Start watchdog pinging only once everything is up
Previously, systemd started pinging the HW watchdog too early. It was
possible to arrive at a system which is more or less FUBAR, yet the WS
was happily being periodically reset by systemd's event loop.
This change ensures that the watchdog resetting only begins once the
rest of the system is stable -- in other words, once "everything else"
is OK.
One cannot simply add another systemd target for this which would
Require=multi-user.target. Failures can occur at any level of the stack,
and essentially all units specify WantedBy, not RequiredBy, so their
respective failures do not propagate.
I was also trying to simply check the result of `systemctl
is-system-running`. That doesn't work because "starting" takes
precedence over `degraded", and we're still "starting" when checking
from within a unit, obviously.
This hack therefore looks at the list of failed units. If it isn't
empty, then we have a problem, and we won't activate neither the
watchdog, nor the RAUC good-marking thingy.
The "running" timeout is now set to 30 seconds. This means that systemd
will ping the HW once every 15s, and that a failure to do so for half a
minute results in an immediate reboot. There's no shutdown timer because
we don't really care about what happens once we started to shutdown. Our
only desire is to reboot, eventually, and this one looks like it can do
it :).
Change-Id: Ib94992814705b4a6d4d712db9e443d6a784cec7f
Fixes: https://tree.taiga.io/project/jktjkt-czechlight/issue/130
diff --git a/board/czechlight/common/overlay/usr/lib/systemd/system.conf.d/watchdog.conf b/board/czechlight/common/overlay/usr/lib/systemd/system.conf.d/watchdog.conf
deleted file mode 100644
index 3c8a109..0000000
--- a/board/czechlight/common/overlay/usr/lib/systemd/system.conf.d/watchdog.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-[Manager]
-RuntimeWatchdogSec=60
-ShutdownWatchdogSec=60
diff --git a/package/czechlight-rauc/Config.in b/package/czechlight-rauc/Config.in
index be40aba..29e35c2 100644
--- a/package/czechlight-rauc/Config.in
+++ b/package/czechlight-rauc/Config.in
@@ -1,5 +1,10 @@
config CZECHLIGHT_RAUC_ROOTFS
- bool "Create RAUC update bundle"
+ bool "Configure system for RAUC and HW watchdog"
+ help
+ Apart from creating the RAUC bundle, this enables a read-only filesystem
+ along with a proper writable /etc overlay with a persistent backing store
+ and a hardware watchdog. The watchdog pinging only starts once all
+ services are up and running. Yes, this is a big button.
depends on BR2_INIT_SYSTEMD
depends on BR2_PACKAGE_RAUC
select BR2_PACKAGE_CZECHLIGHT_CFG_FS
diff --git a/package/czechlight-rauc/czechlight-rauc.mk b/package/czechlight-rauc/czechlight-rauc.mk
index 0535b6d..7c9c4cb 100644
--- a/package/czechlight-rauc/czechlight-rauc.mk
+++ b/package/czechlight-rauc/czechlight-rauc.mk
@@ -74,6 +74,9 @@
$(INSTALL) -D -m 0644 $(BR2_EXTERNAL_CZECHLIGHT_PATH)/package/czechlight-rauc/rauc-mark-good.service \
$(TARGET_DIR)/usr/lib/systemd/system/
ln -sf ../rauc-mark-good.service $(TARGET_DIR)/usr/lib/systemd/system/multi-user.target.wants/
+ $(INSTALL) -D -m 0644 $(BR2_EXTERNAL_CZECHLIGHT_PATH)/package/czechlight-rauc/enable-hw-watchdog.service \
+ $(TARGET_DIR)/usr/lib/systemd/system/
+ ln -sf ../enable-hw-watchdog.service $(TARGET_DIR)/usr/lib/systemd/system/multi-user.target.wants/
endef
$(eval $(generic-package))
diff --git a/package/czechlight-rauc/enable-hw-watchdog.service b/package/czechlight-rauc/enable-hw-watchdog.service
new file mode 100644
index 0000000..c057e35
--- /dev/null
+++ b/package/czechlight-rauc/enable-hw-watchdog.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Pinging the HW watchdog
+Requires=multi-user.target
+After=multi-user.target
+
+[Service]
+Type=oneshot
+ExecStartPre=/bin/sh -c '[ "$(/bin/systemctl list-units --failed --all --no-legend --no-pager)" == "" ]'
+ExecStart=/bin/busctl set-property org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager RuntimeWatchdogUSec t 30000000
diff --git a/package/czechlight-rauc/rauc-mark-good.service b/package/czechlight-rauc/rauc-mark-good.service
index ae0ab6d..a51f490 100644
--- a/package/czechlight-rauc/rauc-mark-good.service
+++ b/package/czechlight-rauc/rauc-mark-good.service
@@ -1,11 +1,10 @@
[Unit]
Description=RAUC Good-marking Service
ConditionKernelCommandLine=|rauc.slot
-After=sysrepod.service netopeer2-server.service
-Requires=sysrepod.service netopeer2-server.service
+Requires=multi-user.target
+After=multi-user.target
[Service]
+Type=oneshot
+ExecStartPre=/bin/sh -c '[ "$(/bin/systemctl list-units --failed --all --no-legend --no-pager)" == "" ]'
ExecStart=/usr/bin/rauc status mark-good
-
-[Install]
-WantedBy=multi-user.target