Get the most out of your Centmin Mod LEMP stack
Become a Member

CentOS 7.x Work log for dealing with CentOS 7.0 changes (systemd)

Discussion in 'Beta release code' started by eva2000, Jul 9, 2014.

  1. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    Starting a discussion thread and work log for dealing with CentOS 7.0 changes which will affect Centmin Mod .08 beta and higher.

    Biggest change is CentOS 7.0's replacement of ini.d (SysVinit) with Systemd you can see changes below. So will have to rewrite Centmin Mod custom init.d files as well as change the commands which are invoked depending on whether CentOS 6.x or 7.0 is detected.

    Wrote a test shell script to work out the CentOS 7.0 vs 6.x detection and a cmservice function to carry out the appropriate commands depending on if CentOS 7 or CentOS 6 is detected.

    Code:
    #!/bin/bash
    CMSDEBUG=y
    TESTEDCENTOSVER='7.0'
    CENTOSVER=$(cat /etc/redhat-release | awk '{ print $3 }')
    
    if [ "$CENTOSVER" == 'release' ]; then
        CENTOSVER=$(cat /etc/redhat-release | awk '{ print $4 }' | cut -d . -f1,2)
        if [[ "$(cat /etc/redhat-release | awk '{ print $4 }' | cut -d . -f1)" = '7' ]]; then
            CENTOS_SEVEN='7'
        fi
    fi
    
    if [[ "$CMSDEBUG" = [yY] ]]; then
        if [[ "$CENTOS_SEVEN" != '7' ]]; then
                echo "Detected 6.5"
        else
                echo "Detected 7.0"
        fi
    fi
    
    cmservice() {
        servicename=$1
        action=$2
        if [[ "$CENTOS_SEVEN" != '7' ]]; then
            echo "service ${servicename} $action"
            if [[ "$CMSDEBUG" = [nN] ]]; then
                service ${servicename} $action
            fi
        else
            echo "systemctl $action ${servicename}.service"
            if [[ "$CMSDEBUG" = [nN] ]]; then
                systemctl $action ${servicename}.service
            fi
        fi
    }
    
    cmchkconfig() {
        servicename=$1
        status=$2
        if [[ "$CENTOS_SEVEN" != '7' ]]; then
            echo "chkconfig ${servicename} $status"
            if [[ "$CMSDEBUG" = [nN] ]]; then
                chkconfig ${servicename} $status
            fi
        else
            if [ "$status" = 'on' ]; then
                status=enable
            fi
            if [ "$status" = 'off' ]; then
                status=disable
            fi
            echo "systemctl $status ${servicename}.service"
            if [[ "$CMSDEBUG" = [nN] ]]; then
                systemctl $status ${servicename}.service
            fi
        fi
    }
    
    cmservice crond status
    cmservice crond stop
    cmservice crond start
    cmservice crond restart
    
    cmchkconfig crond on
    cmchkconfig crond off
    
    On a CentOS 6.5 system the following is outputted:
    Code:
    ./ctest.sh 
    Detected 6.5
    service crond status
    service crond stop
    service crond start
    service crond restart
    chkconfig crond on
    chkconfig crond off
    
    On a CentOS 7.0 system the following is outputted:
    Code:
    ./ctest.sh 
    Detected 7.0
    systemctl status crond.service
    systemctl stop crond.service
    systemctl start crond.service
    systemctl restart crond.service
    systemctl enable crond.service
    systemctl disable crond.service
    

    systemd_cheatsheet.png
     
    Last edited: Jul 9, 2014
  2. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    Would be great if anyone else more familiar with Systemd method of doing things (i.e. for Fedora etc) would chime in especially if I have any incorrect assumptions regarding the Systemd stuff :)
     
  3. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
  4. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    A slight problem if I decide to use MariaDB official YUM repo in CentOS 7.x and disable CentOS 7.x's own MariaDB packages as both are named mariadb in MariaDB official YUM repo and in CentOS 7.x.

    /etc/yum.conf exclude=mariadb* line wouldn't suffice to disable CentOS 7.x mariadb packages as it would disable MariaDB official YUM too.

    On CentOS 7.x MariaDB YUM packages by default
    Code:
    [root@centos7 tools]# yum -q list mariadb*
    Installed Packages
    mariadb-libs.x86_64                                                              1:5.5.35-3.el7                                                      @anaconda
    Available Packages
    mariadb.x86_64                                                                   1:5.5.37-1.el7_0                                                    updates
    mariadb-bench.x86_64                                                             1:5.5.37-1.el7_0                                                    updates
    mariadb-devel.i686                                                               1:5.5.37-1.el7_0                                                    updates
    mariadb-devel.x86_64                                                             1:5.5.37-1.el7_0                                                    updates
    mariadb-embedded.i686                                                            1:5.5.37-1.el7_0                                                    updates
    mariadb-embedded.x86_64                                                          1:5.5.37-1.el7_0                                                    updates
    mariadb-embedded-devel.i686                                                      1:5.5.37-1.el7_0                                                    updates
    mariadb-embedded-devel.x86_64                                                    1:5.5.37-1.el7_0                                                    updates
    mariadb-libs.i686                                                                1:5.5.37-1.el7_0                                                    updates
    mariadb-libs.x86_64                                                              1:5.5.37-1.el7_0                                                    updates
    mariadb-server.x86_64                                                            1:5.5.37-1.el7_0                                                    updates
    mariadb-test.x86_64                                                              1:5.5.37-1.el7_0                                                    updates  
    CentOS 6.5 and MariaDB official YUM packages
    Code:
    yum -q list mariadb*
    Installed Packages
    MariaDB-client.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-common.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-compat.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-devel.x86_64                                                           5.5.38-1.el6                                                           @mariadb
    MariaDB-server.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-shared.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    Available Packages
    MariaDB-test.x86_64                                                            5.5.38-1.el6                                                           mariadb
    Might have to do the following for CentOS 7.x MariaDB YUM list, update, installs?
    Code:
    yum list mariadb* --disablerepo=* --enablerepo=mariadb
    Code:
    yum list mariadb* --disablerepo=* --enablerepo=mariadb
    Loaded plugins: downloadonly, fastestmirror, priorities
    Loading mirror speeds from cached hostfile
    Installed Packages
    MariaDB-client.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-common.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-compat.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-devel.x86_64                                                           5.5.38-1.el6                                                           @mariadb
    MariaDB-server.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    MariaDB-shared.x86_64                                                          5.5.38-1.el6                                                           @mariadb
    Available Packages
    MariaDB-test.x86_64                                                            5.5.38-1.el6                                                           mariadb 
     
    Last edited: Jul 9, 2014
    • Like Like x 1
  5. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    Nginx, memcached, nsd, and PHP-FPM are just apps which have custom init.d scripts in Centmin Mod currently, so will need the systemd equivalent for them for CentOS 7.x.

