Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't run otobo_cron_1 as root #417

Closed
bschmalhofer opened this issue Sep 5, 2020 · 9 comments
Closed

Don't run otobo_cron_1 as root #417

bschmalhofer opened this issue Sep 5, 2020 · 9 comments
Assignees
@bschmalhofer
Labels
enhancement New feature or request
Milestone
OTOBO 10.0.4

Comments

@bschmalhofer
Copy link
Contributor

Higher priority is to avoid running docker containers as root. This is already the case for otobo_web_1, but should also be the case for otobo_cron_1. The most simple ide a is to get rid of cron and call in entrypoint.sh something like

watch -n 300 $HOME/bin/otobo.Daemon.pl start

Originally posted by @bschmalhofer in https://github.com/RotherOSS/otobo/issues/280#issuecomment-687583015
bschmalhofer added a commit to RotherOSS/otobo-docker that referenced this issue Sep 5, 2020
@bschmalhofer
Issue RotherOSS/otobo#417: rename otobo_cron_1 to otobo_daemon_1
22e9e33 
As cron is no longer used.
bschmalhofer added a commit that referenced this issue Sep 5, 2020
@bschmalhofer
Issue #417: update required modules
ec5c902 
namespace::autoclean
bschmalhofer added a commit that referenced this issue Sep 5, 2020
@bschmalhofer
Issue #417: lint_docker_files.sh no needed in image
451c7ad
bschmalhofer added a commit that referenced this issue Sep 5, 2020
@bschmalhofer
Issue #417: do not run cron in a containtainer
afc1d1e 
Instead run bin/otobo.Daemon.pl in a loop
bschmalhofer added a commit to RotherOSS/otobo-docker that referenced this issue Sep 5, 2020
@bschmalhofer
Merge pull request #7 from RotherOSS/issue-RotherOSS/otobo#417-watch
ecc0b24 
Issue RotherOSS/otobo#417: rename otobo_cron_1 to otobo_daemon_1
@bschmalhofer
Copy link
Contributor Author

cron is gone now. Tests look fine. Closing the issue.

@bschmalhofer
Copy link
Contributor Author

Reopening as the setup can be simplified by using the restart: on-failure setting. See https://docs.docker.com/compose/compose-file/#restart .

@bschmalhofer bschmalhofer reopened this Sep 5, 2020
@bschmalhofer
Copy link
Contributor Author

bschmalhofer commented Sep 6, 2020
edited
Loading

It's complicated. The OTOBO Daemon can't easily be run as a foreground process as bin/otobo.Daemon.pl makes an effort to run the actual Daemon as a forked process. So we stick with entrypoint.sh acting as a watchdog for the Daemon. Which is fine, as it prohibits the frequent retries that would be done by docker-compose.

While investigating this it was found the the Daemon does not shut down gracefully when the otobo_daemon_1 container is stopped. This behavior has been improved by adding a handler of SIGTERM to entrypoint.sh.

See also https://www.kaggle.com/residentmario/best-practices-for-propagating-signals-on-docker

bschmalhofer added a commit that referenced this issue Sep 6, 2020
@bschmalhofer
Issue #417: fix spelling Deamon -> Daemon
6e5e0a7 
Also 'use feature qw(say)'
bschmalhofer added a commit that referenced this issue Sep 6, 2020
@bschmalhofer
Issue #417: add a handler for SIGTERM
46497c4
@bschmalhofer
Copy link
Contributor Author

Tests look fine. The Github action has problems, but that looks unrelated. Closing the issue.

