Project

General

Profile

Bug #7146

install_cron_job() causes inexplicable issues when saving package configuration

Added by Kill Bill 9 months ago. Updated 8 days ago.

Status:
New
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Start date:
01/20/2017
Due date:
% Done:

0%

Affected Version:
All
Affected Architecture:
All

Description

So, this commit https://github.com/pfsense/FreeBSD-ports/pull/254 caused Squid to be unable to save the configuration on General tab. Related forum thread: https://forum.pfsense.org/index.php?topic=124218.0

This ain't the first time this happened and there's really no reason why it should happen in the first place. Dunno what's up with this but it ain't the code in the package.
- https://github.com/pfsense/pfsense-packages/commit/7d613d5c35a0effaadfe409cc80e07068fdcc39b
- https://redmine.pfsense.org/issues/5205#note-14

Associated revisions

Revision b2bb4970
Added by Jim Pingle 9 months ago

Add a parameter to install_cron_job to stop it from performing its own write_config. Adjust base system calls to match. Ticket #7146

Packages may still need the old behavior but need tested individually. Once all function calls are confirmed to work without the write, the write_config parameter and call can be removed from this function for good.

History

#1 Updated by Jim Pingle 9 months ago

  • Category set to Web Interface
  • Assignee set to Jim Pingle
  • Target version set to 2.4.0

#2 Updated by Jim Pingle 9 months ago

Oddly enough I can't seem to reproduce this, at least on 2.4.

I suspect adding this just after the install_cron_job call would help:

parse_config(true);

install_cron_job() could probably use an optional parameter that skips the config write for problem cases.

#3 Updated by Kill Bill 9 months ago

I reproduced this on multiple 2.3.3 boxes.Anything but */$minutes * * * * causes the issue. E.g., tried just changing the hour there to * */$hours * * * - did not work either.

WTF really.

#4 Updated by Jim Pingle 9 months ago

There may yet be a problem with install_cron_job() doing a write the way it does, but the squid problem appears to be from something else and this was compounding the problem: https://forum.pfsense.org/index.php?topic=124218.msg686442#msg686442

#5 Updated by Kill Bill 9 months ago

The squid issue seems indeed fixed by nuking the <custom_add_php_command> tag. Still would seem desirable to let just one instance of the resync code to run here, otherwise completely whacky behaviour happens.

#6 Updated by Jim Pingle 9 months ago

I don't see anything in the base system that would be affected by removing the write_config() from install_cron_job(). There are many more uses in packages that are not quite so clear.

I'll refactor the function a bit and add a parameter to skip the write for now. Once that is in place we can check the packages over time. Once all of the uses of the function have been determined to not need the write, it can be completely removed.

#7 Updated by Kill Bill 9 months ago

Thanks for looking into this. Meanwhile, I did https://github.com/pfsense/FreeBSD-ports/pull/261 since it's generally not desirable to resync the Squid config twice for no good reason (already slow enough even when run once).

#8 Updated by Jim Pingle 9 months ago

Saw that, just merged+cherry-picked it all around.

FYI: Uses of install_cron_job in packages:

