DAB based Debian Squeeze container (CTID/VEID: 102) with stunnel4 installed.
Tested on both PVE 1.9 and PVE 3.0.
/etc/init.d/stunnel4 not set to execute automatically in insserv:
Enabled the /etc/default/stunnel4 file:
Default /etc/init.d/stunnel4 file used:
CTID 102 used:
The following files are present in the /etc/vz/conf folder (PVE 1.9):
102.conf
102.start
102.stop
There seem to be practically no examples of the CTID.start and CTID.stop scripts on the net and in the manual for vzctl.
On starting the container, the start process just hangs.
On the host, 3 processes (other than grep) show up for the command:
Killing the 2nd or the 3rd PID above releases the hung up status of the container and reverts it a stopped state.
On doing a pvebash 102 private and then a dmesg | tail we find that the /proc is not mounted as yet.
The Container boots up nicely if the 102.start script is removed. The manual execution of it's contents:
also executes correctly.
The 102.stop script does not complain when the container is shutdown then.
Attempted to introduce sleep 5 in 102.start to no avail.
Any ideas on getting stunnel to work with the new insserv in OpenVZ containers?
Tested on both PVE 1.9 and PVE 3.0.
/etc/init.d/stunnel4 not set to execute automatically in insserv:
Code:
insserv -r stunnel4Enabled the /etc/default/stunnel4 file:
Code:
# /etc/default/stunnel
# Julien LEMOINE <speedblue@debian.org>
# September 2003
# Change to one to enable stunnel automatic startup
[B]ENABLED=1[/B]
FILES="/etc/stunnel/*.conf"
OPTIONS=""
# Change to one to enable ppp restart scripts
PPP_RESTART=0Default /etc/init.d/stunnel4 file used:
Code:
#! /bin/sh -e
### BEGIN INIT INFO
# Provides: stunnel4
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Should-Start: $syslog
# Should-Stop: $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start or stop stunnel 4.x (SSL tunnel for network daemons)
### END INIT INFO
DEFAULTPIDFILE="/var/run/stunnel4.pid"
DAEMON=/usr/bin/stunnel4
NAME=stunnel
DESC="SSL tunnels"
FILES="/etc/stunnel/*.conf"
OPTIONS=""
ENABLED=0
get_pids() {
local file=$1
if test -f $file; then
CHROOT=`grep "^chroot" $file|sed "s;.*= *;;"`
PIDFILE=`grep "^pid" $file|sed "s;.*= *;;"`
if [ "$PIDFILE" = "" ]; then
PIDFILE=$DEFAULTPIDFILE
fi
if test -f $CHROOT/$PIDFILE; then
cat $CHROOT/$PIDFILE
fi
fi
}
startdaemons() {
if ! [ -d /var/run/stunnel4 ]; then
rm -rf /var/run/stunnel4
install -d -o stunnel4 -g stunnel4 /var/run/stunnel4
fi
for file in $FILES; do
if test -f $file; then
ARGS="$file $OPTIONS"
PROCLIST=`get_pids $file`
if [ "$PROCLIST" ] && kill -0 $PROCLIST 2>/dev/null; then
echo -n "[Already running: $file] "
elif $DAEMON $ARGS; then
echo -n "[Started: $file] "
else
echo "[Failed: $file]"
echo "You should check that you have specified the pid= in you configuration file"
exit 1
fi
fi
done;
}
killdaemons()
{
for file in $FILES; do
PROCLIST=`get_pids $file`
if [ "$PROCLIST" ] && kill -0 $PROCLIST 2>/dev/null; then
kill $PROCLIST
echo -n "[stopped: $file] "
fi
done
}
if [ "x$OPTIONS" != "x" ]; then
OPTIONS="-- $OPTIONS"
fi
test -f /etc/default/stunnel4 && . /etc/default/stunnel4
if [ "$ENABLED" = "0" ] ; then
echo "$DESC disabled, see /etc/default/stunnel4"
exit 0
fi
test -x $DAEMON || exit 0
set -e
case "$1" in
start)
echo -n "Starting $DESC: "
startdaemons
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
killdaemons
echo "$NAME."
;;
#force-reload does not send a SIGHUP, since SIGHUP is interpreted as a
#quit signal by stunnel. I reported this problem to upstream authors.
force-reload|restart)
echo -n "Restarting $DESC: "
killdaemons
sleep 5
startdaemons
echo "$NAME."
;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|force-reload|restart}" >&2
exit 1
;;
esac
exit 0CTID 102 used:
The following files are present in the /etc/vz/conf folder (PVE 1.9):
102.conf
102.start
Code:
#!/usr/bin/bash
/etc/init.d/stunnel4 start
Code:
#!/usr/bin/bash
/etc/init.d/stunnel4 stopThere seem to be practically no examples of the CTID.start and CTID.stop scripts on the net and in the manual for vzctl.
On starting the container, the start process just hangs.
On the host, 3 processes (other than grep) show up for the command:
Code:
# ps aux | grep "/usr/sbin/vzctl start 102"
root 15039 0.0 0.0 10164 888 ? S 09:55 0:00 /usr/sbin/vzctl start 102
root [B]15043[/B] 0.0 0.0 10164 440 ? Ss 09:55 0:00 /usr/sbin/vzctl start 102
root [B]15116[/B] 0.0 0.0 10164 304 ? S 09:55 0:00 /usr/sbin/vzctl start 102
root 15139 0.0 0.0 3888 656 pts/0 S+ 09:55 0:00 grep /usr/sbin/vzctl start 102Killing the 2nd or the 3rd PID above releases the hung up status of the container and reverts it a stopped state.
On doing a pvebash 102 private and then a dmesg | tail we find that the /proc is not mounted as yet.
The Container boots up nicely if the 102.start script is removed. The manual execution of it's contents:
Code:
/etc/init.d/stunnel4 startThe 102.stop script does not complain when the container is shutdown then.
Attempted to introduce sleep 5 in 102.start to no avail.
Any ideas on getting stunnel to work with the new insserv in OpenVZ containers?
Last edited: