rework htcacheclean integration

* split into separate init script * activate/deactivate with a2enmod/a2dismo cache_disk * don't run as root * add test
author: Stefan Fritsch <sf@sfritsch.de> 2016-03-28 21:03:50 +0200
committer: Stefan Fritsch <sf@sfritsch.de> 2016-03-28 21:50:10 +0200
commit: c77bac3538cca116d4d31d0f085f7bf00e4f3705 (patch)
tree: ad3ccdde49a36c3eb30ff2364cd3864342f7f06d
parent: 0ac69aece54211e2b16faeed9a8e12854740a477 (diff)
download: apache2-c77bac3538cca116d4d31d0f085f7bf00e4f3705.tar.gz
13 files changed, 257 insertions, 102 deletions
diff --git a/debian/a2enmod b/debian/a2enmod
index 75941299..196b22d3 100755
--- a/debian/a2enmod
+++ b/debian/a2enmod
@@ -11,6 +11,8 @@ use File::Spec;
 use File::Basename;
 use File::Path;
 use Getopt::Long;
+use feature ':5.16';
+no warnings "experimental::smartmatch";
 
 my $quiet;
 my $force;
@@ -80,6 +82,8 @@ my $choicedir = $act eq 'enable' ? $availdir : $enabldir;
 my $linkdir = File::Spec->abs2rel( $availdir, $enabldir );
 
 my $request_reload = 0;
+my $request_htcacheclean;
+my $htc = "apache-htcacheclean$dir_suffix";
 
 my $rc = 0;
 
@@ -109,8 +113,14 @@ foreach my $acton (@objs) {
     doit($acton) or $rc = 1;
 }
 
-info(
-    "To activate the new configuration, you need to run:\n  service apache2 $reload\n"
+my $htcstart = "";
+if ($request_htcacheclean) {
+    my $cmd = ($act eq "enable") ? "start" : "stop";
+    $htcstart = "  service $htc $cmd\n";
+}
+info(  "To activate the new configuration, you need to run:\n"
+     . "  service apache2$dir_suffix $reload\n"
+     . $htcstart
 ) if $request_reload;
 
 exit($rc);
@@ -261,11 +271,7 @@ sub doit {
             }
 
             print "Enabling $obj $acton.\n";
-            if ( $acton eq 'ssl' ) {
-                info(     "See /usr/share/doc/apache2/README.Debian.gz on "
-                        . "how to configure SSL and create self-signed certificates.\n"
-                );
-            }
+            special_module_handling($acton);
             return add_link( $tgt, $link )
                 && switch_marker( $obj, $act, $acton );
         }
@@ -276,6 +282,7 @@ sub doit {
     }
     else {
         if ( -e $link || -l $link ) {
+            special_module_handling($acton);
             if ($obj eq 'module' && grep {$_ eq $acton} @essential_module_list) {
                   $force || essential_module_handling($acton);
             }
@@ -547,4 +554,41 @@ sub essential_module_handling {
         exit(1)
     }
 }
+
+sub special_module_handling {
+    my $acton = shift;
+
+    if ($obj ne 'module') {
+        return;
+    }
+
+    given ($acton) {
+        when ('ssl') {
+            if ( $act eq 'enable' ) {
+                info(  "See /usr/share/doc/apache2/README.Debian.gz on "
+                     . "how to configure SSL and create self-signed "
+                     . "certificates.\n"
+                );
+            }
+        }
+        when ('cache_disk') {
+            $request_htcacheclean = 1;
+            my $verb = "\u$act";
+            $verb =~ s/e$/ing/;
+            info("$verb external service $htc\n");
+            # The init script has no Default-Start runlevels, so we need to
+            # specify them explicitly.
+            system("update-rc.d $htc $act 2 3 4 5");
+            if ($rc == 0) {
+                info("The service will be started on next reboot.\n")
+                    if $act eq 'enable';
+            }
+            else {
+                warning("update-rc.d failed\n");
+            }
+
+        }
+    }
+}
+
 # vim: syntax=perl sw=4 sts=4 sr et
diff --git a/debian/apache2.default b/debian/apache2.apache-htcacheclean.default
index 020f0796..73637fcd 100644
--- a/debian/apache2.default
+++ b/debian/apache2.apache-htcacheclean.default
@@ -1,16 +1,12 @@
-### htcacheclean settings ###
-
-## run htcacheclean: yes, no, auto
-## auto means run if /etc/apache2/mods-enabled/cache_disk.load exists
-## default: auto
-HTCACHECLEAN_RUN=auto
+# This file must only contain KEY=VALUE lines. Do not use advanced
+# shell script constructs!
 
