter Müller > > >> Why is this necessary? >> >>> On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: >>> >>> Fixes: #12810 >>> >>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >>> --- >>> config/rootfiles/core/165/update.sh | 1 + >>> 1 file changed, 1 insertion(+) >>> >>> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh >>> index ffb552c80..2c2e6a10c 100644 >>> --- a/config/rootfiles/core/165/update.sh >>> +++ b/config/rootfiles/core/165/update.sh >>> @@ -128,6 +128,7 @@ ldconfig >>> # Start services >>> telinit u >>> /etc/rc.d/init.d/firewall restart >>> +/etc/rc.d/init.d/squid restart >>> >>> # Fix ownership of classification file. >>> chown nobody:nobody /usr/share/suricata/classification.config >>> -- >>> 2.34.1
Hmm, okay. So when a service is being updated, it should be stopped before the update is applied and restarted after the update is done. We usually do that - unless it is forgotten, which happens occasionally. That should however not break anything. -Michael > On 21 Mar 2022, at 09:01, Adolf Belka <adolf.belka@ipfire.org> wrote: > > Hi Peter, > > On 20/03/2022 19:32, Peter Müller wrote: >> Hello Michael, >> >> thanks for your reply. >> >> This is necessary because (a) we ship a new version of Squid with Core Update 165 >> and (b) not restarting Squid afterwards caused the web proxy to stall on my testing >> machine. > Following is for info. > > On my vm testbed I have all items running on the Services table and after the CU to 165 they were all still running. > I have never had a problem with the Web Proxy stopping running after any Core Update. > > However there have been threads where people have reported occasionally that there web proxy has stopped after a core update but usually a reboot resolved that. > > Some people have reported, and I think there is still a bug open on this, where the web proxy periodically stops working in normal operation and has to be restarted or IPFire has to be rebooted to restart it. Unfortunately those bug/thread originators have not usually provided logs or the logs provided have not shown any issue. > > Regards, > Adolf. >> Thanks, and best regards, >> Peter Müller >> >> >>> Why is this necessary? >>> >>>> On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: >>>> >>>> Fixes: #12810 >>>> >>>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >>>> --- >>>> config/rootfiles/core/165/update.sh | 1 + >>>> 1 file changed, 1 insertion(+) >>>> >>>> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh >>>> index ffb552c80..2c2e6a10c 100644 >>>> --- a/config/rootfiles/core/165/update.sh >>>> +++ b/config/rootfiles/core/165/update.sh >>>> @@ -128,6 +128,7 @@ ldconfig >>>> # Start services >>>> telinit u >>>> /etc/rc.d/init.d/firewall restart >>>> +/etc/rc.d/init.d/squid restart >>>> >>>> # Fix ownership of classification file. >>>> chown nobody:nobody /usr/share/suricata/classification.config >>>> -- >>>> 2.34.1 > > -- > Sent from my laptop
Hello Adolf, hello Michael, thanks for your replies. Indeed, Core Update 165 does not contain a new version of Squid, and indeed, there is bug #12623 for an issue where the proxy is not being started properly during boot. I was unfortunately never able to reproduce this, or understand from the scanty logs supplied what went wrong here. :-/ So, whatever went wrong on my testing machine with Squid and Core Update 165, let's drop this patch - people are urged to reboot their IPFire installations as soon as possible anyways. Thanks, and best regards, Peter Müller > Hmm, okay. > > So when a service is being updated, it should be stopped before the update is applied and restarted after the update is done. > > We usually do that - unless it is forgotten, which happens occasionally. That should however not break anything. > > -Michael > >> On 21 Mar 2022, at 09:01, Adolf Belka <adolf.belka@ipfire.org> wrote: >> >> Hi Peter, >> >> On 20/03/2022 19:32, Peter Müller wrote: >>> Hello Michael, >>> >>> thanks for your reply. >>> >>> This is necessary because (a) we ship a new version of Squid with Core Update 165 >>> and (b) not restarting Squid afterwards caused the web proxy to stall on my testing >>> machine. >> Following is for info. >> >> On my vm testbed I have all items running on the Services table and after the CU to 165 they were all