Previously, the behaviour was to unlink any control socket sat where we
wanted to open ours. This would make us lose control of running servers
if we happened to collide accidentally. With this patch, the new
process will abort() if there is a control socket squatting on the
path we want, and unlink it when it closes.
This means that an unclean shutdown will leave a dangling, unattached
control socket which will block a restart, but that's a better option
than intentionally cutting off running servers.
This simplifies building the log output because it means we don't have
to malloc a buffer to append a newline, and we keep the atomic write
property we're after. It also takes advantage of the C constant string
concatenation which we already require to work to prepend the thread and
pid data.
When we receive a migration, if rebinding to the new listen address and
port fails for a reason which might be fixable, rather than killing the
server we retry once a second. Also in this patch: non-overlapping log
messages and a fix for the client going away halfway through a sendfile
loop.
trouble and into predictable cleanup functions (one for each of serve,
client & control contexts). We use 'fatal' to mean 'kill the thread' and
'error' to mean 'don't kill the thread', assuming some recovery action,
except I don't use error anywhere yet.
If you compile with:
DEBUG=true rake build
then all the commands get a --debug flag as an option which will make
the server dump crazy amounts of data to stderr.