    Decided to install memcached and php-fpm from default CentOS 7.0 YUM packages and dig into how they have things structured and configured for systemd etc.

    memcached install

    Code:
     yum -y install memcached
    Loaded plugins: fastestmirror
    base                                                                                                                                   | 3.6 kB  00:00:00    
    extras                                                                                                                                 | 2.9 kB  00:00:00    
    updates                                                                                                                                | 2.9 kB  00:00:00    
    Loading mirror speeds from cached hostfile
    * base: centos.mirror.serversaustralia.com.au
    * extras: centos.mirror.serversaustralia.com.au
    * updates: mirror.overthewire.com.au
    Resolving Dependencies
    --> Running transaction check
    ---> Package memcached.x86_64 0:1.4.15-9.el7 will be installed
    --> Processing Dependency: libevent-2.0.so.5()(64bit) for package: memcached-1.4.15-9.el7.x86_64
    --> Running transaction check
    ---> Package libevent.x86_64 0:2.0.21-4.el7 will be installed
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ==============================================================================================================================================================
    Package                                Arch                                Version                                   Repository                         Size
    ==============================================================================================================================================================
    Installing:
    memcached                              x86_64                              1.4.15-9.el7                              base                               84 k
    Installing for dependencies:
    libevent                               x86_64                              2.0.21-4.el7                              base                              214 k
    
    Transaction Summary
    ==============================================================================================================================================================
    Install  1 Package (+1 Dependent package)
    
    Total download size: 298 k
    Installed size: 897 k
    Downloading packages:
    (1/2): memcached-1.4.15-9.el7.x86_64.rpm                                                                                               |  84 kB  00:00:00    
    (2/2): libevent-2.0.21-4.el7.x86_64.rpm                                                                                                | 214 kB  00:00:00    
    --------------------------------------------------------------------------------------------------------------------------------------------------------------
    Total                                                                                                                         482 kB/s | 298 kB  00:00:00    
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
      Installing : libevent-2.0.21-4.el7.x86_64                                                                                                               1/2
      Installing : memcached-1.4.15-9.el7.x86_64                                                                                                              2/2
      Verifying  : memcached-1.4.15-9.el7.x86_64                                                                                                              1/2
      Verifying  : libevent-2.0.21-4.el7.x86_64                                                                                                               2/2
    
    Installed:
      memcached.x86_64 0:1.4.15-9.el7                                                                                                                            
    
    Dependency Installed:
      libevent.x86_64 0:2.0.21-4.el7                                                                                                                             
    
    Complete!
    default installed memcached files

    Code:
     rpm -ql memcached
    /etc/sysconfig/memcached
    /usr/bin/memcached
    /usr/bin/memcached-tool
    /usr/lib/systemd/system/memcached.service
    /usr/share/doc/memcached-1.4.15
    /usr/share/doc/memcached-1.4.15/AUTHORS
    /usr/share/doc/memcached-1.4.15/CONTRIBUTORS
    /usr/share/doc/memcached-1.4.15/COPYING
    /usr/share/doc/memcached-1.4.15/ChangeLog
    /usr/share/doc/memcached-1.4.15/NEWS
    /usr/share/doc/memcached-1.4.15/README.md
    /usr/share/doc/memcached-1.4.15/protocol.txt
    /usr/share/doc/memcached-1.4.15/readme.txt
    /usr/share/doc/memcached-1.4.15/threads.txt
    /usr/share/man/man1/memcached-tool.1.gz
    /usr/share/man/man1/memcached.1.gz
    contents of /etc/sysconfig/memcached
    Code:
    PORT="11211"
    USER="memcached"
    MAXCONN="1024"
    CACHESIZE="64"
    OPTIONS=""
    contents of systemd file /usr/lib/systemd/system/memcached.service
    Code:
    [Unit]
    Description=Memcached
    Before=httpd.service
    After=network.target
    
    [Service]
    Type=simple
    EnvironmentFile=-/etc/sysconfig/memcached
    ExecStart=/usr/bin/memcached -u $USER -p $PORT -m $CACHESIZE -c $MAXCONN $OPTIONS
    
    [Install]
    WantedBy=multi-user.target
    default status and is-active status
    Code:
     systemctl status memcached
    memcached.service - Memcached
       Loaded: loaded (/usr/lib/systemd/system/memcached.service; disabled)
       Active: inactive (dead)
    Code:
     systemctl is-active memcached
    unknown
    start and enable memcached
    Code:
     systemctl start memcached
    
    ps aufx | grep memcached | grep -v grep
    memcach+  2689  0.0  0.0 314820  1088 ?        Ssl  15:50   0:00 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024
    Code:
     systemctl is-active memcached
    active
    Make sure memcached survives system reboot with equivalent chkconfig command.

