|
 |
e8fa8b |
diff --git a/watchdog.8 b/watchdog.8
|
|
|
e8fa8b |
index 9b7c6e7..052b1e1 100644
|
|
|
e8fa8b |
--- a/watchdog.8
|
|
|
e8fa8b |
+++ b/watchdog.8
|
|
|
e8fa8b |
@@ -216,6 +216,7 @@ by
|
|
|
e8fa8b |
.BR watchdog .
|
|
|
e8fa8b |
So you can for instance restart the server from your
|
|
|
e8fa8b |
.IR repair-binary .
|
|
|
e8fa8b |
+See the Systemd section below for additinal information.
|
|
|
e8fa8b |
.PP
|
|
|
e8fa8b |
.B watchdog
|
|
|
e8fa8b |
will try periodically to fork itself to see whether the process
|
|
|
e8fa8b |
@@ -242,6 +243,8 @@ a given interface for traffic. If no traffic arrives the network is
|
|
|
e8fa8b |
considered unreachable causing a soft reboot or action from the
|
|
|
e8fa8b |
repair binary.
|
|
|
e8fa8b |
.PP
|
|
|
e8fa8b |
+To start the watchdog when network is available see the Systemd section below.
|
|
|
e8fa8b |
+.PP
|
|
|
e8fa8b |
.B watchdog
|
|
|
e8fa8b |
can run an external command for user-defined tests. A return code not equal 0
|
|
|
e8fa8b |
means an error occurred and watchdog should react. If the external command is
|
|
|
e8fa8b |
@@ -348,6 +351,9 @@ Child process did not return in time.
|
|
|
e8fa8b |
246
|
|
|
e8fa8b |
Free for personal watchdog-specific use (was \-10 as an unsigned 8\-bit
|
|
|
e8fa8b |
number).
|
|
|
e8fa8b |
+.PP
|
|
|
e8fa8b |
+With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/
|
|
|
e8fa8b |
+for your test-binary configuration.
|
|
|
e8fa8b |
.TP
|
|
|
e8fa8b |
245
|
|
|
e8fa8b |
Reserved for an unknown result, for example a slow background test that is
|
|
|
e8fa8b |
@@ -375,6 +381,9 @@ repair-maximum
|
|
|
e8fa8b |
controls the number of successive repair attempts that report 0 (i.e. success) but
|
|
|
e8fa8b |
fail to clear the tested fault. If this is exceeded then a reboot takes place. If set
|
|
|
e8fa8b |
to zero then a reboot can always be blocked by the repair program reporting success.
|
|
|
e8fa8b |
+.PP
|
|
|
e8fa8b |
+With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/
|
|
|
e8fa8b |
+for your repair-binary configuration.
|
|
|
e8fa8b |
.SH "TEST DIRECTORY"
|
|
|
e8fa8b |
Executables placed in the test directory are discovered by watchdog on
|
|
|
e8fa8b |
startup and are automatically executed. They are bounded time-wise by
|
|
|
e8fa8b |
@@ -413,6 +422,27 @@ As for the repair binary, the configuration parameter
|
|
|
e8fa8b |
repair-maximum
|
|
|
e8fa8b |
also controls the number of successive repair attempts that report success
|
|
|
e8fa8b |
(return 0) but fail to clear the fault.
|
|
|
e8fa8b |
+.SH SYSTEMD
|
|
|
e8fa8b |
+To start watchdog after the network is available:
|
|
|
e8fa8b |
+.PP
|
|
|
e8fa8b |
+.br
|
|
|
e8fa8b |
+systemctl disable watchdog
|
|
|
e8fa8b |
+.br
|
|
|
e8fa8b |
+systemctl enable NetworkManager-wait-online
|
|
|
e8fa8b |
+.br
|
|
|
e8fa8b |
+systemctl enable watchdog-ping
|
|
|
e8fa8b |
+.PP
|
|
|
e8fa8b |
+
|
|
|
e8fa8b |
+When using custom service pid check with custom service
|
|
|
e8fa8b |
+systemd unit file please be aware the "Requires="
|
|
|
e8fa8b |
+does dependent service deactivation.
|
|
|
e8fa8b |
+Using "Before=watchdog.service" or "Before=watchdog-ping.service"
|
|
|
e8fa8b |
+in the custom service unit file may be the desired operation instead.
|
|
|
e8fa8b |
+See systemd.unit documentation for more details.
|
|
|
e8fa8b |
+
|
|
|
e8fa8b |
+.SH SELINUX
|
|
|
e8fa8b |
+The directories /etc/watchdog.d/ and /usr/libexec/watchdog/scripts/ are
|
|
|
e8fa8b |
+recognized locations for custom executables.
|
|
|
e8fa8b |
.SH BUGS
|
|
|
e8fa8b |
None known so far.
|
|
|
e8fa8b |
.SH AUTHORS
|
|
|
e8fa8b |
@@ -431,4 +461,4 @@ The watchdog device.
|
|
|
e8fa8b |
The pid file of the running
|
|
|
e8fa8b |
.BR watchdog .
