[initscripts]: systemd-run is not needed in initscripts
systemd-run logic in initscripts was introduced because of ticket http://tracker.ceph.com/issues/7627. If we have systemd-based distro, we should use systemd unit files from systemd directory to start/stop ceph daemons. Otherwise, daemon() from /etc/init.d/functions on systemd distro starts service in system.slice and everything works well for case, for example, when we use hammer on RH7. With this code it will start daemon with daemon() function from init.d/functions. systemd-run can not be run on non-systemd distros, so it's not needed on SysV systems. I've performed successful testing with hammer on RH6, RH7 systems with ceph-osd, ceph-mon, ceph-radosgw services.
#9 Updated by Nathan Cutler almost 2 years ago
@Vladislav: Kraken backporting has not started yet. The "master" and "kraken" branches are currently in lock-step. See http://docs.ceph.com/docs/master/dev/#what-is-merged-where-and-when for general info on this topic.
#12 Updated by Vladislav Odintsov over 1 year ago
More issue description.
My initial problem was connected with hammer radosgw on el7. I couldn't run radosgw under non-privileged user without shell (/sbin/nologin), because you can't ask
runuser to start process from user without shell - these binaries do need shell. But
/lib/lsb/init-functions don't need it and are written for this special usage.
I decided to write 2 patches: for init-ceph and for init-radosgw to keep start of these daemons with initscripts in the same style.
~]# getent passwd radosgw radosgw:x:1003:1003::/var/lib/ceph/radosgw/:/sbin/nologin ~]# /bin/su radosgw -c '/bin/radosgw -n client.radosgw.i-c5ef3fa1' This account is currently not available. ~]# ps aux | grep rados root 11402 0.0 0.0 112648 968 pts/0 S+ 11:32 0:00 grep --color=auto rados
Right way (if we don't use systemd-units on el7 hammer):
~]# . /etc/init.d/functions ~]# daemon --user="radosgw" "/bin/radosgw -n client.radosgw.i-c5ef3fa1" ~]# [ OK ] ~]# ps aux | grep rados radosgw 11757 1.0 0.2 2151224 9468 ? Ssl 11:34 0:00 /bin/radosgw -n client.radosgw.i-c5ef3fa1 root 11893 0.0 0.0 112648 968 pts/0 S+ 11:34 0:00 grep --color=auto rados
Anyway, even if you don't use systemd-run, you can work through systemctl:
~]# systemctl status ceph-radosgw ● ceph-radosgw.service - LSB: radosgw RESTful rados gateway Loaded: loaded (/etc/rc.d/init.d/ceph-radosgw) Active: active (running) since Fri 2016-06-24 11:44:04 MSK; 3s ago Docs: man:systemd-sysv-generator(8) Process: 8023 ExecStop=/etc/rc.d/init.d/ceph-radosgw stop (code=exited, status=0/SUCCESS) Process: 20117 ExecReload=/etc/rc.d/init.d/ceph-radosgw reload (code=exited, status=0/SUCCESS) Process: 13781 ExecStart=/etc/rc.d/init.d/ceph-radosgw start (code=exited, status=0/SUCCESS) CGroup: /system.slice/ceph-radosgw.service └─13805 /bin/radosgw -n client.radosgw.i-c5ef3fa1 Jun 24 11:44:04 i-c5ef3fa1 systemd: Starting LSB: radosgw RESTful rados gateway... Jun 24 11:44:04 i-c5ef3fa1 ceph-radosgw: Starting client.radosgw.i-c5ef3fa1... Jun 24 11:44:04 i-c5ef3fa1 runuser: pam_unix(runuser:session): session opened for user radosgw by (uid=0) Jun 24 11:44:04 i-c5ef3fa1 systemd: Started LSB: radosgw RESTful rados gateway. Jun 24 11:44:04 i-c5ef3fa1 ceph-radosgw: [ OK ]
It's very needed in EL7 hammer. There is no ability to start daemon under non-privileged user. Since el7 hammer doesn't provide packaged systemd units, and changing packaging is not a good idea in minor release, because it can break the automation and other aspects for users.
I think these changes should be in all supported branches (hammer, jewel) to keep these scripts in unified style - but this is already not a technical issue.