Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make laurel reload its configuration or re-exec via signal #133

Open
2 of 4 tasks
hillu opened this issue Jan 30, 2023 · 0 comments
Open
2 of 4 tasks

Make laurel reload its configuration or re-exec via signal #133

hillu opened this issue Jan 30, 2023 · 0 comments
Assignees
@hillu
Milestone
0.7 release

Comments

@hillu
Copy link
Collaborator

hillu commented Jan 30, 2023
edited
Loading

The corrent deployment or update mode relies on auditd stopping/restarting laurel. This has a few shortcomings:

  • If laurel has crashed too often, auditd will not restart it even if the binary has changed.
  • The workaround, restarting auditd, means that messages will be lost. (This is probably the main reason whssy RHEL systems forbid auditd to be restarted though systemd mechanisms.)
  • Multi-message events may be split into a pre-restart and post-restart portion.
  • State (process table including labels) is lost across restart.

To overcome those shortcomings, the following features should be implemented:

  • Signal handler
  • Dump state to file (on disk or memfd). This file should contain in-flight messages, shadow process table, current configuration.
  • Re-exec,
  • passing the file descriptor to the new process.
@hillu hillu added this to the 0.6 release milestone Jan 30, 2023
@hillu hillu self-assigned this Jan 30, 2023
hillu added a commit that referenced this issue Jul 17, 2023
@hillu
Restart laurel on SIGHUP
4e43fb7 
When we catch SIGHUP, all remaining input in the buffer is fed to
coalesce, coalesce is flushed. Laurel is restarted with identical
configuration parameters and capabilities.

Implements part of #133
@hillu hillu mentioned this issue Jul 17, 2023
Merged
hillu added a commit that referenced this issue Jul 17, 2023
@hillu
Restart laurel on SIGHUP
3b17286 
When we catch SIGHUP, all remaining input in the buffer is fed to
coalesce, coalesce is flushed. Laurel is restarted with identical
configuration parameters and capabilities.

Implements part of #133
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hillu hillu

Labels
None yet
Projects
None yet
Milestone
0.7 release
Development

No branches or pull requests
1 participant
@hillu