|
|
|
e8fa8b |
.SH "SEE ALSO"
|
|
|
e8fa8b |
-.BR watchdog.conf (5)
|
|
|
e8fa8b |
+.BR watchdog.conf (5), systemd.unit (5)
|
|
|
e8fa8b |
diff --git a/watchdog.conf b/watchdog.conf
|
|
|
e8fa8b |
index 207da3e..7dd3cb3 100644
|
|
|
e8fa8b |
--- a/watchdog.conf
|
|
|
e8fa8b |
+++ b/watchdog.conf
|
|
|
e8fa8b |
@@ -75,7 +75,9 @@ priority = 1
|
|
|
e8fa8b |
# If you have a custom binary/script to handle errors then uncomment
|
|
|
e8fa8b |
# this line and provide the path. For 'v1' test binary files they also
|
|
|
e8fa8b |
# handle error cases.
|
|
|
e8fa8b |
-
|
|
|
e8fa8b |
+# With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/
|
|
|
e8fa8b |
+
|
|
|
e8fa8b |
+# or /etc/watchdog.d/ for your test-binary and repair-binary configuration.
|
|
|
e8fa8b |
#repair-binary = /usr/sbin/repair
|
|
|
e8fa8b |
#repair-timeout = 60
|
|
|
e8fa8b |
|
|
|
e8fa8b |
@@ -175,6 +177,13 @@ priority = 1
|
|
|
e8fa8b |
#temperature-sensor =
|
|
|
e8fa8b |
#max-temperature = 90
|
|
|
e8fa8b |
|
|
|
e8fa8b |
+# When using custom service pid check with custom service
|
|
|
e8fa8b |
+# systemd unit file please be aware the "Requires="
|
|
|
e8fa8b |
+# does dependent service deactivation.
|
|
|
e8fa8b |
+# Using "Before=watchdog.service" or "Before=watchdog-ping.service"
|
|
|
e8fa8b |
+# in the custom service unit file may be the desired operation instead.
|
|
|
e8fa8b |
+# See man 5 systemd.unit for more details.
|
|
|
e8fa8b |
+#
|
|
|
e8fa8b |
# Check for a running process/daemon by its PID file. For example,
|
|
|
e8fa8b |
# check if rsyslogd is still running by enabling the following line:
|
|
|
e8fa8b |
|
|
|
e8fa8b |
diff --git a/watchdog.conf.5 b/watchdog.conf.5
|
|
|
e8fa8b |
index edf7c8b..72c3bc2 100644
|
|
|
e8fa8b |
--- a/watchdog.conf.5
|
|
|
e8fa8b |
+++ b/watchdog.conf.5
|
|
|
e8fa8b |
@@ -130,6 +130,7 @@ pidfile = <pidfilename>
|
|
|
e8fa8b |
Set pidfile name for daemon test mode.
|
|
|
e8fa8b |
This option can be given as often as you like to check several daemons, assuming
|
|
|
e8fa8b |
they write their post-forking PID to the specified files.
|
|
|
e8fa8b |
+See the Systemd section in watchdog (8) for more information.
|
|
|
e8fa8b |
.TP
|
|
|
e8fa8b |
ping = <ip-addr>
|
|
|
e8fa8b |
Set IPv4 address for ping mode.
|
|
|
e8fa8b |
@@ -147,6 +148,8 @@ aliased IP interfaces.
|
|
|
e8fa8b |
.TP
|
|
|
e8fa8b |
test-binary = <testbin>
|
|
|
e8fa8b |
Execute the given binary to do some user defined tests.
|
|
|
e8fa8b |
+With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/
|
|
|
e8fa8b |
+for your test-binary configuration.
|
|
|
e8fa8b |
.TP
|
|
|
e8fa8b |
test-timeout = <timeout in seconds>
|
|
|
e8fa8b |
User defined tests may only run for <timeout> seconds. Set to 0 for unlimited.
|
|
|
e8fa8b |
@@ -154,6 +157,8 @@ User defined tests may only run for <timeout> seconds. Set to 0 for unlimited.
|
|
|
e8fa8b |
repair-binary = <repbin>
|
|
|
e8fa8b |
Execute the given binary in case of a problem instead of shutting down the
|
|
|
e8fa8b |
system.
|
|
|
e8fa8b |
+With enforcing SELinux policy please use the /usr/libexec/watchdog/scripts/
|
|
|
e8fa8b |
+for your repair-binary configuration.
|
|
|
e8fa8b |
.TP
|
|
|
e8fa8b |
repair-timeout = <timeout in seconds>
|
|
|
e8fa8b |
repair command may only run for <timeout> seconds. Set to 0 for 'unlimited', but
|
|
|
e8fa8b |
@@ -188,6 +193,7 @@ Set the schedule priority for realtime mode passed to sched_setscheduler().
|
|
|
e8fa8b |
.TP
|
|
|
e8fa8b |
test-directory = <test directory>
|
|
|
e8fa8b |
Set the directory to run user test/repair scripts. Default is '/etc/watchdog.d'
|
|
|
e8fa8b |
+The /etc/watchdog.d/ is recognized by SELinux policy.
|
|
|
e8fa8b |
See the Test Directory section in watchdog(8) for more information.
|
|
|
e8fa8b |
.TP
|
|
|
e8fa8b |
log-dir = <log directory>
|