On 6/23/2015 10:35 PM, killermoehre wrote:
Am 24.06.2015 um 02:00 schrieb Chad:
On 6/23/2015 4:45 PM, Ronny Chevalier wrote:
On Wed, Jun 24, 2015 at 1:37 AM, Chad <[email protected]> wrote:
Oh, wait this is the reverse of what I want/need (systemd-sysv-generator
goes from init.d to systemd, I need from systemd to init.d).
I have a nagios script that runs something like:
/etc/init.d/httpd status
It then reads the output and makes sure httpd is running, if not it
takes
action depending on the service.
I use that method for tons of services.
I don't want to have to re-write the modules to use:
systemctl status httpd
If I did that then I will not be able to rsync the scripts/configs
around
and would have to maintain 2 versions of the code.
I was wondering if there was an easy way to create a /etc/init.d/httpd
script that called something like this inside:
#!/bin/bash
systemctl $1 $0
I know it is not that simple ($0 for example is the full path
/etc/init.d/httpd not just the httpd), which is why I am hoping there
is a
tool for this.
If you just want to know if a service is active you can use:
systemctl is-active httpd
If $? equals 0 then the service is active, else it is not :)
If you make your script use this I don't see why you would have to
maintain multiple versions, if your intention is to use systemd
everywhere.
Except that I can not convert all servers I maintain over just like
that, it will take time, probably 1-2 years.
As to: systemctl is-active httpd, that would work sometimes but not
others. For example I check fail2ban by running /etc/init.d/iptables
status which outputs all the firewall rules then check that output to
make sure the chains for fail2ban are there. If you restart iptables
without restarting fail2ban, fail2ban will show as running because the
daemon is up, but since the chains are gone it can not ban bad guys.
Maybe one of you knows a solution to that (iptables restart without a
fail2ban restart), I have not found one for init.d, is this fixed
somehow in systemd?
That would be another advantage.
^C
_______________________________________________
systemd-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Hi Chad,
why don't make a dependency between iptables and fail2ban? This is really easy
in systemd with Requires and Wants entries in the services. So you can't
restart iptables without automatic trigger of a fail2ban restart.
Regards
Killermoehre,
Thank you for your time and reply.
I intend to do exactly that when I start using systemd (I am still using init.d at the moment). In fact I have already
suggested that very thing on the fail2ban mailing list so that can add it to the tree and no custom rule is needed. To
my knowlage there is not a built in/standard way to tie init.d/iptables to init.d/fail2ban.
The test for the chains existence is still needed in case the chain is removed by other means (like a manual delete from
the cli).
I have found that I can trust nothing and that I should check/test everything :) when I think something is impossible or
so unlikely that it will "never happen to me" it inevitably is a problem at the worst possible moment. I bet some of you
know what I mean.
^C
_______________________________________________
systemd-devel mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
