From 8d9bb4b4d05a20bef1cf7b1da2b1c5fb05f9b071 Mon Sep 17 00:00:00 2001 From: Clément Lassieur Date: Sat, 10 Nov 2018 15:14:28 +0100 Subject: services: dovecot: Allow to set 'client-limit'. * doc/guix.texi (Mail Services): Update accordingly. * gnu/services/mail.scm (service-configuration)[client-limit]: New field. (dovecot-configuration)[services]: Set 'client-limit' to its correct default value. --- doc/guix.texi | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index 441b65bcaf..d4178ce9ea 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -14349,6 +14349,16 @@ Defaults to @samp{#t}. @end deftypevr +@deftypevr {@code{service-configuration} parameter} non-negative-integer client-limit +Maximum number of simultaneous client connections per process. Once +this number of connections is received, the next incoming connection +will prompt Dovecot to spawn another process. If set to 0, +@code{default-client-limit} is used instead. + +Defaults to @samp{0}. + +@end deftypevr + @deftypevr {@code{service-configuration} parameter} non-negative-integer service-count Number of connections to handle before starting a new process. Typically the only useful values are 0 (unlimited) or 1. 1 is more -- cgit v1.2.3 From be8dd4a5fec804f2f004dd3a87c2872af44dc88d Mon Sep 17 00:00:00 2001 From: Clément Lassieur Date: Sat, 10 Nov 2018 18:45:27 +0100 Subject: services: dovecot: Allow to set 'process-limit'. * doc/guix.texi (Mail Services): Update accordingly. * gnu/services/mail.scm (service-configuration)[process-limit]: New field. (dovecot-configuration)[services]: Set 'process-limit' to its correct default value. --- doc/guix.texi | 9 +++++++++ gnu/services/mail.scm | 17 ++++++++++++++--- 2 files changed, 23 insertions(+), 3 deletions(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index d4178ce9ea..c74351dd87 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -14364,6 +14364,15 @@ Number of connections to handle before starting a new process. Typically the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 is faster. . Defaults to @samp{1}. + +@end deftypevr + +@deftypevr {@code{service-configuration} parameter} non-negative-integer process-limit +Maximum number of processes that can exist for this service. If set to +0, @code{default-process-limit} is used instead. + +Defaults to @samp{0}. + @end deftypevr @deftypevr {@code{service-configuration} parameter} non-negative-integer process-min-avail diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index abc1c15cfe..dfbdf6d6cc 100644 --- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -301,6 +301,10 @@ used instead.") "Number of connections to handle before starting a new process. Typically the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0 is faster. .") + (process-limit + (non-negative-integer 0) + "Maximum number of processes that can exist for this service. If set to 0, +@code{default-process-limit} is used instead.") (process-min-avail (non-negative-integer 0) "Number of processes to always keep waiting for more connections.") @@ -482,6 +486,7 @@ complex, customize the address and port fields of the (service-configuration (kind "imap-login") (client-limit 0) + (process-limit 0) (listeners (list (inet-listener-configuration (protocol "imap") (port 143) (ssl? #f)) @@ -495,14 +500,17 @@ complex, customize the address and port fields of the (service-configuration (kind "lmtp") (client-limit 1) + (process-limit 0) (listeners (list (unix-listener-configuration (path "lmtp") (mode "0666"))))) (service-configuration (kind "imap") - (client-limit 1)) + (client-limit 1) + (process-limit 1024)) (service-configuration (kind "pop3") - (client-limit 1)) + (client-limit 1) + (process-limit 1024)) (service-configuration (kind "auth") ;; In what could be taken to be a bug, the default value of 1 for ;; service-count makes it so that a PAM auth worker can't fork off @@ -514,14 +522,17 @@ complex, customize the address and port fields of the ;; 30. (service-count 30) (client-limit 0) + (process-limit 1) (listeners (list (unix-listener-configuration (path "auth-userdb"))))) (service-configuration (kind "auth-worker") - (client-limit 1)) + (client-limit 1) + (process-limit 0)) (service-configuration (kind "dict") (client-limit 1) + (process-limit 0) (listeners (list (unix-listener-configuration (path "dict"))))))) "List of services to enable. Available services include @samp{imap}, @samp{imap-login}, @samp{pop3}, @samp{pop3-login}, @samp{auth}, and -- cgit v1.2.3 From 9c001c07d4c483a4a6b7c7ff50b1119d3fd4b90f Mon Sep 17 00:00:00 2001 From: Laura Lazzati Date: Sun, 11 Nov 2018 18:12:34 -0300 Subject: doc: Fix typo. * doc/guix.texi (Porting to a New Platform): Fix typo. Signed-off-by: Ricardo Wurmus --- doc/guix.texi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index c74351dd87..4b082c5f87 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -24216,7 +24216,7 @@ to be updated to refer to these binaries on the target platform. That is, the hashes and URLs of the bootstrap tarballs for the new platform must be added alongside those of the currently supported platforms. The bootstrap Guile tarball is treated specially: it is expected to be -available locally, and @file{gnu/local.mk} has rules do download it for +available locally, and @file{gnu/local.mk} has rules to download it for the supported architectures; a rule for the new platform must be added as well. -- cgit v1.2.3 From d3f75179e5741db29358e3e723146fd20ec79de9 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 