XSI-1773 clean up swtpm service files

We have seen swtpm systemd service files not being removed. We now make Fe_systemctl.stop callable when the servive is potentially not running to ensure clean up is happening regardless. Signed-off-by: Christian Lindig <[email protected]>
xapi-project · Dec 20, 2024 · eb47f20 · eb47f20
1 parent 90b0faf
commit eb47f20
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 19 deletions.
diff --git a/ocaml/forkexecd/lib/fe_systemctl.ml b/ocaml/forkexecd/lib/fe_systemctl.ml
@@ -104,31 +104,35 @@ let show ~service =
   ; active_state= props |> List.assoc active_state
   }
 
+(** Even is a service is not running, we still might want to do some
+    clean up from when it was running but did not have a proper exit *)
+let cleanup ~service =
+  let destination = Filename.concat run_path (service ^ ".service") in
+  Xapi_stdext_unix.Unixext.unlink_safe destination
+
+let is_active ~service =
+  let status =
+    Forkhelpers.safe_close_and_exec None None None [] systemctl
+      ["is-active"; "--quiet"; service]
+    |> Forkhelpers.waitpid
+    |> snd
+  in
+  Unix.WEXITED 0 = status
+
 let stop ~service =
-  action ~service "stop" ;
   (* Stopping shouldn't fail because it should fall back to SIGKILL which should almost always work,
    * unless there is a kernel bug that keeps a process stuck.
    * In the unlikely scenario that this does fail we leave the transient service file behind
    * so that the failure can be investigated.
    * *)
+  if is_active ~service then action ~service "stop" ;
   let status = show ~service in
   (* allow systemd to garbage-collect the status and the unit, preventing leaks.
    * See CollectMode in systemd.unit(5) for details. *)
   ( if status.exec_main_status <> 0 then
       try action ~service "reset-failed" with _ -> ()
   ) ;
-  let destination = Filename.concat run_path (service ^ ".service") in
-  Xapi_stdext_unix.Unixext.unlink_safe destination ;
-  status
-
-let is_active ~service =
-  let status =
-    Forkhelpers.safe_close_and_exec None None None [] systemctl
-      ["is-active"; "--quiet"; service]
-    |> Forkhelpers.waitpid
-    |> snd
-  in
-  Unix.WEXITED 0 = status
+  cleanup ~service ; status
 
 (** path to service file *)
 let path service = Filename.concat run_path (service ^ ".service")

diff --git a/ocaml/xenopsd/xc/service.ml b/ocaml/xenopsd/xc/service.ml
@@ -619,15 +619,14 @@ module SystemdDaemonMgmt (D : DAEMONPIDPATH) = struct
     match (of_domid domid, is_running ~xs domid) with
     | None, true ->
         Compat.stop ~xs domid
-    | Some service, true ->
-        (* xenstore cleanup is done by systemd unit file *)
-        let (_ : Fe_systemctl.status) = Fe_systemctl.stop ~service in
-        ()
-    | Some service, false ->
-        info "Not trying to stop %s since it's not running" service
     | None, false ->
         info "Not trying to stop %s for domid %i since it's not running" D.name
           domid
+    | Some service, _ ->
+        (* xenstore cleanup is done by systemd unit file; we are calling
+           stop in any case to clean up *)
+        let (_ : Fe_systemctl.status) = Fe_systemctl.stop ~service in
+        ()
 
   let start_daemon ~path ~args ~domid () =
     debug "Starting daemon: %s with args [%s]" path (String.concat "; " args) ;