    Current status before enable is disabled
    Code:
     systemctl status memcached
    memcached.service - Memcached
       Loaded: loaded (/usr/lib/systemd/system/memcached.service; disabled)
       Active: active (running) since Wed 2014-07-09 15:50:20 EST; 43s ago
    Main PID: 2689 (memcached)
       CGroup: /system.slice/memcached.service
               +-2689 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024
    
    Jul 09 15:50:20 centos7.localdomain systemd[1]: Started Memcached.
    Then enable for system reboots
    Code:
     systemctl enable memcached
    ln -s '/usr/lib/systemd/system/memcached.service' '/etc/systemd/system/multi-user.target.wants/memcached.service'
    Then check status and see it's now enabled
    Code:
     systemctl status memcached
    memcached.service - Memcached
       Loaded: loaded (/usr/lib/systemd/system/memcached.service; enabled)
       Active: active (running) since Wed 2014-07-09 15:50:20 EST; 1min 33s ago
    Main PID: 2689 (memcached)
       CGroup: /system.slice/memcached.service
               +-2689 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024
    
    Jul 09 15:50:20 centos7.localdomain systemd[1]: Started Memcached.
     
    • Like Like x 1
  6. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    Wondering what's left in /etc/init.d/ on CentOS 7 ?

    Code:
    ls -lah /etc/init.d/
    total 48K
    drwxr-xr-x.  2 root root  110 Jul  8 13:29 .
    drwxr-xr-x. 10 root root 4.0K Jun 27 21:07 ..
    -rw-r--r--.  1 root root  14K Apr  3 01:30 functions
    -rwxr-xr-x.  1 root root 2.3K Jun 10 11:34 iprdump
    -rwxr-xr-x.  1 root root 2.2K Jun 10 11:34 iprinit
    -rwxr-xr-x.  1 root root 2.3K Jun 10 11:34 iprupdate
    -rwxr-xr-x.  1 root root 3.0K Apr  3 01:30 netconsole
    -rwxr-xr-x.  1 root root 6.3K Apr  3 01:30 network
    -rw-r--r--.  1 root root 1.2K Jun 10 15:35 README
    Code:
     cat /etc/init.d/README
    You are looking for the traditional init scripts in /etc/rc.d/init.d,
    and they are gone?
    
    Here's an explanation on what's going on:
    
    You are running a systemd-based OS where traditional init scripts have
    been replaced by native systemd services files. Service files provide
    very similar functionality to init scripts. To make use of service
    files simply invoke "systemctl", which will output a list of all
    currently running services (and other units). Use "systemctl
    list-unit-files" to get a listing of all known unit files, including
    stopped, disabled and masked ones. Use "systemctl start
    foobar.service" and "systemctl stop foobar.service" to start or stop a
    service, respectively. For further details, please refer to
    systemctl(1).
    
    Note that traditional init scripts continue to function on a systemd
    system. An init script /etc/rc.d/init.d/foobar is implicitly mapped
    into a service unit foobar.service during system initialization.
    
    Thank you!
    
    Further reading:
            man:systemctl(1)
            man:systemd(1)
            http://0pointer.de/blog/projects/systemd-for-admins-3.html
            http://www.freedesktop.org/wiki/Software/systemd/Incompatibilities
    So this part means init.d scripts would work 100% ?
    Code:
    cat /etc/init.d/functions
    # -*-Shell-script-*-
    #
    # functions     This file contains functions to be used by most or all
    #               shell scripts in the /etc/init.d directory.
    #
    
    TEXTDOMAIN=initscripts
    
    # Make sure umask is sane
    umask 022
    
    # Set up a default search path.
    PATH="/sbin:/usr/sbin:/bin:/usr/bin"
    export PATH
    
    if [ $PPID -ne 1 -a -z "$SYSTEMCTL_SKIP_REDIRECT" ] && \
                    ( /bin/mountpoint -q /cgroup/systemd || /bin/mountpoint -q /sys/fs/cgroup/systemd ) ; then
            case "$0" in
            /etc/init.d/*|/etc/rc.d/init.d/*)
                    _use_systemctl=1
                    ;;
            esac
    fi
    
    systemctl_redirect () {
            local s
            local prog=${1##*/}
            local command=$2
            local options=""
    
            case "$command" in
            start)
                    s=$"Starting $prog (via systemctl): "
                    ;;
            stop)
                    s=$"Stopping $prog (via systemctl): "
                    ;;
            reload|try-reload)
                    s=$"Reloading $prog configuration (via systemctl): "
                    ;;
            restart|try-restart|condrestart)
                    s=$"Restarting $prog (via systemctl): "
                    ;;
            esac
    
            if [ -n "$SYSTEMCTL_IGNORE_DEPENDENCIES" ] ; then
                    options="--ignore-dependencies"
            fi
    
            action "$s" /bin/systemctl $options $command "$prog.service"
    }
    
    # Get a sane screen width
    [ -z "${COLUMNS:-}" ] && COLUMNS=80
    
    if [ -z "${CONSOLETYPE:-}" ]; then
      if [ -c "/dev/stderr" -a -r "/dev/stderr" ]; then
        CONSOLETYPE="$(/sbin/consoletype < /dev/stderr 2>/dev/null)"
      else
        CONSOLETYPE="serial"
      fi
    fi
    
    if [ -z "${NOLOCALE:-}" ] && [ -z "${LANGSH_SOURCED:-}" ] && [ -f /etc/sysconfig/i18n -o -f /etc/locale.conf ] ; then
      . /etc/profile.d/lang.sh 2>/dev/null
      # avoid propagating LANGSH_SOURCED any further
      unset LANGSH_SOURCED
    fi
    
    # Read in our configuration
    if [ -z "${BOOTUP:-}" ]; then
      if [ -f /etc/sysconfig/init ]; then
          . /etc/sysconfig/init
      else
        # This all seem confusing? Look in /etc/sysconfig/init,
        # or in /usr/share/doc/initscripts-*/sysconfig.txt
        BOOTUP=color
        RES_COL=60
        MOVE_TO_COL="echo -en \\033[${RES_COL}G"
        SETCOLOR_SUCCESS="echo -en \\033[1;32m"
        SETCOLOR_FAILURE="echo -en \\033[1;31m"
        SETCOLOR_WARNING="echo -en \\033[1;33m"
        SETCOLOR_NORMAL="echo -en \\033[0;39m"
        LOGLEVEL=1
      fi
      if [ "$CONSOLETYPE" = "serial" ]; then
          BOOTUP=serial
          MOVE_TO_COL=
          SETCOLOR_SUCCESS=
          SETCOLOR_FAILURE=
          SETCOLOR_WARNING=
          SETCOLOR_NORMAL=
      fi
    fi
    