net/pfSense-pkg-haproxy/files/usr/local/pkg/haproxy/haproxy.inc:    install_cron_job("/usr/local/etc/rc.d/haproxy.sh onecheck", false);
net/pfSense-pkg-haproxy/files/usr/local/pkg/haproxy/haproxy.inc:    install_cron_job("/etc/rc.haproxy_ocsp.sh", false);
net/pfSense-pkg-haproxy/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/usr/local/etc/rc.d/haproxy.sh onecheck", true, "*/2");
net/pfSense-pkg-haproxy/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/usr/local/etc/rc.d/haproxy.sh onecheck", false);
net/pfSense-pkg-haproxy/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/etc/rc.haproxy_ocsp.sh", true, "*/120");
net/pfSense-pkg-haproxy/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/etc/rc.haproxy_ocsp.sh", false);
net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc:    install_cron_job("/usr/local/etc/rc.d/haproxy.sh onecheck", false);
net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc:    install_cron_job("/etc/rc.haproxy_ocsp.sh", false);
net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/usr/local/etc/rc.d/haproxy.sh onecheck", true, "*/2");
net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/usr/local/etc/rc.d/haproxy.sh onecheck", false);
net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/etc/rc.haproxy_ocsp.sh", true, "*/120");
net/pfSense-pkg-haproxy-devel/files/usr/local/pkg/haproxy/haproxy.inc:            install_cron_job("/etc/rc.haproxy_ocsp.sh", false);
net/pfSense-pkg-pfBlockerNG/files/usr/local/pkg/pfblockerng/pfblockerng.inc:                install_cron_job('pfblockerng.php cron', false);
net/pfSense-pkg-pfBlockerNG/files/usr/local/pkg/pfblockerng/pfblockerng.inc:            install_cron_job($pfb_cmd, true, $pfb['min'], $pfb_hour, $pfb_mday, $pfb_month, $pfb_wday, $pfb_who);
net/pfSense-pkg-pfBlockerNG/files/usr/local/pkg/pfblockerng/pfblockerng.inc:        install_cron_job('pfblockerng.php cron', false);
net/pfSense-pkg-pfBlockerNG/files/usr/local/pkg/pfblockerng/pfblockerng.inc:            install_cron_job($pfb_gcmd, true, $pfb_gmin, $pfb_ghour, $pfb_gmday, $pfb_gmonth, $pfb_gwday, $pfb_gwho);
net/pfSense-pkg-pfBlockerNG/files/usr/local/pkg/pfblockerng/pfblockerng.inc:        install_cron_job('pfblockerng.php dcc', false);
net/pfSense-pkg-pfBlockerNG/files/usr/local/pkg/pfblockerng/pfblockerng_install.inc:install_cron_job('pfblockerng.php dc >>', false);
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:            install_cron_job("snort_check_cron_misc.inc", false);
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:    install_cron_job("snort_check_cron_misc.inc", false);
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:    install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php -f /usr/local/pkg/snort/snort_check_cron_misc.inc", $should_install, "*/5");
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:            install_cron_job("snort2c", false);
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:        install_cron_job("snort2c", false);
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:        install_cron_job($command, true, $snort_rm_blocked_min, $snort_rm_blocked_hr, $snort_rm_blocked_mday, $snort_rm_blocked_month, $snort_rm_blocked_wday, "root");
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:            install_cron_job("snort_check_for_rule_updates.php", false);
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:        install_cron_job("snort_check_for_rule_updates.php", false);
security/pfSense-pkg-snort/files/usr/local/pkg/snort/snort.inc:        install_cron_job($command, $should_install, $snort_rules_up_min, $snort_rules_up_hr, $snort_rules_up_mday, $snort_rules_up_month, $snort_rules_up_wday, "root");
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:            install_cron_job("suricata_check_for_rule_updates.php", false);
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:    install_cron_job("suricata_check_for_rule_updates.php", false);
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:    install_cron_job($command, $should_install, $suricata_rules_up_min, $suricata_rules_up_hr, $suricata_rules_up_mday, $suricata_rules_up_month, $suricata_rules_up_wday, "root");
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:            install_cron_job("suricata_check_cron_misc.inc", false);
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:    install_cron_job("suricata_check_cron_misc.inc", false);
