Robert,
It would be nice if we could change the configuration without stopping
Pound.  Any chance this could become a feature?
	-d

On Mon, 20 Dec 2004 13:20:50 -0800 (PST), Dennis Allison
<allison(at)sumeru.stanford.edu> wrote:[...]

The only time I can see this being a concern is when you don't want to
interrupt existing connections -- for example, if you are serving
large files which take a long time to transfer. In that case, maybe
periodically inspecting netstat's output could reveal a window of
opportunity during which to restart pound (which should be very fast
anyways, provided your pound.cfg file is without errors :) ).

Anyway, I think a "natural" way to do this is to have the running
process receive a signal (HUP?) and re-read its configuration. But,
that might break the security model since pound may run as a user
without the privileges to reading the pound.cfg file. Perhaps this
could be implemented but just log an error if the effective uid/gid
cannot re-read the cfg file.

-Michal

We are growing and need to change the Pound configuration (e.g. adding
domains) on a daily basis. We have active users 24x7 and would prefer not
to distrupt their activity by having Pound go away.  Currently we wait for
a moment of opportunity and then restart pound, but finding a lull is
difficult, particularly when there are many users.   This request was
prompted by a problem we had this morning when one of our development
folks restarted Pound during a lull that was not a lull and ruffled some
content developers feathers.


On Mon, 20 Dec 2004, Michal wrote:
[...]

On Monday 20 December 2004 23.33, Dennis Allison wrote:[...]

The idea is nice, but it raises a few questions:

- what happens if Pound runs setuid and/or chroot and has no access to the 
config file?

- signals and threads are a nasty mix: you never really know which thread will 
get the signal - and how it happens is architecture dependent. We need some 
other mechanism for a refresh (one of the service threads checking on config 
file modification time? How to deal with file locking issues?)

- if the new config file misses or changes the definition for some 
UrlGroup/BackEnd what should be done with the existing sessions (keep 
existing sessions until they expire, but create new sessions based on new 
config? Perhaps fail existing sessions?)

I would appreciate additional suggestions and ideas.[...]

On Tue, 21 Dec 2004 19:27:09 +0100, Robert Segall <roseg(at)apsis.ch>
wrote:
[...]

Most likely the answer is "no" for reasons I have not yet thought
about, but can Pound listen on a seperate TCP port that responds to
HTTP requests by furnishing an administrative web interface to
configure its state? Naturally, a firewall would be needed to block
access to said administrative port #, and possibly a hardcoded rule in
Pound to allow only 127.0.0.1 access.

-Michal

On Tuesday 21 December 2004 19.40, Michal wrote:[...]

Not really TCP - that is hardly secure. More likely Unix socket or SysV-style 
shared memory (though probably the first due to portability issues). This 
still doesn't solve the rootjail problem - how do you open the config file 
and the socket if you can't access them? What about file locking?

At a more basic level - is it worth doing? Creating such a protocol means 
additional complexity (you have to have a listener, a protocol parser, and an 
additional program to talk to it, or some code to generate HTTP in Pound 
itself).[...]