still running. >> I have never had a problem with the Web Proxy stopping running after any Core Update. >> >> However there have been threads where people have reported occasionally that there web proxy has stopped after a core update but usually a reboot resolved that. >> >> Some people have reported, and I think there is still a bug open on this, where the web proxy periodically stops working in normal operation and has to be restarted or IPFire has to be rebooted to restart it. Unfortunately those bug/thread originators have not usually provided logs or the logs provided have not shown any issue. >> >> Regards, >> Adolf. >>> Thanks, and best regards, >>> Peter Müller >>> >>> >>>> Why is this necessary? >>>> >>>>> On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: >>>>> >>>>> Fixes: #12810 >>>>> >>>>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >>>>> --- >>>>> config/rootfiles/core/165/update.sh | 1 + >>>>> 1 file changed, 1 insertion(+) >>>>> >>>>> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh >>>>> index ffb552c80..2c2e6a10c 100644 >>>>> --- a/config/rootfiles/core/165/update.sh >>>>> +++ b/config/rootfiles/core/165/update.sh >>>>> @@ -128,6 +128,7 @@ ldconfig >>>>> # Start services >>>>> telinit u >>>>> /etc/rc.d/init.d/firewall restart >>>>> +/etc/rc.d/init.d/squid restart >>>>> >>>>> # Fix ownership of classification file. >>>>> chown nobody:nobody /usr/share/suricata/classification.config >>>>> -- >>>>> 2.34.1 >> >> -- >> Sent from my laptop >
Hello, > On 23 Mar 2022, at 09:34, Peter Müller <peter.mueller@ipfire.org> wrote: > > Hello Adolf, > hello Michael, > > thanks for your replies. > > Indeed, Core Update 165 does not contain a new version of Squid, and indeed, there > is bug #12623 for an issue where the proxy is not being started properly during boot. > I was unfortunately never able to reproduce this, or understand from the scanty logs > supplied what went wrong here. :-/ Arne confirmed to me yesterday that he has seen the proxy not coming up properly on a test system. Maybe he can help finding this? > So, whatever went wrong on my testing machine with Squid and Core Update 165, let's > drop this patch - people are urged to reboot their IPFire installations as soon as > possible anyways. > > Thanks, and best regards, > Peter Müller > > >> Hmm, okay. >> >> So when a service is being updated, it should be stopped before the update is applied and restarted after the update is done. >> >> We usually do that - unless it is forgotten, which happens occasionally. That should however not break anything. >> >> -Michael >> >>> On 21 Mar 2022, at 09:01, Adolf Belka <adolf.belka@ipfire.org> wrote: >>> >>> Hi Peter, >>> >>> On 20/03/2022 19:32, Peter Müller wrote: >>>> Hello Michael, >>>> >>>> thanks for your reply. >>>> >>>> This is necessary because (a) we ship a new version of Squid with Core Update 165 >>>> and (b) not restarting Squid afterwards caused the web proxy to stall on my testing >>>> machine. >>> Following is for info. >>> >>> On my vm testbed I have all items running on the Services table and after the CU to 165 they were all still running. >>> I have never had a problem with the Web Proxy stopping running after any Core Update. >>> >>> However there have been threads where people have reported occasionally that there web proxy has stopped after a core update but usually a reboot resolved that. >>> >>> Some people have reported, and I think there is still a bug open on this, where the web proxy periodically stops working in normal operation and has to be restarted or IPFire has to be rebooted to restart it. Unfortunately those bug/thread originators have not usually provided logs or the logs provided have not shown any issue. >>> >>> Regards, >>> Adolf. >>>> Thanks, and best regards, >>>> Peter Müller >>>> >>>> >>>>> Why is this necessary? >>>>> >>>>>> On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: >>>>>> >>>>>> Fixes: #12810 >>>>>> >>>>>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >>>>>> --- >>>>>> config/rootfiles/core/165/update.sh | 1 + >>>>>> 1 file changed, 1 insertion(+) >>>>>> >>>>>> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh >>>>>> index ffb552c80..2c2e6a10c 100644 >>>>>> --- a/config/rootfiles/core/165/update.sh >>>>>> +++ b/config/rootfiles/core/165/update.sh >>>>>> @@ -128,6 +128,7 @@ ldconfig >>>>>> # Start services >>>>>> telinit u >>>>>> /etc/rc.d/init.d/firewall restart >>>>>> +/etc/rc.d/init.d/squid restart >>>>>> >>>>>> # Fix ownership of classification file. >>>>>> chown nobody:nobody /usr/share/suricata/classification.config >>>>>> -- >>>>>> 2.34.1 >>> >>> -- >>> Sent from my laptop >>