    # Check if any of $pid (could be plural) are running
    checkpid() {
            local i
    
            for i in $* ; do
                    [ -d "/proc/$i" ] && return 0
            done
            return 1
    }
    
    # __proc_pids {program} [pidfile]
    # Set $pid to pids from /var/run* for {program}.  $pid should be declared
    # local in the caller.
    # Returns LSB exit code for the 'status' action.
    __pids_var_run() {
            local base=${1##*/}
            local pid_file=${2:-/var/run/$base.pid}
    
            pid=
            if [ -f "$pid_file" ] ; then
                    local line p
    
                    [ ! -r "$pid_file" ] && return 4 # "user had insufficient privilege"
                    while : ; do
                            read line
                            [ -z "$line" ] && break
                            for p in $line ; do
                                    [ -z "${p//[0-9]/}" ] && [ -d "/proc/$p" ] && pid="$pid $p"
                            done
                    done < "$pid_file"
    
                    if [ -n "$pid" ]; then
                            return 0
                    fi
                    return 1 # "Program is dead and /var/run pid file exists"
            fi
            return 3 # "Program is not running"
    }
    
    # Output PIDs of matching processes, found using pidof
    __pids_pidof() {
            pidof -c -m -o $$ -o $PPID -o %PPID -x "$1" || \
                    pidof -c -m -o $$ -o $PPID -o %PPID -x "${1##*/}"
    }
    
    
    # A function to start a program.
    daemon() {
            # Test syntax.
            local gotbase= force= nicelevel corelimit
            local pid base= user= nice= bg= pid_file=
            local cgroup=
            nicelevel=0
            while [ "$1" != "${1##[-+]}" ]; do
              case $1 in
                '')    echo $"$0: Usage: daemon [+/-nicelevel] {program}"
                       return 1;;
                --check)
                       base=$2
                       gotbase="yes"
                       shift 2
                       ;;
                --check=?*)
                       base=${1#--check=}
                       gotbase="yes"
                       shift
                       ;;
                --user)
                       user=$2
                       shift 2
                       ;;
                --user=?*)
                       user=${1#--user=}
                       shift
                       ;;
                --pidfile)
                       pid_file=$2
                       shift 2
                       ;;
                --pidfile=?*)
                       pid_file=${1#--pidfile=}
                       shift
                       ;;
                --force)
                       force="force"
                       shift
                       ;;
                [-+][0-9]*)
                       nice="nice -n $1"
                       shift
                       ;;
                *)     echo $"$0: Usage: daemon [+/-nicelevel] {program}"
                       return 1;;
              esac
            done
    
            # Save basename.
            [ -z "$gotbase" ] && base=${1##*/}
    
            # See if it's already running. Look *only* at the pid file.
            __pids_var_run "$base" "$pid_file"
    
            [ -n "$pid" -a -z "$force" ] && return
    
            # make sure it doesn't core dump anywhere unless requested
            corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}"
    
            # if they set NICELEVEL in /etc/sysconfig/foo, honor it
            [ -n "${NICELEVEL:-}" ] && nice="nice -n $NICELEVEL"
    
            # if they set CGROUP_DAEMON in /etc/sysconfig/foo, honor it
            if [ -n "${CGROUP_DAEMON}" ]; then
                    if [ ! -x /bin/cgexec ]; then
                            echo -n "Cgroups not installed"; warning
                            echo
                    else
                            cgroup="/bin/cgexec";
                            for i in $CGROUP_DAEMON; do
                                    cgroup="$cgroup -g $i";
                            done
                    fi
            fi
    
            # Echo daemon
            [ "${BOOTUP:-}" = "verbose" -a -z "${LSB:-}" ] && echo -n " $base"
    
            # And start it up.
            if [ -z "$user" ]; then
               $cgroup $nice /bin/bash -c "$corelimit >/dev/null 2>&1 ; $*"
            else
               $cgroup $nice runuser -s /bin/bash $user -c "$corelimit >/dev/null 2>&1 ; $*"
            fi
    
            [ "$?" -eq 0 ] && success $"$base startup" || failure $"$base startup"
    }
    
    # A function to stop a program.
    killproc() {
            local RC killlevel= base pid pid_file= delay try
    
            RC=0; delay=3; try=0
            # Test syntax.
            if [ "$#" -eq 0 ]; then
                    echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]"
                    return 1
            fi
            if [ "$1" = "-p" ]; then
                    pid_file=$2
                    shift 2
            fi
            if [ "$1" = "-d" ]; then
                    delay=$(echo $2 | awk -v RS=' ' -v IGNORECASE=1 '{if($1!~/^[0-9.]+[smhd]?$/) exit 1;d=$1~/s$|^[0-9.]*$/?1:$1~/m$/?60:$1~/h$/?60*60:$1~/d$/?24*60*60:-1;if(d==-1) exit 1;delay+=d*$1} END {printf("%d",delay+0.5)}')
                    if [ "$?" -eq 1 ]; then
                            echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]"
                            return 1
                    fi
                    shift 2
            fi
          
    
            # check for second arg to be kill level
            [ -n "${2:-}" ] && killlevel=$2
    
            # Save basename.
            base=${1##*/}
    
            # Find pid.
            __pids_var_run "$1" "$pid_file"
            RC=$?
            if [ -z "$pid" ]; then
                    if [ -z "$pid_file" ]; then
                            pid="$(__pids_pidof "$1")"
                    else
                            [ "$RC" = "4" ] && { failure $"$base shutdown" ; return $RC ;}
                    fi
            fi
    