 ## run mode: cron, daemon
 ## run in daemon mode or as daily cron job
 ## default: daemon
 HTCACHECLEAN_MODE=daemon
 
-## cache size 
+## cache size
 HTCACHECLEAN_SIZE=300M
 
 ## interval: if in daemon mode, clean cache every x minutes
@@ -18,7 +14,7 @@ HTCACHECLEAN_DAEMON_INTERVAL=120
 
 ## path to cache
 ## must be the same as in CacheRoot directive
-HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk
+#HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk
 
 ## additional options:
 ## -n : be nice
diff --git a/debian/apache2.apache-htcacheclean.init b/debian/apache2.apache-htcacheclean.init
new file mode 100755
index 00000000..cbe8828e
--- /dev/null
+++ b/debian/apache2.apache-htcacheclean.init
@@ -0,0 +1,64 @@
+#!/bin/sh
+# kFreeBSD do not accept scripts as interpreters, using #!/bin/sh and sourcing.
+if [ true != "$INIT_D_SCRIPT_SOURCED" ] ; then
+    set "$0" "$@"; INIT_D_SCRIPT_SOURCED=true . /lib/init/init-d-script
+fi
+### BEGIN INIT INFO
+# Provides:          apache-htcacheclean
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Start:
+# Default-Stop:      0 1 2 3 4 5 6
+# Short-Description: Cache cleaner process for Apache2 web server
+# Description:       Start the htcacheclean helper
+#  This script will start htcacheclean which will periodically scan the
+#  cache directory of Apache2's mod_cache_disk and remove outdated files.
+### END INIT INFO
+
+DESC="Apache htcacheclean"
+DAEMON=/usr/bin/htcacheclean
+
+NAME="${0##*/}"
+NAME="${NAME##[KS][0-9][0-9]}"
+DIR_SUFFIX="${NAME##apache-htcacheclean}"
+APACHE_CONFDIR="${APACHE_CONFDIR:=/etc/apache2$DIR_SUFFIX}"
+RUN_USER=$(. $APACHE_CONFDIR/envvars > /dev/null && echo "$APACHE_RUN_USER")
+
+# Default values. Edit /etc/default/apache-htcacheclean to change these
+HTCACHECLEAN_SIZE="${HTCACHECLEAN_SIZE:=300M}"
+HTCACHECLEAN_DAEMON_INTERVAL="${HTCACHECLEAN_DAEMON_INTERVAL:=120}"
+HTCACHECLEAN_PATH="${HTCACHECLEAN_PATH:=/var/cache/apache2$DIR_SUFFIX/mod_cache_disk}"
+HTCACHECLEAN_OPTIONS="${HTCACHECLEAN_OPTIONS:=-n}"
+
+PIDDIR="/var/run/apache2/$RUN_USER"
+PIDFILE="$PIDDIR/$NAME.pid"
+DAEMON_ARGS="$HTCACHECLEAN_OPTIONS \
+    -d$HTCACHECLEAN_DAEMON_INTERVAL \
+    -P$PIDFILE -i \
+    -p$HTCACHECLEAN_PATH \
+    -l$HTCACHECLEAN_SIZE"
+
+do_start_prepare () {
+	if [ ! -d "$PIDDIR" ] ; then
+		mkdir -p "$PIDDIR"
+		chown "$RUN_USER:" "$PIDDIR"
+	fi
+	if [ ! -d "$HTCACHECLEAN_PATH" ] ; then
+		echo "Directory $HTCACHECLEAN_PATH does not exist!" >&2
+		exit 2
+	fi
+}
+
+do_start_cmd_override () {
+	start-stop-daemon --start --quiet --pidfile ${PIDFILE} \
+	    -u $RUN_USER --startas $DAEMON --name htcacheclean --test > /dev/null \
+	    || return 1
+	start-stop-daemon --start --quiet --pidfile ${PIDFILE} \
+	    -c $RUN_USER --startas $DAEMON --name htcacheclean -- $DAEMON_ARGS \
+	    || return 2
+}
+
+do_stop_cmd_override () {
+	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
+	    -u $RUN_USER --pidfile ${PIDFILE} --name htcacheclean
+}
diff --git a/debian/apache2.cron.daily b/debian/apache2.cron.daily
index d5f9cbc9..6461f079 100644
--- a/debian/apache2.cron.daily
+++ b/debian/apache2.cron.daily
@@ -1,30 +1,25 @@
 #!/bin/sh
 
