[systemd-devel] How to get used to systemd vs init
killermoehre
killermoehre at gmx.net
Tue Jun 23 22:35:48 PDT 2015
Am 24.06.2015 um 02:00 schrieb Chad:
> On 6/23/2015 4:45 PM, Ronny Chevalier wrote:
> > On Wed, Jun 24, 2015 at 1:37 AM, Chad <ccolumbu at gmail.com> wrote:
> >> Oh, wait this is the reverse of what I want/need (systemd-sysv-generator
> >> goes from init.d to systemd, I need from systemd to init.d).
> >> I have a nagios script that runs something like:
> >> /etc/init.d/httpd status
> >> It then reads the output and makes sure httpd is running, if not it
> >> takes
> >> action depending on the service.
> >> I use that method for tons of services.
> >> I don't want to have to re-write the modules to use:
> >> systemctl status httpd
> >> If I did that then I will not be able to rsync the scripts/configs
> >> around
> >> and would have to maintain 2 versions of the code.
> >> I was wondering if there was an easy way to create a /etc/init.d/httpd
> >> script that called something like this inside:
> >> #!/bin/bash
> >> systemctl $1 $0
> >> I know it is not that simple ($0 for example is the full path
> >> /etc/init.d/httpd not just the httpd), which is why I am hoping there
> >> is a
> >> tool for this.
> >>
> > If you just want to know if a service is active you can use:
> >
> > systemctl is-active httpd
> >
> > If $? equals 0 then the service is active, else it is not :)
> >
> > If you make your script use this I don't see why you would have to
> > maintain multiple versions, if your intention is to use systemd
> > everywhere.
> Except that I can not convert all servers I maintain over just like
> that, it will take time, probably 1-2 years.
>
> As to: systemctl is-active httpd, that would work sometimes but not
> others. For example I check fail2ban by running /etc/init.d/iptables
> status which outputs all the firewall rules then check that output to
> make sure the chains for fail2ban are there. If you restart iptables
> without restarting fail2ban, fail2ban will show as running because the
> daemon is up, but since the chains are gone it can not ban bad guys.
>
> Maybe one of you knows a solution to that (iptables restart without a
> fail2ban restart), I have not found one for init.d, is this fixed
> somehow in systemd?
> That would be another advantage.
>
> ^C
>
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Hi Chad,
why don't make a dependency between iptables and fail2ban? This is really easy in systemd with Requires and Wants entries in the services. So you can't restart iptables without automatic trigger of a fail2ban restart.
Regards
More information about the systemd-devel
mailing list