            # Kill it.
            if [ -n "$pid" ] ; then
                    [ "$BOOTUP" = "verbose" -a -z "${LSB:-}" ] && echo -n "$base "
                    if [ -z "$killlevel" ] ; then
                           if checkpid $pid 2>&1; then
                               # TERM first, then KILL if not dead
                               kill -TERM $pid >/dev/null 2>&1
                               usleep 50000
                               if checkpid $pid ; then
                                    try=0
                                    while [ $try -lt $delay ] ; do
                                            checkpid $pid || break
                                            sleep 1
                                            let try+=1
                                    done
                                    if checkpid $pid ; then
                                            kill -KILL $pid >/dev/null 2>&1
                                            usleep 50000
                                    fi
                               fi
                            fi
                            checkpid $pid
                            RC=$?
                            [ "$RC" -eq 0 ] && failure $"$base shutdown" || success $"$base shutdown"
                            RC=$((! $RC))
                    # use specified level only
                    else
                            if checkpid $pid; then
                                    kill $killlevel $pid >/dev/null 2>&1
                                    RC=$?
                                    [ "$RC" -eq 0 ] && success $"$base $killlevel" || failure $"$base $killlevel"
                            elif [ -n "${LSB:-}" ]; then
                                    RC=7 # Program is not running
                            fi
                    fi
            else
                    if [ -n "${LSB:-}" -a -n "$killlevel" ]; then
                            RC=7 # Program is not running
                    else
                            failure $"$base shutdown"
                            RC=0
                    fi
            fi
    
            # Remove pid file if any.
            if [ -z "$killlevel" ]; then
                rm -f "${pid_file:-/var/run/$base.pid}"
            fi
            return $RC
    }
    
    # A function to find the pid of a program. Looks *only* at the pidfile
    pidfileofproc() {
            local pid
    
            # Test syntax.
            if [ "$#" = 0 ] ; then
                    echo $"Usage: pidfileofproc {program}"
                    return 1
            fi
    
            __pids_var_run "$1"
            [ -n "$pid" ] && echo $pid
            return 0
    }
    
    # A function to find the pid of a program.
    pidofproc() {
            local RC pid pid_file=
    
            # Test syntax.
            if [ "$#" = 0 ]; then
                    echo $"Usage: pidofproc [-p pidfile] {program}"
                    return 1
            fi
            if [ "$1" = "-p" ]; then
                    pid_file=$2
                    shift 2
            fi
            fail_code=3 # "Program is not running"
    
            # First try "/var/run/*.pid" files
            __pids_var_run "$1" "$pid_file"
            RC=$?
            if [ -n "$pid" ]; then
                    echo $pid
                    return 0
            fi
    
            [ -n "$pid_file" ] && return $RC
            __pids_pidof "$1" || return $RC
    }
    
    status() {
            local base pid lock_file= pid_file=
    
            # Test syntax.
            if [ "$#" = 0 ] ; then
                    echo $"Usage: status [-p pidfile] {program}"
                    return 1
            fi
            if [ "$1" = "-p" ]; then
                    pid_file=$2
                    shift 2
            fi
            if [ "$1" = "-l" ]; then
                    lock_file=$2
                    shift 2
            fi
            base=${1##*/}
    
            if [ "$_use_systemctl" = "1" ]; then
                    systemctl status ${0##*/}.service
                    return $?
            fi
    
            # First try "pidof"
            __pids_var_run "$1" "$pid_file"
            RC=$?
            if [ -z "$pid_file" -a -z "$pid" ]; then
                    pid="$(__pids_pidof "$1")"
            fi
            if [ -n "$pid" ]; then
                    echo $"${base} (pid $pid) is running..."
                    return 0
            fi
    
            case "$RC" in
                    0)
                            echo $"${base} (pid $pid) is running..."
                            return 0
                            ;;
                    1)
                            echo $"${base} dead but pid file exists"
                            return 1
                            ;;
                    4)
                            echo $"${base} status unknown due to insufficient privileges."
                            return 4
                            ;;
            esac
            if [ -z "${lock_file}" ]; then
                    lock_file=${base}
            fi
            # See if /var/lock/subsys/${lock_file} exists
            if [ -f /var/lock/subsys/${lock_file} ]; then
                    echo $"${base} dead but subsys locked"
                    return 2
            fi
            echo $"${base} is stopped"
            return 3
    }
    
    echo_success() {
      [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
      echo -n "["
      [ "$BOOTUP" = "color" ] && $SETCOLOR_SUCCESS
      echo -n $"  OK  "
      [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
      echo -n "]"
      echo -ne "\r"
      return 0
    }
    
    echo_failure() {
      [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
      echo -n "["
      [ "$BOOTUP" = "color" ] && $SETCOLOR_FAILURE
      echo -n $"FAILED"
      [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
      echo -n "]"
      echo -ne "\r"
      return 1
    }
    
    echo_passed() {
      [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
      echo -n "["
      [ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
      echo -n $"PASSED"
      [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
      echo -n "]"
      echo -ne "\r"
      return 1
    }
    
    echo_warning() {
      [ "$BOOTUP" = "color" ] && $MOVE_TO_COL
      echo -n "["
      [ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
      echo -n $"WARNING"
      [ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
      echo -n "]"
      echo -ne "\r"
      return 1
    }
    
    # Inform the graphical boot of our current state
    update_boot_stage() {
      if [ -x /bin/plymouth ]; then
          /bin/plymouth --update="$1"
      fi
      return 0
    }
    
    # Log that something succeeded
    success() {
      [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_success
      return 0
    }
    
    # Log that something failed
    failure() {
      local rc=$?
      [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_failure
      [ -x /bin/plymouth ] && /bin/plymouth --details
      return $rc
    }
    
    # Log that something passed, but may have had errors. Useful for fsck
    passed() {
      local rc=$?
      [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_passed
      return $rc
    }
    
    # Log a warning
    warning() {
      local rc=$?
      [ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_warning
      return $rc
    }
    
    # Run some action. Log its output.
    action() {
      local STRING rc
    
      STRING=$1
      echo -n "$STRING "
      shift
      "$@" && success $"$STRING" || failure $"$STRING"
      rc=$?
      echo
      return $rc
    }
    