13 Nov 2018 11:02:13 +0100 Subject: services: nscd: Add 'invalidate' and 'statistics' actions. * gnu/services/base.scm (nscd-action-procedure, nscd-actions): New procedures. (nscd-shepherd-service): Add 'modules' and 'actions' fields. * gnu/tests/base.scm (run-basic-test)["nscd invalidate action"] ["nscd invalidate action, wrong table"]: New tests. * doc/guix.texi (Services): Mention 'herd doc nscd action'. (Base Services): Document the actions. --- doc/guix.texi | 26 ++++++++++++++++++++++++- gnu/services/base.scm | 54 ++++++++++++++++++++++++++++++++++++++++++++++----- gnu/tests/base.scm | 14 +++++++++++++ 3 files changed, 88 insertions(+), 6 deletions(-) (limited to 'doc/guix.texi') diff --git a/doc/guix.texi b/doc/guix.texi index 4b082c5f87..0ba034e822 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -10563,11 +10563,14 @@ Start,,, shepherd, The GNU Shepherd Manual}). For example: The above command, run as @code{root}, lists the currently defined services. The @command{herd doc} command shows a synopsis of the given -service: +service and its associated actions: @example # herd doc nscd Run libc's name service cache daemon (nscd). + +# herd doc nscd action invalidate +invalidate: Invalidate the given cache--e.g., 'hosts' for host name lookups. @end example The @command{start}, @command{stop}, and @command{restart} sub-commands @@ -10965,6 +10968,27 @@ The Kmscon package to use. Return a service that runs the libc name service cache daemon (nscd) with the given @var{config}---an @code{} object. @xref{Name Service Switch}, for an example. + +For convenience, the Shepherd service for nscd provides the following actions: + +@table @code +@item invalidate +@cindex cache invalidation, nscd +@cindex nscd, cache invalidation +This invalidate the given cache. For instance, running: + +@example +herd invalidate nscd hosts +@end example + +@noindent +invalidates the host name lookup cache of nscd. + +@item statistics +Running @command{herd statistics nscd} displays information about nscd usage +and caches. +@end table + @end deffn @defvr {Scheme Variable} %nscd-default-configuration diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 3409bd352c..228d3c5926 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -1252,18 +1252,57 @@ the tty to run, among other things." (string-concatenate (map cache->config caches))))))) +(define (nscd-action-procedure nscd config option) + ;; XXX: This is duplicated from mcron; factorize. + #~(lambda (_ . args) + ;; Run 'nscd' in a pipe so we can explicitly redirect its output to + ;; 'current-output-port', which at this stage is bound to the client + ;; connection. + (let ((pipe (apply open-pipe* OPEN_READ #$nscd + "-f" #$config #$option args))) + (let loop () + (match (read-line pipe 'concat) + ((? eof-object?) + (catch 'system-error + (lambda () + (zero? (close-pipe pipe))) + (lambda args + ;; There's a race with the SIGCHLD handler, which could + ;; call 'waitpid' before 'close-pipe' above does. If we + ;; get ECHILD, that means we lost the race, but that's + ;; fine. + (or (= ECHILD (system-error-errno args)) + (apply throw args))))) + (line + (display line) + (loop))))))) + +(define (nscd-actions nscd config) + "Return Shepherd actions for NSCD." + ;; Make this functionality available as actions because that's a simple way + ;; to run the right 'nscd' binary with the right config file. + (list (shepherd-action + (name 'statistics) + (documentation "Display statistics about nscd usage.") + (procedure (nscd-action-procedure nscd config "--statistics"))) + (shepherd-action + (name 'invalidate) + (documentation + "Invalidate the given cache--e.g., 'hosts' for host name lookups.") + (procedure (nscd-action-procedure nscd config "--invalidate"))))) + (define (nscd-shepherd-service config) "Return a shepherd service for CONFIG, an object." - (let ((nscd.conf (nscd.conf-file config)) + (let ((nscd (file-append (nscd-configuration-glibc config) + "/sbin/nscd")) + (nscd.conf (nscd.conf-file config)) (name-services (nscd-configuration-name-services config))) (list (shepherd-service (documentation "Run libc's name service cache daemon (nscd).") (provision '(nscd)) (requirement '(user-processes)) (start #~(make-forkexec-constructor - (list #$(file-append (nscd-configuration-glibc config) - "/sbin/nscd") - "-f" #$nscd.conf "--foreground") + (list #$nscd "-f" #$nscd.conf "--foreground") ;; Wait for the PID file. However, the PID file is ;; written before nscd is actually listening on its @@ -1277,7 +1316,12 @@ the tty to run, among other things." (string-append dir "/lib")) (list #$@name-services)) ":"))))) - (stop #~(make-kill-destructor)))))) + (stop #~(make-kill-destructor)) + (modules `((ice-9 popen) ;for the actions + (ice-9 rdelim) + (ice-9 match) + ,@%default-modules)) + (actions (nscd-actions nscd nscd.conf)))))) (define nscd-activation ;; Actions to take before starting nscd. diff --git a/gnu/tests/base.scm b/gnu/tests/base.scm index 896d4a8f88..02882f4b46 100644 --- a/gnu/tests/base.scm +++ b/gnu/tests/base.scm @@ -335,6 +335,20 @@ info --version") (x (pk 'failure x #f)))) + (test-equal "nscd invalidate action" + '(#t) ;one value, #t + (marionette-eval '(with-shepherd-action 'nscd ('invalidate "hosts") + result + result) + marionette)) + + (test-equal "nscd invalidate action, wrong table" + '(#f) ;one value, #f + (marionette-eval '(with-shepherd-action 'nscd ('invalidate "xyz") + result + result) + marionette)) + (test-equal "host not found" #f (marionette-eval -- cgit v1.2.3