Bug #12001
closed
System attempts to stop inactive services at shutdown
Added by Viktor Gurov over 3 years ago.
Updated about 3 years ago.
Plus Target Version:
22.01
Description
/etc/rc.stop_packages tries to stop disabled services:
Stopping package Cron...done.
Stopping package freeradius3...done.
Stopping package acme...done.
Stopping package Avahi...done.
Stopping package FRR...done.
Stopping package pfBlockerNG-devel...done.
Stopping package haproxy-devel...done.
Stopping package squid3...done.
Stopping package Zabbix Agent 5.2...done.
Stopping package OpenVPN Client Export Utility...done.
Stopping package suricata...done.
Stopping package squidGuard...done.
Stopping package snort...done.
Stopping /usr/local/etc/rc.d/haproxy.sh...done.
Stopping /usr/local/etc/rc.d/pfb_dnsbl.sh...done.
Stopping /usr/local/etc/rc.d/pfb_filter.sh...done.
Stopping /usr/local/etc/rc.d/radiusd.sh...done.
Stopping /usr/local/etc/rc.d/sqp_monitor.sh...done.
Stopping /usr/local/etc/rc.d/zabbix_agentd.sh...done.
- snort and suricata are not enabled in my case,
and it's not possible to "stop" OpenVPN Client Export Utility
- Category changed from PPPoE Server to Services
- Status changed from New to Pull Request Review
- Target version set to 2.6.0
- Plus Target Version set to 21.09
- Status changed from Pull Request Review to Feedback
- Assignee set to Viktor Gurov
PR has been merged. Thanks!
- % Done changed from 0 to 100
Tested in
2.6.0-DEVELOPMENT (amd64)
built on Fri Jul 09 09:13:36 EDT 2021
FreeBSD 12.2-STABLE
I still see:
Stopping /usr/local/etc/rc.d/haproxy.sh...done.
Stopping /usr/local/etc/rc.d/sqp_monitor.sh...done.
Stopping /usr/local/etc/rc.d/squid.sh...done.
Stopping /usr/local/etc/rc.d/suricata.sh...done.
Stopping /usr/local/etc/rc.d/vmware-guestd.sh...done.
Stopping /usr/local/etc/rc.d/vmware-kmod.sh...done.
In my case, HAproxy is disabled. Suricata and Squid are both stopped and not enabled on any interface. I no longer see the message for stopping OpenVPN client export though
Right now it's the responsibility of packages themselves to handle removing their own *.sh rc files when they are disabled. pfSense just globs the rc path for *.sh files and executes them if they are present. There is also no guarantee that a package's rc file follows the format:
<service internal name>.sh
On top of that, it isn't required that package rc files end in *.sh anyways.
I've added my own internal bug tracking report of this issue to my list for the Snort and Suricata packages. I will make sure that when no enabled interface remains, the shell script in /usr/local/etc/rc.d/ is removed. The script is always created when saving changes, so once at least one interface is enabled, and that change is saved, the necessary script will be created.
I will address this in the next GUI package update for each.
- Subject changed from System tries to stop disabled packages on shutdown to System attempts to stop inactive services at shutdown
Updating subject for release notes.
- Plus Target Version changed from 21.09 to 22.01
Installed and setup the snort package on 22.01. Enabled and then disabled it. Halted the system and I don't see any logged messages regarding it trying to stop the service even though it's already stopped.
- Status changed from Feedback to Resolved
Also available in: Atom
PDF
Updated by Viktor Gurov 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by