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:    install_cron_job("/usr/bin/nice -n20 /usr/local/bin/php-cgi -f /usr/local/pkg/suricata/suricata_check_cron_misc.inc", $should_install, "*/5");
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:            install_cron_job("{$suri_pf_table}", false);
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:    install_cron_job("{$suri_pf_table}", false);
security/pfSense-pkg-suricata/files/usr/local/pkg/suricata/suricata.inc:    install_cron_job($command, $should_install, $suricata_rm_blocked_min, $suricata_rm_blocked_hr, $suricata_rm_blocked_mday, $suricata_rm_blocked_month, $suricata_rm_blocked_wday, "root");
sysutils/pfSense-pkg-Service_Watchdog/files/usr/local/pkg/servicewatchdog.inc:        install_cron_job("/usr/local/pkg/servicewatchdog_cron.php", true, "*/1");
sysutils/pfSense-pkg-Service_Watchdog/files/usr/local/pkg/servicewatchdog.inc:        install_cron_job("/usr/local/pkg/servicewatchdog_cron.php", false, "*/1");
sysutils/pfSense-pkg-syslog-ng/files/usr/local/pkg/syslog-ng.inc:    install_cron_job("${crontask}", true, "0");
sysutils/pfSense-pkg-syslog-ng/files/usr/local/pkg/syslog-ng.inc:    install_cron_job("${crontask}", false);
www/pfSense-pkg-Lightsquid/files/usr/local/pkg/lightsquid.inc:        install_cron_job($lightsquid_parser_today, false);
www/pfSense-pkg-Lightsquid/files/usr/local/pkg/lightsquid.inc:        install_cron_job($lightsquid_parser_yesterday, false);
www/pfSense-pkg-Lightsquid/files/usr/local/pkg/lightsquid.inc:            install_cron_job($lightsquid_parser_today, $on, $opt[0], $opt[1], $opt[2], $opt[3], $opt[4], $opt[5]);
www/pfSense-pkg-Lightsquid/files/usr/local/pkg/lightsquid.inc:            install_cron_job($lightsquid_parser_yesterday, true, "15", "0", "*", "*", "*", "root");
www/pfSense-pkg-Lightsquid/files/usr/local/pkg/lightsquid.inc:        install_cron_job($lightsquid_parser_today, false);
www/pfSense-pkg-Lightsquid/files/usr/local/pkg/lightsquid.inc:        install_cron_job($lightsquid_parser_yesterday, false);
www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc:        install_cron_job("{$cron_cmd}", $should_install, "0", "0", "*", "*", "*", "root");
www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc:        install_cron_job("{$swapstate_cmd}", $should_install, "15", "0", "*", "*", "*", "root");
www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc:        install_cron_job("{$cron_cmd}", false);
www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc:        install_cron_job("{$swapstate_cmd}", false);
www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc:    install_cron_job("/usr/local/pkg/swapstate_check.php clean;", false);
www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc:    install_cron_job("/bin/rm /var/squid/cache/swap.state;", false);
www/pfSense-pkg-squid/files/usr/local/pkg/squid_antivirus.inc:            install_cron_job("{$freshclam_cmd}", true, "{$minutes}", "*/{$hours}", "*", "*", "*", "clamav");
www/pfSense-pkg-squid/files/usr/local/pkg/squid_antivirus.inc:            install_cron_job("{$freshclam_cmd}", false);
www/pfSense-pkg-squid/files/usr/local/pkg/squid_antivirus.inc:        install_cron_job("{$freshclam_cmd}", false);
www/pfSense-pkg-squidGuard/files/usr/local/pkg/squidguard_configurator.inc:        install_cron_job("{$cron_cmd}", true, "0", "0", "*", "*", "*", "root");
www/pfSense-pkg-squidGuard/files/usr/local/pkg/squidguard_configurator.inc:        install_cron_job("{$cron_cmd}", false);

And many of those are wrapped in some other function that handles the cron job which is called from elsewhere in the package... Probably a lot there that could be handled better.

#9 Updated by Jim Pingle 3 months ago

  • Target version changed from 2.4.0 to 2.4.1

I went through and tried a few of the packages and some did need the write, others did not. I didn't test the whole list. Changing the default, at least at the moment, doesn't appear to be viable. Having to adjust the package code to use the new function means future changes to the packages couldn't be cherry-picked back to other branches so easily.

At the moment I'm not seeing an upside to switching the default, so we can reevaluate for 2.4.1. At the moment nothing needs to be changed.

#10 Updated by Jim Pingle 8 days ago

  • Target version changed from 2.4.1 to 2.4.2

Also available in: Atom PDF