-# run htcacheclean
+# run htcacheclean if set to 'cron' mode
 
 set -e
 set -u
 
 type htcacheclean > /dev/null 2>&1 || exit 0
-[ -e /etc/default/apache2 ]   || exit 0
+[ -e /etc/default/apache-htcacheclean ] || exit 0
 
 
-# edit /etc/default/apache2 to change this
+# edit /etc/default/apache-htcacheclean to change this
 HTCACHECLEAN_MODE=daemon
 HTCACHECLEAN_RUN=auto
 HTCACHECLEAN_SIZE=300M
 HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk
 HTCACHECLEAN_OPTIONS=""
 
-. /etc/default/apache2
+. /etc/default/apache-htcacheclean
 
 [ "$HTCACHECLEAN_MODE" = "cron" ] || exit 0
 
-[ "$HTCACHECLEAN_RUN" = "yes"	] || 
-( [ "$HTCACHECLEAN_RUN" = "auto" ] && \
-  [ -e /etc/apache2/mods-enabled/cache_disk.load ] )  || exit 0
-
 htcacheclean ${HTCACHECLEAN_OPTIONS}	\
 		-p${HTCACHECLEAN_PATH}	\
 		-l${HTCACHECLEAN_SIZE}
-
diff --git a/debian/apache2.init b/debian/apache2.init
index 1e25bf01..8b6a876b 100755
--- a/debian/apache2.init
+++ b/debian/apache2.init
@@ -7,13 +7,11 @@
 # Default-Stop:      0 1 6
 # X-Interactive:     true
 # Short-Description: Apache2 web server
-# Description:       Start the web server and associated helpers
-#  This script will start apache2, and possibly all associated instances.
-#  Moreover, it will set-up temporary directories and helper tools such as
-#  htcacheclean when required by the configuration.
+# Description:       Start the web server
+#  This script will start the apache2 web server.
 ### END INIT INFO
 
-DESC="web server"
+DESC="Apache httpd web server"
 NAME=apache2
 DAEMON=/usr/sbin/$NAME
 
@@ -45,22 +43,6 @@ if [ "$APACHE_ENVVARS" != "$APACHE_CONFDIR/envvars" ] ; then
 	ENV="$ENV APACHE_ENVVARS=$APACHE_ENVVARS"
 fi
 
-
-#edit /etc/default/apache2 to change this.
-HTCACHECLEAN_RUN=auto
-HTCACHECLEAN_MODE=daemon
-HTCACHECLEAN_SIZE=300M
-HTCACHECLEAN_DAEMON_INTERVAL=120
-HTCACHECLEAN_PATH=/var/cache/apache2$DIR_SUFFIX/mod_cache_disk
-HTCACHECLEAN_OPTIONS=""
-
-# Read configuration variable file if it is present
-if [ -f /etc/default/apache2$DIR_SUFFIX ] ; then
-	. /etc/default/apache2$DIR_SUFFIX
-elif [ -f /etc/default/apache2 ] ; then
-	. /etc/default/apache2
-fi
-
 PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE)
 
