systemd failing to recognize pid file
Solution 1
systemd parses an init script's comments to generate temporary .service file at boot or upon daemon-reload
command. Change the line
# pidfile: /var/run/ossec-authd.pid
to
# pidfile: /var/ossec/var/run/ossec-authd.pid
and run systemctl daemon-reload
UPD: now I see that pid file name is generated by authd at runtime and init script has to search for $PIDDIR/${NAME}*.pid.
Systemd can not search for pidfile, but can work without it. Sou you may try to remove # pidfile:
line completely, or write your own .service file
Solution 2
All of that is totally unnecessary.
The behaviour of systemd-sysv-generator
with a van Smoorenburg rc
script that has both the old RedHat comment headers and the LSB headers is interesting, but pointless to spend your time on.
Don't waste your time fixing your van Smoorenburg rc
script and trying to get the PID files to work. You do not actually need the rickety and dangerous PID file mechanism in the first place with proper service management. Nor do you need wrappers like ossec-control
. Forget about all that and make yourself a systemd service unit.
Two simple template service units for two different categories of OSSEC services, according to whether an -f
option is necessary, are in the answers listed as further reading here. Adapt one or both of them.
Further reading
- https://askubuntu.com/a/624871/43344
- https://unix.stackexchange.com/a/200365/5132
- How does systemd use /etc/init.d scripts?
Related videos on Youtube
shivams
Updated on September 18, 2022Comments
-
shivams over 1 year
So I am trying to start a service on systemd enabled system. Name of service is
ossec-hids-authd
which is the authentication engine(agents) in ossec(Intrusion Detection Software). When I go and start the init script then systemctl times out and on getting the status I am seeing this error./etc/init.d/ossec-hids-authd status ● ossec-hids-authd.service - LSB: Authentication Daemon for OSSEC-HIDS. Loaded: loaded (/etc/rc.d/init.d/ossec-hids-authd; bad; vendor preset: disabled) Active: failed (Result: timeout) since Thu 2018-02-22 07:34:28 UTC; 11min ago Docs: man:systemd-sysv-generator(8) Feb 22 07:24:11 ip-10-0-197-117.ec2.internal systemd[1]: Starting LSB: Authentication Daemon for OSSEC-HIDS.... Feb 22 07:24:11 ip-10-0-197-117.ec2.internal ossec-hids-authd[21142]: [39B blob data] Feb 22 07:24:11 ip-10-0-197-117.ec2.internal systemd[1]: PID file /var/run/ossec-authd.pid not readable (yet?) after start. Feb 22 07:24:11 ip-10-0-197-117.ec2.internal ossec-hids-authd[21142]: 2018/02/22 07:24:11 ossec-authd: INFO: Started (pid: 21148). Feb 22 07:34:28 ip-10-0-197-117.ec2.internal systemd[1]: ossec-hids-authd.service start operation timed out. Terminating. Feb 22 07:34:28 ip-10-0-197-117.ec2.internal systemd[1]: Failed to start LSB: Authentication Daemon for OSSEC-HIDS.. Feb 22 07:34:28 ip-10-0-197-117.ec2.internal systemd[1]: Unit ossec-hids-authd.service entered failed state. Feb 22 07:34:28 ip-10-0-197-117.ec2.internal systemd[1]: ossec-hids-authd.service failed. Feb 22 07:40:20 ip-10-0-197-117.ec2.internal ossec-hids-authd[21142]: 2018/02/22 07:40:20 ossec-authd(1225): INFO: SIGNAL [(15)-(Terminated)] Received. Exit Cleaning...
Now in the init script this process is actually making pid file in
/var/ossec/var/run
instead of/var/run
and I checked pid file is actually created there. But somehow systemctl is failing to recognize it.Is it possible that systemd does not recognize pid files created outside of
/var/run
and if such is the case how to do that?Below is the init script
#!/bin/sh # # ossec-authd Start the OSSEC-HIDS Authentication Daemon # # chkconfig: 2345 99 01 # description: Provides key signing for OSSEC Clients # processname: ossec-authd # config: /var/ossec/etc/ossec.conf # pidfile: /var/run/ossec-authd.pid ### BEGIN INIT INFO # Provides: ossec-authd # Required-Start: $network $local_fs $remote_fs # Required-Stop: $network $local_fs $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Authentication Daemon for OSSEC-HIDS. # Description: Provides key signing for OSSEC Clients ### END INIT INFO # Author: Brad Lhotsky <[email protected]> NAME=ossec-authd DAEMON=/var/ossec/bin/ossec-authd DAEMON_ARGS="-p 1515 2>&1 >> /var/ossec/logs/ossec-authd.log &" PIDDIR=/var/ossec/var/run SCRIPTNAME=/etc/init.d/ossec-authd . /etc/rc.d/init.d/functions getpid() { for filename in $PIDDIR/${NAME}*.pid; do pidfile=$(basename $filename) pid=$(echo $pidfile |cut -d\- -f 3 |cut -d\. -f 1) kill -0 $pid &> /dev/null RETVAL=$? if [ $RETVAL -eq 0 ]; then PIDFILE=$filename PID=$pid else rm -f $filename fi; done; } start() { echo -n $"Starting $NAME: " daemon $DAEMON $DAEMON_ARGS retval=$? if [ $retval -eq 0 ]; then echo_success echo else echo_failure echo fi return $retval } stop() { echo -n $"Stopping $NAME: " getpid killproc -p $PIDFILE $NAME retval=$? echo return $retval } restart() { stop start } case "$1" in start) start ;; stop) stop ;; status) getpid if [ -z $PIDFILE ]; then status $NAME else status -p $PIDFILE $NAME fi; ;; restart) restart ;; *) echo "Usage: $0 {start|stop|status}" exit 2 ;; esac exit $?
-
shivams about 6 yearsThanks man, I am planning to move to systemd unit. Will have to learn that though.