    # returns OK if $1 contains $2
    strstr() {
      [ "${1#*$2*}" = "$1" ] && return 1
      return 0
    }
    
    # Check whether file $1 is a backup or rpm-generated file and should be ignored
    is_ignored_file() {
        case "$1" in
            *~ | *.bak | *.orig | *.rpmnew | *.rpmorig | *.rpmsave)
                return 0
                ;;
        esac
        return 1
    }
    
    # Evaluate shvar-style booleans
    is_true() {
        case "$1" in
            [tT] | [yY] | [yY][eE][sS] | [tT][rR][uU][eE])
            return 0
            ;;
        esac
        return 1
    }
    
    # Evaluate shvar-style booleans
    is_false() {
        case "$1" in
            [fF] | [nN] | [nN][oO] | [fF][aA][lL][sS][eE])
            return 0
            ;;
        esac
        return 1
    }
    
    # Apply sysctl settings, including files in /etc/sysctl.d
    apply_sysctl() {
        if [ -x /lib/systemd/systemd-sysctl ]; then
            /lib/systemd/systemd-sysctl
        else
            for file in /usr/lib/sysctl.d/*.conf ; do
                is_ignored_file "$file" && continue
                [ -f /run/sysctl.d/${file##*/} ] && continue
                [ -f /etc/sysctl.d/${file##*/} ] && continue
                test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
            done
            for file in /run/sysctl.d/*.conf ; do
                is_ignored_file "$file" && continue
                [ -f /etc/sysctl.d/${file##*/} ] && continue
                test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
            done
            for file in /etc/sysctl.d/*.conf ; do
                is_ignored_file "$file" && continue
                test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
            done
            sysctl -e -p /etc/sysctl.conf >/dev/null 2>&1
        fi
    }
    
    # A sed expression to filter out the files that is_ignored_file recognizes
    __sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
    
    if [ "$_use_systemctl" = "1" ]; then
            if  [ "x$1" = xstart -o \
                    "x$1" = xstop -o \
                    "x$1" = xrestart -o \
                    "x$1" = xreload -o \
                    "x$1" = xtry-restart -o \
                    "x$1" = xforce-reload -o \
                    "x$1" = xcondrestart ] ; then
    
                    systemctl_redirect $0 $1
                    exit $?
            fi
    fi
     
  7. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    The new firewalld firewall in Redhat 7 and CentOS 7 is need dealing with as Centmin Mod installs CSF Firewall by default http://centminmod.com/csf_firewall.html

    https://access.redhat.com/documenta.../html/Security_Guide/sec-Using_Firewalls.html and https://fedoraproject.org/wiki/FirewallD

    Going back to using the iptables Service

    To use the iptables and ip6tables services instead of firewalld, first disable firewalld by running the following command as root:
    Code:
    systemctl disable firewalld
    systemctl stop firewalld
    
    Then install the iptables-services package by entering the following command as root:
    Code:
    yum install iptables-services
    
    Then, to start the iptables and ip6tables services, run the following commands as root:
    Code:
    systemctl start iptables
    systemctl start ip6tables
    systemctl enable iptables
    systemctl enable ip6tables
    
     
    Last edited: Jul 10, 2014
  8. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    Compared to iptables, firewalld might be easier to use like CSF Firewall. Just would need to get more familiar with it I suppose.

    check firewalld status
    Code:
    [root@centos7 ~]# systemctl status firewalld
    firewalld.service - firewalld - dynamic firewall daemon
       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
       Active: active (running) since Thu 2014-07-10 14:38:42 EST; 6min ago
    Main PID: 595 (firewalld)
       CGroup: /system.slice/firewalld.service
               +-595 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
    
    Jul 10 14:38:42 centos7.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
    
    check state
    Code:
    [root@centos7 ~]# firewall-cmd --state 
    running
    
    To list currently open ports via firewalld. No ports are open by default
    Code:
    [root@centos7 ~]# firewall-cmd --zone=public --list-ports
    
    To add a port to a zone, for example to allow TCP traffic to port 8080 to the public zone, enter the following command as root:
    Code:
    firewall-cmd --zone=public --add-port=8080/tcp
    
    To make this setting permanent, add the --permanent option and reload the firewall. Result
    Code:
    [root@centos7 ~]# firewall-cmd --zone=public --add-port=8080/tcp
    success
    
    [root@centos7 ~]# firewall-cmd --zone=public --list-ports 
    8080/tcp
    
    To add a range of ports to a zone, for example to allow the ports from 5060 to 5061 to the public zone, enter the following command as root:
    Code:
    firewall-cmd --zone=public --add-port=5060-5061/udp
    
    To make this setting permanent, add the --permanent option and reload the firewall.
    Code:
    [root@centos7 ~]# firewall-cmd --zone=public --add-port=5060-5061/udp
    success
    
    [root@centos7 ~]# firewall-cmd --zone=public --list-ports       
    5060-5061/udp 8080/tcp
    