 VERBOSE=no
@@ -72,7 +54,6 @@ fi
 
 # Now, set defaults:
 APACHE2CTL="$ENV apache2ctl"
-HTCACHECLEAN="$ENV htcacheclean"
 PIDFILE=$(. $APACHE_ENVVARS && echo $APACHE_PID_FILE)
 APACHE2_INIT_MESSAGE=""
 
@@ -260,27 +241,6 @@ do_reload() {
 }
 
 
-check_htcacheclean() {
-	[ "$HTCACHECLEAN_MODE" = "daemon" ] || return 1
-	[ "$HTCACHECLEAN_RUN"  = "yes"    ] && return 0
-
-	MODSDIR=$(. $APACHE_ENVVARS && echo $APACHE_MODS_ENABLED)
-	        [ "$HTCACHECLEAN_RUN"  = "auto" \
-	                -a -e ${MODSDIR:-$APACHE_CONFDIR/mods-enabled}/cache_disk.load ] && \
-	                return 0
-	return 1
-}
-
-start_htcacheclean() {
-       $HTCACHECLEAN $HTCACHECLEAN_OPTIONS -d$HTCACHECLEAN_DAEMON_INTERVAL \
-	        -i -p$HTCACHECLEAN_PATH -l$HTCACHECLEAN_SIZE
-}
-
-stop_htcacheclean() {
-	pkill -P 1 -f "htcacheclean.* -p$HTCACHECLEAN_PATH " 2> /dev/null || return 1
-}
-
-
 # Sanity checks. They need to occur after function declarations
 [ -x $DAEMON ] || exit 0
 
@@ -294,14 +254,6 @@ if [ -z "$PIDFILE" ] ; then
 	exit 2
 fi
 
-if check_htcacheclean ; then
-	if [ ! -d "$HTCACHECLEAN_PATH" ] ; then
-	        echo "htcacheclean is configured, but directory $HTCACHECLEAN_PATH does not exist!" >&2
-	        exit 2
-	fi
-fi
-
-
 
 case "$1" in
   start)
@@ -312,11 +264,6 @@ case "$1" in
 		0|1)
 			log_success_msg
 			[ "$VERBOSE" != no ] && [ $RET_STATUS = 1 ] && log_warning_msg "Server was already running"
-			if check_htcacheclean ; then
-				[ "$VERBOSE" != no ] && log_daemon_msg "Starting HTTP cache cleaning daemon" "htcacheclean"
-				start_htcacheclean
-				[ "$VERBOSE" != no ] && log_end_msg $?
-			fi
 	        ;;
 		2)
 			log_failure_msg
@@ -342,12 +289,6 @@ case "$1" in
 	esac
 	print_error_msg
 
-	if check_htcacheclean ; then
-		[ "$VERBOSE" != no ] && log_daemon_msg "Stopping HTTP cache cleaning daemon" "htcacheclean"
-		stop_htcacheclean
-		[ "$VERBOSE" != no ] && log_end_msg $?
-	fi
-
 	;;
   status)
 	status_of_proc -p $PIDFILE "apache2" "$NAME"
@@ -395,20 +336,11 @@ case "$1" in
 			;;
 	esac
 	;;
-  start-htcacheclean)
-	log_daemon_msg "Starting htcacheclean"
-	start_htcacheclean
-	log_end_msg $?
-	exit $?
-	;;
-  stop-htcacheclean)
-	log_daemon_msg "Stopping htcacheclean"
-	stop_htcacheclean
-	log_end_msg $?
-	exit $?
+  start-htcacheclean|stop-htcacheclean)
+	echo "Use 'service apache-htcacheclean' instead"
 	;;
   *)
-	echo "Usage: $SCRIPTNAME {start|stop|graceful-stop|restart|reload|force-reload|start-htcacheclean|stop-htcacheclean}" >&2
+	echo "Usage: $SCRIPTNAME {start|stop|graceful-stop|restart|reload|force-reload}" >&2
 	exit 3
 	;;
 esac
diff --git a/debian/apache2.maintscript b/debian/apache2.maintscript
index 1dd22c48..b8781315 100644
--- a/debian/apache2.maintscript
+++ b/debian/apache2.maintscript
@@ -1 +1,2 @@
 rm_conffile /etc/bash_completion.d/apache2 2.4.12-3~
+mv_conffile /etc/default/apache2 /etc/default/apache-htcacheclean 2.4.18-2~
diff --git a/debian/apache2.postinst b/debian/apache2.postinst
index 95884aa2..0b6ed2ed 100644
--- a/debian/apache2.postinst
+++ b/debian/apache2.postinst
@@ -111,6 +111,41 @@ refresh_modules()
 	fi
 }
 
