Am 14.11.19 um 14:01 schrieb Leon Fauster:
Am 13.11.19 um 20:44 schrieb Stephen John Smoogen:
On Tue, 12 Nov 2019 at 17:06, Ingvar Hagelund
<ingvar@xxxxxxxxxxxxxxxxxx> wrote:
Hello
hitch is a TLS terminating network proxy, made to be lean and mean
and do nothing else than terminating TLS. It fits hand-in-glove with
varnish cache. I maintain hitch in Fedora and EPEL.
There is a bug in the current epel7 config that is fixed in the
latest rawhide update. In short, the bug is that with the default
config, hitch forks a daemon, while the systemd hitch service says
Type=simple. See Bugzilla bug #1731420.
The fedora update fixes the problem by changing the systemd service
to Type=forking.
There were two ways to get around the bug:
- Set daemon=off in hitch.conf. That file is marked with noreplace,
so the update will not overwrite this fix. As this does not match the
updated Type=forking in hitch.service, hitch will not start after the
update.
- Set Type=forking in hitch.service. This is the same fix as in the
update, so this should be safe.
Also, the Fedora update adds a systemd limits.conf including
LimitNOFILE=10240 that is important, as the default value (1024)
would trig network problems on a medium busy site (true story).
Is it safe to push this update to epel7?
This was discussed at today's EPEL meeting and approved. Please push
this to epel-testing and let users know in any tickets that it can be
used there. After that, push to stable after regular feedback time.
I'd really appreciate if it could also be branched into EPEL8?
Thanks for pushing it into fedora-epel/testing/8/ !
--
Leon
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