Hello Michael, hello Arne, > Hello, > >> On 23 Mar 2022, at 09:34, Peter Müller <peter.mueller@ipfire.org> wrote: >> >> Hello Adolf, >> hello Michael, >> >> thanks for your replies. >> >> Indeed, Core Update 165 does not contain a new version of Squid, and indeed, there >> is bug #12623 for an issue where the proxy is not being started properly during boot. >> I was unfortunately never able to reproduce this, or understand from the scanty logs >> supplied what went wrong here. :-/ > > Arne confirmed to me yesterday that he has seen the proxy not coming up properly on a test system. Maybe he can help finding this? that would be great. On roughly a dozen of IPFire installations, all using the web proxy, I was never able to spot this. Therefore, I would be most interested in Arne's findings. Thanks, and best regards, Peter Müller > >> So, whatever went wrong on my testing machine with Squid and Core Update 165, let's >> drop this patch - people are urged to reboot their IPFire installations as soon as >> possible anyways. >> >> Thanks, and best regards, >> Peter Müller >> >> >>> Hmm, okay. >>> >>> So when a service is being updated, it should be stopped before the update is applied and restarted after the update is done. >>> >>> We usually do that - unless it is forgotten, which happens occasionally. That should however not break anything. >>> >>> -Michael >>> >>>> On 21 Mar 2022, at 09:01, Adolf Belka <adolf.belka@ipfire.org> wrote: >>>> >>>> Hi Peter, >>>> >>>> On 20/03/2022 19:32, Peter Müller wrote: >>>>> Hello Michael, >>>>> >>>>> thanks for your reply. >>>>> >>>>> This is necessary because (a) we ship a new version of Squid with Core Update 165 >>>>> and (b) not restarting Squid afterwards caused the web proxy to stall on my testing >>>>> machine. >>>> Following is for info. >>>> >>>> On my vm testbed I have all items running on the Services table and after the CU to 165 they were all still running. >>>> I have never had a problem with the Web Proxy stopping running after any Core Update. >>>> >>>> However there have been threads where people have reported occasionally that there web proxy has stopped after a core update but usually a reboot resolved that. >>>> >>>> Some people have reported, and I think there is still a bug open on this, where the web proxy periodically stops working in normal operation and has to be restarted or IPFire has to be rebooted to restart it. Unfortunately those bug/thread originators have not usually provided logs or the logs provided have not shown any issue. >>>> >>>> Regards, >>>> Adolf. >>>>> Thanks, and best regards, >>>>> Peter Müller >>>>> >>>>> >>>>>> Why is this necessary? >>>>>> >>>>>>> On 20 Mar 2022, at 10:20, Peter Müller <peter.mueller@ipfire.org> wrote: >>>>>>> >>>>>>> Fixes: #12810 >>>>>>> >>>>>>> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> >>>>>>> --- >>>>>>> config/rootfiles/core/165/update.sh | 1 + >>>>>>> 1 file changed, 1 insertion(+) >>>>>>> >>>>>>> diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh >>>>>>> index ffb552c80..2c2e6a10c 100644 >>>>>>> --- a/config/rootfiles/core/165/update.sh >>>>>>> +++ b/config/rootfiles/core/165/update.sh >>>>>>> @@ -128,6 +128,7 @@ ldconfig >>>>>>> # Start services >>>>>>> telinit u >>>>>>> /etc/rc.d/init.d/firewall restart >>>>>>> +/etc/rc.d/init.d/squid restart >>>>>>> >>>>>>> # Fix ownership of classification file. >>>>>>> chown nobody:nobody /usr/share/suricata/classification.config >>>>>>> -- >>>>>>> 2.34.1 >>>> >>>> -- >>>> Sent from my laptop >>> >
diff --git a/config/rootfiles/core/165/update.sh b/config/rootfiles/core/165/update.sh index ffb552c80..2c2e6a10c 100644 --- a/config/rootfiles/core/165/update.sh +++ b/config/rootfiles/core/165/update.sh @@ -128,6 +128,7 @@ ldconfig # Start services telinit u /etc/rc.d/init.d/firewall restart +/etc/rc.d/init.d/squid restart # Fix ownership of classification file. chown nobody:nobody /usr/share/suricata/classification.config