+start_htcacheclean ()
+{
+	local action
+	if [ -x "/etc/init.d/apache-htcacheclean" ]; then
+		if [ -n "$2" ]; then
+			action=restart
+		else
+			action=start
+		fi
+		invoke-rc.d apache-htcacheclean $action || true
+	fi
+}
+
+# The apache-htcacheclean service is disabled by default. Can't use
+# debhelper. The update-rc.d 'enable' call must come after the 'defaults'
+# call, or the former will fail.
+handle_htcacheclean ()
+{
+	if [ -x "/etc/init.d/apache-htcacheclean" ]; then
+		update-rc.d apache-htcacheclean defaults >/dev/null
+	fi
+
+	if dpkg --compare-versions "$2" gt "2.4.18-2~" ||
+	   [ ! -e "/etc/apache2/mods-enabled/cache_disk.load" ] ; then
+		return 0
+	fi
+	if ( . /etc/default/apache-htcacheclean &&
+		[ "$HTCACHECLEAN_MODE" != "cron" ] &&
+		[ "$HTCACHECLEAN_RUN" != "no" ] )
+	then
+		update-rc.d apache-htcacheclean enable 2 3 4 5
+	fi
+	start_htcacheclean
+}
+
 msg ()
 {
 	local PRIORITY="$1"
@@ -191,11 +226,16 @@ case "$1" in
 		enable_default_modules $@
 		enable_default_conf $@
 		install_default_site $@
+		handle_htcacheclean $@
 		execute_deferred_actions
 
 	;;
 
-	abort-upgrade|abort-remove|abort-deconfigure)
+	abort-upgrade)
+		start_htcacheclean $@
+	;;
+
+	abort-remove|abort-deconfigure)
 
 	;;
 
diff --git a/debian/apache2.postrm b/debian/apache2.postrm
index d66dc41b..e525a2e2 100644
--- a/debian/apache2.postrm
+++ b/debian/apache2.postrm
@@ -69,6 +69,8 @@ case "$1" in
 	if is_default_index_html /var/www/html/index.html ; then
 		rm -f /var/www/html/index.html
 	fi
+
+	update-rc.d apache-htcacheclean remove >/dev/null
     ;;
 
     remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
diff --git a/debian/apache2.prerm b/debian/apache2.prerm
new file mode 100644
index 00000000..813b6fed
--- /dev/null
+++ b/debian/apache2.prerm
@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+
+if [ -x "/etc/init.d/apache-htcacheclean" ] && [ "$1" = remove ] ; then
+	invoke-rc.d apache-htcacheclean stop || true
+fi
+
+#DEBHELPER#
diff --git a/debian/changelog b/debian/changelog
index 4d326ed4..de1a5b25 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,10 @@
-apache2 (2.4.18-2) UNRELEASED; urgency=medium
+apache2 (2.4.18-2) UNRELEASED; urgency=low
 