@bschmalhofer bschmalhofer mentioned this issue Sep 7, 2020
Closed
@bschmalhofer bschmalhofer self-assigned this Sep 18, 2020
@bschmalhofer bschmalhofer added the enhancement New feature or request label Sep 18, 2020
@bschmalhofer bschmalhofer added this to the OTOBO 10.0.4 milestone Sep 18, 2020
@bschmalhofer
Copy link
Contributor Author

Reopening as the feature should be backported to OTOBO 10.0.4

@bschmalhofer bschmalhofer reopened this Sep 18, 2020
@bschmalhofer
Copy link
Contributor Author

The feature will be backported in 10.0.4. The backport includes a renaming of the container from otobo_cron_1 to otobo_daemon_1. Do the renaming already for 10.0.3, in order to have as few conflicts as possible.

bschmalhofer added a commit that referenced this issue Sep 22, 2020
@bschmalhofer
Issue #417: rename otobo_cron_1 to otobo_daemon_1
1b31a10
bschmalhofer added a commit that referenced this issue Sep 22, 2020
@bschmalhofer
Merge pull request #464 from RotherOSS/issue-417-rename_cron_to_daemon
4981ff7 
Issue #417: rename otobo_cron_1 to otobo_daemon_1
bschmalhofer added a commit to RotherOSS/otobo-docker that referenced this issue Sep 22, 2020
@bschmalhofer
Issue RotherOSS/otobo#417: rename service 'cron' to 'daemon'
99ce42b 
Even though the command 'cron' is still running in the container.
bschmalhofer added a commit to RotherOSS/otobo-docker that referenced this issue Sep 22, 2020
@bschmalhofer
Merge pull request #20 from RotherOSS/issue-RotherOSS/otobo#417-renam…
07f66bf 
…e_cron_to_daemon

Issue RotherOSS/otobo#417: rename service 'cron' to 'daemon'
bschmalhofer added a commit to RotherOSS/doc-otobo-installation that referenced this issue Sep 22, 2020
@bschmalhofer
Issue RotherOSS/otobo#417: rename service cron to daemon
6fb93f6
bschmalhofer added a commit to RotherOSS/doc-otobo-installation that referenced this issue Sep 22, 2020
@bschmalhofer
Merge pull request #27 from RotherOSS/issue-RotherOSS/otobo#417-renam…
6255395 
…e_cron_to_daemon

Issue RotherOSS/otobo#417: rename service cron to daemon
@bschmalhofer
Copy link
Contributor Author

Renaming from otobo_cron_1 to otobo_daemon_1 has been done.

bschmalhofer added a commit that referenced this issue Sep 25, 2020
@bschmalhofer
Issue #417: grab Docker related changes from the rel-10_2 branch
ddfc66c
bschmalhofer added a commit that referenced this issue Sep 25, 2020
@bschmalhofer
Merge pull request #469 from RotherOSS/issue-417-backport
0e8e583 
Issue #417: grab Docker related changes from the rel-10_2 branch
bschmalhofer added a commit that referenced this issue Sep 25, 2020
@bschmalhofer
Issue #417: some useful changes from the rel-10_0 branch
ef076ff
bschmalhofer added a commit that referenced this issue Sep 25, 2020
@bschmalhofer
Merge pull request #470 from RotherOSS/issue-417-back_backport
2478be9 
Issue #417: some useful changes from the rel-10_0 branch
@bschmalhofer
Copy link
Contributor Author

Backporting from 10.1.x to 10.0.x has been done.

bschmalhofer added a commit to RotherOSS/otobo-docker that referenced this issue Sep 25, 2020
@bschmalhofer
Issue RotherOSS/otobo#417: grab some changes from rel-10_1
e488f82
bschmalhofer added a commit to RotherOSS/otobo-docker that referenced this issue Sep 25, 2020
@bschmalhofer
Merge pull request #22 from RotherOSS/issue-RotherOSS/otobo#417-backport
2b20c99 
Issue RotherOSS/otobo#417: grab some changes from rel-10_1
@bschmalhofer
Copy link
Contributor Author

No problems encountered.Closing this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bschmalhofer bschmalhofer

Labels
enhancement New feature or request
Projects
None yet
Milestone
OTOBO 10.0.4
Development

No branches or pull requests
1 participant
@bschmalhofer