Bug 132478

Summary: Apcupsd & shutdown sequence on Power-Failure
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Jorge Fábregas <jfabregas>
Component: ConsoleAppsAssignee: Stanislav Brabec <sbrabec>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None    
Version: Final   
Target Milestone: ---   
Hardware: PC   
OS: Other   
Whiteboard:
Found By: Customer Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: Awk script

Description Jorge Fábregas 2005-11-05 21:08:46 UTC 
Hi,

I will refer to the apcupsd version coming in SUSE 10.0 (3.10.17a-3) and also to the apcupsd version on Alpha 10.1 (3.10.18).  Both rpm's run almost exactly the same "after installation scripts".

The basic idea is this: After you install this rpm, it will create a couple of lines in /etc/init.d/halt.local.  The problem is that init.local is called (by halt) too early in the process (apcupsd-wise).
 
The lines in /etc/init.d/halt.local will invoke apcupsd in order to send a signal to the UPS so it can shutdown itself. This is of course, after a power failure.  After a power failure, the apcupsd daemon will detect this and will create /etc/apcupsd/powerfail (a flag that will be used later on the shutdown sequence to determine if it's needed to send signal to UPS to shut down).
 
The lines in halt.local (after installing this rpm) have several errros (logic errors). Here are some:

1- filesystems are being remounted read-only when there is no need since at this point nothing has been unmounted.
 
2- there are some kill lines in here (sigterm and sigkill). It's not ncesseary a t this point since these kills are going to be performed later on the halt script (so there's no need for halt.local to include those).  Also, you're killing some necesarry processes too early in the process...

After running the commands in halt.local...there are going to be a couple of errors (when resuming the halt script).

Also, we need to perform this apcupsd thing at the very end of the halt script. If there's a powerfailure apcupsd will send signal to UPS to shutdown. Most UPS'es have a grace period and won't turn off right-away...but we don't know every UPS out there...so we need to play safe and put it almost at the end.

Things to consider for this post-installation-script:

- we need to place the apcupsd lines at the very end before "halt -p"
- we're going to invoke /sbin/apcupsd and we're going to read files from /etc so we must make sure we have access to /sbin and /etc...(check if filesystems are mounted..if not...we need to mount them read-only)


We can do two things:

- place corresponding lines almost at the very end of /etc/init.d/halt (just like the make process does when we compile apcupsd from source)

or

- place a call line almost at the end of halt...we call a file called: apcupsd.local 


Here's a snipped taken from the apcupsd tree that will place the aproppiate lines almost at the end of halt:

cp -f /etc/init.d/halt /etc/init.d/halt.old
awk -f awkhaltprog.in /etc/init.d/halt.old > /etc/init.d/halt


I will attach awkhaltprog.in

The only thing missing here is the verification of mounted filesystems and the read-only mounting of those unmounted.  In my case, (I just compiled from source) it worked (like above) since I have everything under / and at this poing (of halt) / is mounted read-only....

Sorry for my english!

Jorge
Comment 1 Jorge Fábregas 2005-11-05 21:09:34 UTC 
Created attachment 56554 [details]
Awk script
Comment 2 Stanislav Brabec 2005-11-07 17:58:26 UTC 
I don't know, whether it is still actual, but late in the halt script, USB may be unavailable.

And the idea was: Do halt as fast as possible. Some daemons can terminate too slowly, and power can fail in midtime. See bug 81281 for discusssion.

In future, it would be nice to have option: Standard halt / Quick halt / Suspend to disk.
Comment 3 Jorge Fábregas 2005-11-07 18:41:29 UTC 
> I don't know, whether it is still actual, but late in the halt script, 
> USB may be unavailable.

Well, this is easy to verify. I'm not in front of my system but a couple of weeks ago I had a power failure and USB did work (invoked one or two lines before halt -p).

> And the idea was: Do halt as fast as possible. Some daemons can terminate too
> slowly, and power can fail in midtime

The apcupsd documentation on www.apcupsd.com suggests that "/etc/apcupsd/apccontrol killpower" should be called as late as possible. We can have two scenarios :

On power failure:

1- A daemon is taking too much time to terminate (and we haven't run "/etc/apcupsd/apccontrol killpower") thus taking the risk that the system will abruptly shut down.

or

2- We call "/etc/apcupsd/apccontrol killpower" early in the halt script...and after this execution...we resume doing other stuff that it's on halt...and then we take a lot of time here...(and the UPS already received signal to shut itself down)....thus we're taking the risk that the UPS will shut itself down (before reaching halt -p).

I think the latter is more likely to happen. Also, we can control the TIMELEFT parameter on apcupsd.conf...and it's by default 5 minutes I think (which I honestly think is reasonable)..but if someone knows that it has a daemon that takes a while to termiante...the user could adjust the TIMELEFT parameter.  Also, the build process of apcupsd (when you compile from source) will insert the appropiate just before "halt -p". They're doing it this way for a particular reason.  I will try to contact the project leader to ask for his opinion.


> See bug 81281 for discusssion
I can't see the bug. It says I'm not authorized :(

Jorge
Comment 4 Stanislav Brabec 2005-11-08 11:00:49 UTC 
Yes, calling killpower as late as possible is a good idea. It ensures, that UPS will never shut down during execution of power-off scripts if it still has any energy.

I guess that we can provide three possible scenarios in sysconfig:

1) Fast not fully correct shutdown (current behavior, default). It will prevent timeouts while umounting NFS volumes etc.

2) Full shutdown (clean, risk of time-outs).

3) Suspend to disk (nice, if hardware supports it).
Comment 5 Stanislav Brabec 2006-03-24 13:04:06 UTC 
This ugly script was improved and moved to documentation for use in special situations.

Since SuSE Linux 10.1 /etc/init.d/halt implements HALT_POWERDOWN_INSERT and apcupsd uses it.