From 214f61a3ee00d4328aefbd7e9fe6598c57a4f293 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Ospal=C3=BD?= Date: Wed, 20 May 2020 10:17:12 +0200 Subject: [PATCH] F #1473: Update SSH socket cleaner MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - replace timer with a inotify service Signed-off-by: Petr OspalĂ˝ --- .../opennebula-ssh-socks-cleaner.service | 8 +++- .../opennebula-ssh-socks-cleaner.timer | 11 ----- .../pkgs/services/systemd/opennebula.service | 2 +- share/ssh/bin/ssh-socks-cleaner | 44 +++++++++++++------ 4 files changed, 39 insertions(+), 26 deletions(-) delete mode 100644 share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.timer diff --git a/share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.service b/share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.service index b802792186..b49030dd2c 100644 --- a/share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.service +++ b/share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.service @@ -1,8 +1,14 @@ [Unit] Description=OpenNebula SSH persistent connection cleaner +After=remote-fs.target [Service] Group=oneadmin User=oneadmin -Type=oneshot +Type=simple +Restart=on-failure +RestartSec=1 ExecStart=/usr/lib/one/sh/ssh-socks-cleaner + +[Install] +WantedBy=default.target diff --git a/share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.timer b/share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.timer deleted file mode 100644 index 5b9662761c..0000000000 --- a/share/pkgs/services/systemd/opennebula-ssh-socks-cleaner.timer +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=OpenNebula SSH persistent connection cleaner -After=remote-fs.target - -[Timer] -OnActiveSec=0s -OnUnitActiveSec=30s -AccuracySec=1s - -[Install] -WantedBy=default.target diff --git a/share/pkgs/services/systemd/opennebula.service b/share/pkgs/services/systemd/opennebula.service index 1be7713940..48d15218c5 100644 --- a/share/pkgs/services/systemd/opennebula.service +++ b/share/pkgs/services/systemd/opennebula.service @@ -5,7 +5,7 @@ After=mariadb.service mysql.service After=opennebula-ssh-agent.service Wants=opennebula-scheduler.service opennebula-hem.service Wants=opennebula-ssh-agent.service -Wants=opennebula-ssh-socks-cleaner.timer +Wants=opennebula-ssh-socks-cleaner.service [Service] Type=notify diff --git a/share/ssh/bin/ssh-socks-cleaner b/share/ssh/bin/ssh-socks-cleaner index 0f78f11590..460263cfee 100755 --- a/share/ssh/bin/ssh-socks-cleaner +++ b/share/ssh/bin/ssh-socks-cleaner @@ -28,18 +28,36 @@ # closing of the master sockets. # Possibly related to: https://bugzilla.mindrot.org/show_bug.cgi?id=3067 -find /var/run/one/ssh-socks \ - -maxdepth 1 \ - -type s \ - -name 'ctl-M-*.sock' \ - -mmin +1 \ - -print | while read -r sockname ; do - # atomic operation - no other ssh client should be disrupted - mv -f "$sockname" "$sockname"~todelete +SSH_SOCKS_DIR="${SSH_SOCKS_DIR:-/var/run/one/ssh-socks}" - # stop the multiplexing ('this' is just unnecessary gibberish) - ssh -S "$sockname"~todelete -O stop this /dev/null +trap 'echo "waiting for cleanup jobs to finish..." && wait && exit' INT QUIT TERM EXIT - # delete the old socket - rm -f "$sockname"~todelete - done +while true ; do + # wait for new socket to emerge and spawn a background job to clean it up + # when it reach its age (one minute) + if inotifywait "$SSH_SOCKS_DIR" >/dev/null 2>&1 ; then + # we run background job for basically one and each socket... + # VERY INEFFICIENT... + ( + # no point to try to delete anything while the socket is still young + sleep 1m + + # now we can start cleanup + find "$SSH_SOCKS_DIR" \ + -maxdepth 1 \ + -type s \ + -name 'ctl-M-*.sock' \ + -mmin +1 \ + -print | while read -r sockname ; do + # atomic operation - no other ssh client should be disrupted + mv -f "$sockname" "$sockname"~todelete + + # stop the multiplexing ('this' is just unnecessary gibberish) + ssh -S "$sockname"~todelete -O stop this /dev/null + + # delete the old socket + rm -f "$sockname"~todelete + done + ) & + fi +done