From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 9286EBBB85 for ; Tue, 19 Dec 2023 10:22:50 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 72D0534CEA for ; Tue, 19 Dec 2023 10:22:50 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Tue, 19 Dec 2023 10:22:49 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 4CCB248546 for ; Tue, 19 Dec 2023 10:22:49 +0100 (CET) From: Friedrich Weber To: pve-devel@lists.proxmox.com Date: Tue, 19 Dec 2023 10:22:27 +0100 Message-Id: <20231219092227.48384-1-f.weber@proxmox.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.112 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [proxmox.com, scheduler.py] Subject: [pve-devel] [PATCH ifupdown2] fix #5009: avoid waiting for stdout eof of /etc/network/ scripts X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Dec 2023 09:22:50 -0000 Previously, PVE (7 and 8) hosts would hang at boot if both ntpsec and ntpsec-ntpdate are installed. The root cause for the hang is an unfortunate interaction between ntpsec, ntpsec-ntpdate and the PVE ifupdown2 package. The hang happens because ntpsec-ntpdate installs a hook /etc/network/if-up.d/ntpsec-ntpdate that blocks until networking is available if ntpsec is installed. Previously, ifupdown2 would wait for the hook to terminate, so networking would never become available, resulting in a deadlock. See the bug report [0] for more information. With this patch, ifupdown2 runs the hook in the background and does not wait for it to terminate, thus resolving the deadlock. This patch was already applied upstream [1]. Backport it to make it available before the next upstream release. [0] https://bugzilla.proxmox.com/show_bug.cgi?id=5009 [1] https://github.com/CumulusNetworks/ifupdown2/pull/274 Signed-off-by: Friedrich Weber --- Notes: Tested on PVE 8: * installed ntpsec and ntpsec-ntpdate reboot without `quiet` -> boot hangs at networking * installed patched ifupdown2, ntpsec, ntpsec-ntpdate reboot -> boot ok debian/patches/series | 1 + ...waiting-for-stdout-eof-of-etc-networ.patch | 44 +++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 debian/patches/upstream/0001-scheduler-avoid-waiting-for-stdout-eof-of-etc-networ.patch diff --git a/debian/patches/series b/debian/patches/series index 6676c06..557aa7f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -11,3 +11,4 @@ upstream/0001-add-ipv6-slaac-support-inet6-auto-accept_ra.patch upstream/0001-addons-ethtool-add-rx-vlan-filter.patch upstream/0001-scheduler-import-traceback.patch upstream/0001-addons-vxlan-fix-compare-between-remote-ips-and-old_.patch +upstream/0001-scheduler-avoid-waiting-for-stdout-eof-of-etc-networ.patch diff --git a/debian/patches/upstream/0001-scheduler-avoid-waiting-for-stdout-eof-of-etc-networ.patch b/debian/patches/upstream/0001-scheduler-avoid-waiting-for-stdout-eof-of-etc-networ.patch new file mode 100644 index 0000000..e377e56 --- /dev/null +++ b/debian/patches/upstream/0001-scheduler-avoid-waiting-for-stdout-eof-of-etc-networ.patch @@ -0,0 +1,44 @@ +From 1303d9211d82326f7c55d56db13eed66bb1c6535 Mon Sep 17 00:00:00 2001 +From: Friedrich Weber +Date: Tue, 26 Sep 2023 13:33:36 +0200 +Subject: [PATCH] scheduler: avoid waiting for stdout eof of /etc/network/ + scripts + +Scripts in /etc/network/ are executed using `exec_command` which +captures stdout by default, and thus waits for stdout end-of-file via +`Popen.communicate()`. However, this can cause hangs if the network +script executes a long-running command in the background. Can be +reproduced by putting the following (executable) script in +/etc/network/if-up.d/: + + #!/bin/sh + sleep 5& + +This script will cause `ifreload -a` to wait for 5 seconds per network +interface. + +To avoid waiting, do not capture stdout when executing /etc/network/ +scripts. This also improves compatibility with ifupdown, which runs +the above script in the background. + +Signed-off-by: Friedrich Weber +--- + ifupdown2/ifupdown/scheduler.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ifupdown2/ifupdown/scheduler.py b/ifupdown2/ifupdown/scheduler.py +index fda6ff2..e4d579f 100644 +--- a/ifupdown2/ifupdown/scheduler.py ++++ b/ifupdown2/ifupdown/scheduler.py +@@ -142,7 +142,7 @@ class ifaceScheduler(): + for mname in ifupdownobj.script_ops.get(op, []): + ifupdownobj.logger.debug("%s: %s : running script %s" % (ifacename, op, mname)) + try: +- utils.exec_command(mname, env=command_env) ++ utils.exec_command(mname, env=command_env, stdout=False) + except Exception as e: + if "permission denied" in str(e).lower(): + ifupdownobj.logger.warning('%s: %s %s' % (ifacename, op, str(e))) +-- +2.39.2 + -- 2.39.2