Thank you. The more recent systemd unit files already include the HUP
command. I have changed the logrotate command to use invoke-rc.d as
per your suggestion. I have done this for the new 1.6.6 upload I've
just sent to mentors. In terms of updating stable, I haven't had much
luck with that in the past. I'm neither a DD nor DM and have in the
past been advised that only security updates are appropriate for
stable, so am a bit stuck there.
On Sat, 14 Sep 2019 at 10:21, Peter Palfrader <wea...@debian.org> wrote:
>
> Package: mosquitto
> Version: 1.5.7-1
> Severity: important
>
> Regarding severity, see [1].
>
> | root@raven:~# systemctl --failed
> | UNIT LOAD ACTIVE SUB DESCRIPTION
> | ● logrotate.service loaded failed failed Rotate log files
>
> | root@raven:~# journalctl -u logrotate.service
> | -- Logs begin at Fri 2019-09-13 13:14:46 CEST, end at Sat 2019-09-14
> 10:46:55 CEST. --
> | Sep 14 00:00:01 raven systemd[1]: Starting Rotate log files...
> | Sep 14 00:00:02 raven logrotate[17281]: logrotate_script: 2:
> logrotate_script: /usr/bin/killall: not found
> | Sep 14 00:00:02 raven logrotate[17281]: error: error running non-shared
> postrotate script for /var/log/mosquitto/mosquitto.log of
> '/var/log/mosquitto/mosquitto.log '
> | Sep 14 00:00:02 raven systemd[1]: logrotate.service: Main process exited,
> code=exited, status=1/FAILURE
> | Sep 14 00:00:02 raven systemd[1]: logrotate.service: Failed with result
> 'exit-code'.
>
> So, there's a few things wrong with this logrotate setup:
>
> | root@raven:~# grep -A1 postro /etc/logrotate.d/mosquitto
> | postrotate
> | /usr/bin/killall -HUP mosquitto
>
> First, you should never use killall (or pkill) to send signals to
> processes by name out of system scripts. You may only send things to
> your processes, and you don't control which other things on the system
> might be called mosquitto.
>
> Second, *if* you use killall, you need to ensure it's actually
> installed. killall is shipped by the psmisc package, which is not
> Essential, yet the mosquitto packages doesn't depend on it. Further,
> the postrotate snippet probably should NOT supply the full path to the
> script[2].
>
> However, what the script probably should do is reload its service using
> something like apache2 does:
> | postrotate
> | if invoke-rc.d apache2 status > /dev/null 2>&1; then \
> | invoke-rc.d apache2 reload > /dev/null 2>&1; \
> | fi;
> | endscript
>
> This will call the service's reload thing. Your sysV init script
> already correctly sends a HUP only to the service process. It seems
> the systemd service file doesn't. I don't know if this is the proper
> way to deal with this issue but the following should work:
>
> @@ -8,6 +8,7 @@
> Type=notify
> NotifyAccess=main
> ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf
> +ExecReload=/bin/kill -HUP ${MAINPID}
> Restart=on-failure
>
> [Install]
>
>
> Cheers,
>
> PS: please consider updating the version in stable.
>
> Cheers,
> 1: This could be serious, since "Packages must include a "Depends:" line
> listing any other packages they require for operation", but then it's
> "just" logrotation. Either way, please fix :)
> 2: | Programs called from maintainer scripts should not normally have a
> | path prepended to them. [...] These considerations really apply to
> | all shell scripts.
>
>
> --
> | .''`. ** Debian **
> Peter Palfrader | : :' : The universal
> https://www.palfrader.org/ | `. `' Operating System
> | `- https://www.debian.org/