+  * htcacheclean:
+    - split starting/stopping into separate init script 'apache-htcacheclean'
+    - move config from /etc/default/apache2 to /etc/default/apache-htcacheclean
+    - make a2enmod/a2dismod enable/disable htcacheclean with mod_cache_disk
+    - start htcacheclean as the apache2 run user/group
   * Fix a2query -M not returning output if apache2 config is broken.
     Fix missing quotes in apache2-maintscript-helper. Closes: #810500
   * README.backtrace: Note that coredump directory needs to be owned by
@@ -14,7 +19,6 @@ apache2 (2.4.18-2) UNRELEASED; urgency=medium
     Closes: #719245
   * Fix duplicate-module-load test and make sure it fails if it cannot execute
     apache2ctl.
-    
 
  -- Stefan Fritsch <sf@debian.org>  Sat, 09 Jan 2016 23:35:20 +0100
 
diff --git a/debian/rules b/debian/rules
index 85b9eabf..fa4ab005 100755
--- a/debian/rules
+++ b/debian/rules
@@ -104,7 +104,8 @@ override_dh_fixperms-indep:
 	dh_fixperms -i
 
 override_dh_installinit:
-	dh_installinit --restart-after-upgrade --error-handler=true -- defaults 91 09
+	dh_installinit --restart-after-upgrade --error-handler=true
+	dh_installinit --name apache-htcacheclean --noscripts
 
 override_dh_installdocs-indep:
 	# TODO: So, did anyone check convert_docs needs an update? ;)
diff --git a/debian/tests/control b/debian/tests/control
index 7194e349..99c5db90 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -2,6 +2,10 @@ Tests: duplicate-module-load
 Restrictions: allow-stderr, needs-root
 Depends: apache2
 
+Tests: htcacheclean
+Restrictions: allow-stderr, needs-root
+Depends: apache2
+
 Tests: ssl-passphrase
 Restrictions: needs-root allow-stderr breaks-testbed
 Depends: apache2, curl, expect, ssl-cert
diff --git a/debian/tests/htcacheclean b/debian/tests/htcacheclean
new file mode 100644
index 00000000..99f51215
--- /dev/null
+++ b/debian/tests/htcacheclean
@@ -0,0 +1,64 @@
+#!/bin/sh
+set -exu
+
+fatal () {
+	echo "ERROR: $@" >&2
+	exit 1
+}
+
+htc_enabled () {
+	if ls /etc/rc[2345].d/S*apache-htcacheclean > /dev/null 2>&1 ; then
+		return 0
+	else
+		return 1
+	fi
+}
+
+if htc_enabled ; then
+	fatal "apache-htcacheclean should not be enabled"
+fi
+
+a2enmod cache_disk
+
+if ! htc_enabled ; then
+	fatal "apache-htcacheclean should be enabled"
+fi
+
+service apache-htcacheclean start
+
+# for debugging
+ps -ef|grep /usr/bin/htcacheclean || true
+
+PGREP="pgrep -P 1 -u www-data -G www-data htcacheclean"
+
+if ! $PGREP ; then
+	fatal "htcacheclean is not running or running as wrong user/group"
+fi
+
+if ! service apache-htcacheclean status ; then
+	fatal "status did not return 'running'"
+fi
+
+service apache-htcacheclean stop
+
+if $PGREP ; then
+	fatal "htcacheclean did not stop"
+fi
+
+if service apache-htcacheclean status ; then
+	fatal "status did not return 'stopped'"
+fi
+
+a2dismod cache_disk
+
+if htc_enabled ; then
+	fatal "apache-htcacheclean should not be enabled"
+fi
+
+a2enmod cache_socache
+
+if htc_enabled ; then
+	fatal "apache-htcacheclean has been enabled for cache_socache"
+fi
+
+exit 0
author	Stefan Fritsch <sf@sfritsch.de>	2016-03-28 21:03:50 +0200
committer	Stefan Fritsch <sf@sfritsch.de>	2016-03-28 21:50:10 +0200
commit	c77bac3538cca116d4d31d0f085f7bf00e4f3705 (patch)
tree	ad3ccdde49a36c3eb30ff2364cd3864342f7f06d
parent	0ac69aece54211e2b16faeed9a8e12854740a477 (diff)
download	apache2-c77bac3538cca116d4d31d0f085f7bf00e4f3705.tar.gz