Is it possible to re-enter the process in Linux?

ssh linux process certbot

I ran the certbot program to give out a certificate for a domain. During domain verification when the program was running my ssh session with the server crashed. Logging back to the server I wanted to execute the command again, but I received a message that certbot instance is running. Can I enter the process again to finish what I started? Is there any signal that I can send to the process to go to the next stage of configuration by pressing key?


It depends what it means by "running".

Some programs set up what is known as a "lock file" which is essentially just a file they put on disk to say "I'm doing something, no one should do anything else here." so that running the program again while a copy is running will give an error.

If the program exits without cleaning up the lock file, which may well happen if the ssh session broke, then running it again looks like there is an instance running where it is not.

You will most likely have to clean up the lock files and restart the process from the start.

From the Certbot Lock File documentation

When processing a validation Certbot writes a number of lock files on your system to prevent multiple instances from overwriting each other’s changes. This means that by default two instances of Certbot will not be able to run in parallel.

Since the directories used by Certbot are configurable, Certbot will write a lock file for all of the directories it uses. This include Certbot’s --work-dir, --logs-dir, and --config-dir. By default these are /var/lib/letsencrypt, /var/log/letsencrypt, and /etc/letsencrypt respectively. Additionally if you are using Certbot with Apache or nginx it will lock the configuration folder for that program, which are typically also in the /etc directory.

Note that these lock files will only prevent other instances of Certbot from using those directories, not other processes. If you’d like to run multiple instances of Certbot simultaneously you should specify different directories as the --work-dir, --logs-dir, and --config-dir for each instance of Certbot that you would like to run.

A LetsEncrypt forum post Another instance of Certbot is already running recommends running

find / -type f -name ".certbot.lock"

To find all these lock files. It also has a "seek and destroy" line:

find / -type f -name ".certbot.lock" -exec rm {} \;

Without preparation – it's technically sort-of possible, using reptyr, but it does not always work well. It also won't show you what the process has already output, i.e. you won't be able to know what kind of prompt is currently being shown.

It's probably better to kill that certbot instance (which will eventually happen anyway, as soon as the OS notices the TCP connection being unresponsive) and restart the procedure from scratch.

For the future, look into "terminal multiplexers" such as tmux, screen, or abduco. They are designed to allow reattaching to any kind of process that has been started inside the multiplexer – as long as you remember to have started tmux before working.

Ideally, though, certbot should be able to do its job without any prompts. If you're manually fiddling around with the challenge files or DNS records – that in itself is already a problem, because you won't always be around to do that every month.

Related

Is there a way to disable the Internet Explore mode warning in Edge?
Open multiple info buffers in Emacs
The VirtualBox Linux kernel driver is either not loaded or not set up correctly
How to configure Windows to lock screen on sleep/wake but not on display-off
Print two arbitrary excel worksheets as one page, double-sided
Is it possible to—on open—update links without prompt in Excel VBA?
Cannot see devices on my home network when using my public IP
What determines GNU\Linux hardware requirements?
Can't access bios after legacy boot
Logitech Options doesnt have Copy and Paste options for MX Master 2s Mouse on MacOS
Ubuntu: On-screen keyboard without typing
Google Drive shortcut broken after automatic updates