    Listing default predefined service files which set out default local and destination ports open to firewalld.
    Code:
    ls -alh /usr/lib/firewalld/services/
    total 192K
    drwxr-x---. 2 root root 4.0K Jul  8 13:29 .
    drwxr-x---. 5 root root   49 Jul  8 13:29 ..
    -rw-r-----. 1 root root  412 Jun 10 17:19 amanda-client.xml
    -rw-r-----. 1 root root  320 Jun 10 17:19 bacula-client.xml
    -rw-r-----. 1 root root  346 Jun 10 17:19 bacula.xml
    -rw-r-----. 1 root root  305 Jun 10 17:19 dhcpv6-client.xml
    -rw-r-----. 1 root root  234 Jun 10 17:19 dhcpv6.xml
    -rw-r-----. 1 root root  227 Jun 10 17:19 dhcp.xml
    -rw-r-----. 1 root root  346 Jun 10 17:19 dns.xml
    -rw-r-----. 1 root root  374 Jun 10 17:19 ftp.xml
    -rw-r-----. 1 root root  476 Jun 10 17:19 high-availability.xml
    -rw-r-----. 1 root root  448 Jun 10 17:19 https.xml
    -rw-r-----. 1 root root  353 Jun 10 17:19 http.xml
    -rw-r-----. 1 root root  372 Jun 10 17:19 imaps.xml
    -rw-r-----. 1 root root  454 Jun 10 17:19 ipp-client.xml
    -rw-r-----. 1 root root  427 Jun 10 17:19 ipp.xml
    -rw-r-----. 1 root root  517 Jun 10 17:19 ipsec.xml
    -rw-r-----. 1 root root  233 Jun 10 17:19 kerberos.xml
    -rw-r-----. 1 root root  221 Jun 10 17:19 kpasswd.xml
    -rw-r-----. 1 root root  232 Jun 10 17:19 ldaps.xml
    -rw-r-----. 1 root root  199 Jun 10 17:19 ldap.xml
    -rw-r-----. 1 root root  385 Jun 10 17:19 libvirt-tls.xml
    -rw-r-----. 1 root root  389 Jun 10 17:19 libvirt.xml
    -rw-r-----. 1 root root  424 Jun 10 17:19 mdns.xml
    -rw-r-----. 1 root root  211 Jun 10 17:19 mountd.xml
    -rw-r-----. 1 root root  190 Jun 10 17:19 ms-wbt.xml
    -rw-r-----. 1 root root  171 Jun 10 17:19 mysql.xml
    -rw-r-----. 1 root root  324 Jun 10 17:19 nfs.xml
    -rw-r-----. 1 root root  389 Jun 10 17:19 ntp.xml
    -rw-r-----. 1 root root  335 Jun 10 17:19 openvpn.xml
    -rw-r-----. 1 root root  433 Jun 10 17:19 pmcd.xml
    -rw-r-----. 1 root root  474 Jun 10 17:19 pmproxy.xml
    -rw-r-----. 1 root root  544 Jun 10 17:19 pmwebapis.xml
    -rw-r-----. 1 root root  460 Jun 10 17:19 pmwebapi.xml
    -rw-r-----. 1 root root  357 Jun 10 17:19 pop3s.xml
    -rw-r-----. 1 root root  181 Jun 10 17:19 postgresql.xml
    -rw-r-----. 1 root root  261 Jun 10 17:19 proxy-dhcp.xml
    -rw-r-----. 1 root root  446 Jun 10 17:19 radius.xml
    -rw-r-----. 1 root root  214 Jun 10 17:19 rpc-bind.xml
    -rw-r-----. 1 root root  384 Jun 10 17:19 samba-client.xml
    -rw-r-----. 1 root root  461 Jun 10 17:19 samba.xml
    -rw-r-----. 1 root root  550 Jun 10 17:19 smtp.xml
    -rw-r-----. 1 root root  463 Jun 10 17:19 ssh.xml
    -rw-r-----. 1 root root  393 Jun 10 17:19 telnet.xml
    -rw-r-----. 1 root root  301 Jun 10 17:19 tftp-client.xml
    -rw-r-----. 1 root root  437 Jun 10 17:19 tftp.xml
    -rw-r-----. 1 root root  211 Jun 10 17:19 transmission-client.xml
    -rw-r-----. 1 root root  475 Jun 10 17:19 vnc-server.xml
    -rw-r-----. 1 root root  310 Jun 10 17:19 wbem-https.xml
    
    http.xml and https.xml contents
    Code:
    [root@centos7 ~]# cat /usr/lib/firewalld/services/http.xml
    <?xml version="1.0" encoding="utf-8"?>
    <service>
      <short>WWW (HTTP)</short>
      <description>HTTP is the protocol used to serve Web pages. If you plan to make your Web server publicly available, enable this option. This option is not required for viewing pages locally or developing Web pages.</description>
      <port protocol="tcp" port="80"/>
    </service>
    Code:
    [root@centos7 ~]# cat /usr/lib/firewalld/services/https.xml
    <?xml version="1.0" encoding="utf-8"?>
    <service>
      <short>Secure WWW (HTTPS)</short>
      <description>HTTPS is a modified HTTP used to serve Web pages when security is important. Examples are sites that require logins like stores or web mail. This option is not required for viewing pages locally or developing Web pages. You need the httpd package installed for this option to be useful.</description>
      <port protocol="tcp" port="443"/>
    </service>
    Files in /usr/lib/firewalld/services/ must not be edited. Only the files in /etc/firewalld/services/ should be edited.

    To list the system or user created services, issue the following command as root:
    Code:
    ls -lah /etc/firewalld/services/
    total 4.0K
    drwxr-x---. 2 root root    6 Jun 10 17:19 .
    drwxr-x---. 5 root root 4.0K Jul  8 13:29 ..
    
    Which is empty by default and falls back to the default pre-defined list.

    Getting active services
    Code:
    firewall-cmd --get-service            
    amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps ipp ipp-client ipsec kerberos kpasswd ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt mysql nfs ntp openvpn pmcd pmproxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp radius rpc-bind samba samba-client smtp ssh telnet tftp tftp-client transmission-client vnc-server wbem-https
    So all the following are the default active services and ports open ?
    Code:
    for p in $(ls /usr/lib/firewalld/services/); do cat /usr/lib/firewalld/services/${p}| grep 'port=' | awk -F ' ' '{print $3}' | awk -F\" '{print $2}'; done | sort -u
    
    10080
    111
    1194
    123
    137
    138
    139
    16509
    16514
    1812
    1813
    20048
    2049
    21
    21064
    22
    2224
    25
    3121
    3306
    3389
    389
    4011
    443
    44321
    44322
    44323
    44324
    445
    464
    500
    51413
    53
    5353
    5404
    5405
    5432
    546
    547
    5900-5903
    5989
    631
    636
    67
    69
    80
    88
    9101
    9102
    9103
    993
    995
    tcp
    The files /usr/lib/firewalld/services/ can be used as templates if you wish to add or change a service. As root, issue a command in the following format:
    Code:
    cp /usr/lib/firewalld/services/[service].xml /etc/firewalld/services/[service].xml
    
    You may then edit the newly created file. firewalld will prefer files in /etc/firewalld/services/ but will fall back to /usr/lib/firewalld/services/ should a file be deleted, but only after a reload.
     
