summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbertagaz <bertagaz@ptitcanardnoir.org>2016-07-11 14:01:33 +0200
committerbertagaz <bertagaz@ptitcanardnoir.org>2016-07-11 14:01:33 +0200
commit62faddff636791df8feac1e9f093e8d0752b3461 (patch)
tree1d90a1bc5dba82df8ff7206f789129012ec350d4
parent61766e1eec7c67fa419e503daffa088e7ed319ae (diff)
parentd4bb25b081ca18ec4becf7d4e29aec8a429d0902 (diff)
Merge remote-tracking branch 'origin/bugfix/10494-retry-htpdate' into bugfix/10494-retry-htpdate-with-more-fragile-testsbugfix/10494-retry-htpdate-with-more-fragile-tests
-rw-r--r--config/chroot_local-includes/lib/systemd/system/htpdate.service14
-rwxr-xr-xconfig/chroot_local-includes/usr/local/sbin/retry_htpdate36
2 files changed, 37 insertions, 13 deletions
diff --git a/config/chroot_local-includes/lib/systemd/system/htpdate.service b/config/chroot_local-includes/lib/systemd/system/htpdate.service
index 34de62d..bdf1122 100644
--- a/config/chroot_local-includes/lib/systemd/system/htpdate.service
+++ b/config/chroot_local-includes/lib/systemd/system/htpdate.service
@@ -19,20 +19,8 @@ ExecStartPre=/bin/rm -f "${DONE_FILE}"
ExecStartPre=/bin/rm -f "${SUCCESS_FILE}"
ExecStartPre=/usr/bin/install -o root -g root -m 0755 -d /run/htpdate
ExecStartPre=/usr/bin/install -o htp -g nogroup -m 0644 /dev/null "${LOG}"
-ExecStart=/usr/local/sbin/htpdate \
- --debug \
- --log_file "${LOG}" \
- --user_agent "${HTTP_USER_AGENT}" \
- --allowed_per_pool_failure_ratio 0.50 \
- --user htp \
- --done_file "${DONE_FILE}" \
- --success_file "${SUCCESS_FILE}" \
- --pal_pool "${HTP_POOL_PAL}" \
- --neutral_pool "${HTP_POOL_NEUTRAL}" \
- --foe_pool "${HTP_POOL_FOE}" \
- --proxy 127.0.0.1:9062
+ExecStart=/usr/local/sbin/retry_htpdate
RemainAfterExit=yes
-CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_SETUID CAP_SYS_TIME
PrivateDevices=yes
PrivateTmp=yes
ProtectHome=yes
diff --git a/config/chroot_local-includes/usr/local/sbin/retry_htpdate b/config/chroot_local-includes/usr/local/sbin/retry_htpdate
new file mode 100755
index 0000000..23e4bc0
--- /dev/null
+++ b/config/chroot_local-includes/usr/local/sbin/retry_htpdate
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+set -e
+set -u
+
+. /usr/local/lib/tails-shell-library/tor.sh
+
+MAX_RESTARTS=10
+
+restarts=0
+
+until [ -e "${SUCCESS_FILE}" ]; do
+ if [ $restarts -ne 0 ]; then
+ logger -t time "Restarting htpdate ($restarts time)"
+ tor_control_send 'signal NEWNYM'
+ fi
+ /usr/local/sbin/htpdate \
+ --debug \
+ --log_file "${LOG}" \
+ --user_agent "${HTTP_USER_AGENT}" \
+ --allowed_per_pool_failure_ratio 0.34 \
+ --user htp \
+ --done_file "${DONE_FILE}" \
+ --success_file "${SUCCESS_FILE}" \
+ --pal_pool "${HTP_POOL_PAL}" \
+ --neutral_pool "${HTP_POOL_NEUTRAL}" \
+ --foe_pool "${HTP_POOL_FOE}" \
+ --proxy 127.0.0.1:9062 \
+ || restarts=$(($restarts+1))
+ if [ $restarts -eq $MAX_RESTARTS ] \
+ && [ ! -e "${SUCCESS_FILE}" ]; then
+ logger -t time \
+ "Htpdate failed despites having tried $MAX_RESTARTS times."
+ exit 255
+ fi
+done