  9. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
  10. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    • Like Like x 1
  11. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
  12. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    Last edited: Jul 18, 2014
  13. eva2000

    eva2000 Administrator Staff Member

    31,019
    6,923
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,429
    Local Time:
    9:31 AM
    Nginx 1.13.x
    MariaDB 5.5
    Looks like using php-fpm init.d from CentOS 6.x won't work as expected on CentOS 7.0 as the php-fpm created /var/run/php-fpm/php-fpm/pid is now located on /var/run which on CentOS 7.0 is a tmpfs ram disk mounted symlink to /run. So if you reboot your system on CentOS 7.0, the /var/run/php-fpm directory won't exist on CentOS 7.0. Need to fix that or convert to systemd based php-fpm script for CentOS 7.0

    on rebooting CentOS 7.0 system with Centmin Mod .08 beta01 installed
    Code:
    service php-fpm restart
    Gracefully shutting down php-fpm warning, no pid file found - php-fpm is not running ?
    Starting php-fpm [23-Jul-2014 01:03:40] ERROR: Unable to create the PID file (/var/run/php-fpm/php-fpm.pid).: No such file or directory (2)
    [23-Jul-2014 01:03:40] ERROR: FPM initialization failed
    failed
    
    Code:
    ls -lah /var/run/   
    total 48K
    drwxr-xr-x  25 root  root   780 Jul 23 00:55 .
    drwxr-xr-x. 18 root  root  4.0K Jul 23 00:55 ..
    -rw-r--r--   1 root  root     4 Jul 23 00:55 auditd.pid
    drwxr-xr-x   2 avahi avahi   80 Jul 23 00:55 avahi-daemon
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 console
    -rw-r--r--   1 root  root     4 Jul 23 00:55 crond.pid
    ----------   1 root  root     0 Jul 23 00:55 cron.reboot
    drwxr-xr-x   2 root  root    60 Jul 23 00:55 dbus
    -rw-r--r--   1 root  root     5 Jul 23 00:55 dhclient-enp0s3.pid
    prw-------   1 root  root     0 Jul 23 00:55 dmeventd-client
    prw-------   1 root  root     0 Jul 23 00:55 dmeventd-server
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 faillock
    drwxr-xr-x   3 root  root   100 Jul 23 00:55 initramfs
    -rw-r--r--   1 root  root     4 Jul 23 00:55 iprdump.pid
    -rw-r--r--   1 root  root     4 Jul 23 00:55 iprinit.pid
    -rw-r--r--   1 root  root     4 Jul 23 00:55 iprupdate.pid
    -rw-------   1 root  root     5 Jul 23 00:55 lfd.pid
    drwxr-xr-x   6 root  root   140 Jul 23 00:55 lock
    drwxr-xr-x   3 root  root    60 Jul 23 00:55 log
    drwx------   2 root  root    60 Jul 23 00:55 lvm
    -rw-r--r--   1 root  root     4 Jul 23 00:55 lvmetad.pid
    drwxr-xr-x   2 root  root    60 Jul 23 00:55 mount
    drwxrwxr-x   2 root  root    40 Jul 23 00:55 netreport
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 net-snmp
    drwxr-xr-x   2 root  root    80 Jul 23 00:55 NetworkManager
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 plymouth
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 ppp
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 saslauthd
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 sepermit
    drwxr-xr-x   2 root  root    40 Jul 23 00:55 setrans
    -rw-r--r--   1 root  root     5 Jul 23 00:55 sshd.pid
    drwx------   2 root  root    40 Jul 23 00:55 svnserve
    -rw-r--r--   1 root  root     4 Jul 23 00:55 syslogd.pid
    drwxr-xr-x  14 root  root   320 Jul 23 01:03 systemd
    drwxr-xr-x   2 root  root    60 Jul 23 00:55 tmpfiles.d
    drwxr-xr-x   2 root  root    60 Jul 23 00:55 tuned
    drwxr-xr-x   7 root  root   180 Jul 23 00:55 udev
    drwxr-xr-x   3 root  root    60 Jul 23 01:00 user
    -rw-rw-r--   1 root  utmp  1.5K Jul 23 01:00 utmp
    
    CentOS 7.0 /var/run is linked to /run which is tmpfs ram disk based !
    Code:
    df -Th
    Filesystem              Type      Size  Used Avail Use% Mounted on
    /dev/mapper/centos-root xfs        13G  4.2G  8.9G  32% /
    devtmpfs                devtmpfs  915M     0  915M   0% /dev
    tmpfs                   tmpfs     921M     0  921M   0% /dev/shm
    tmpfs                   tmpfs     921M  8.4M  913M   1% /run
    tmpfs                   tmpfs     921M     0  921M   0% /sys/fs/cgroup
    tmpfs                   tmpfs     921M     0  921M   0% /tmp
    /dev/sda1               xfs       497M   96M  402M  20% /boot
    
    Code:
    ls -lah /var/run
    lrwxrwxrwx. 1 root root 6 Jul  8 03:28 /var/run -> ../run
    Seems the same problem happens with NSD too and /var/run/nsd directory.

    Quick work around is to add a check into php-fpm and nsd init.d scripts to re-create those directories if they don't exist.

    for /etc/init.d/php-fpm
    Code:
    if [ ! -d /var/run/php-fpm ]; then
        mkdir -p /var/run/php-fpm
        touch /var/run/php-fpm/php-fpm.pid
        chown nginx:nginx /var/run/php-fpm
        chown root:root /var/run/php-fpm/php-fpm.pid
        chmod 1755 /var/run/php-fpm
        chmod 0644 /var/run/php-fpm/php-fpm.pid
    fi
    for /etc/init.d/nsd
    Code:
    if [ ! -d /var/run/nsd/ ]; then
        mkdir -p /var/run/nsd
        chown -R nsd:nsd /var/run/nsd/
    fi
     
    Last edited: Jul 23, 2014