Hi Markus, On Mon, Mar 25, 2024 at 02:36:59AM +0100, Markus Koschany wrote: > Sylvain Rochet wrote: > > Actually, the main problem is /lib/systemd/system/monopd.socket which > > set Accept=yes while monopd needs Accept=no (which is the default value). > > I wonder if monopd needs a systemd socket file at all and if we should > disable the service after the installation. We have been using this > setting since the introduction of systemd. If monopd runs with > Accept=no then we also don't need a service template file. At some > point I also noticed the same warning as Shriram > > "monopd.socket is a disabled or a static unit not running, not > starting it." and then followed [1] and added the required template > file.
Yeah, socket activation is not really useful for public servers services, it is mostly used for local services that can be spawned on the fly later. Furthermore, socket activation breaks monopd metaserver registration because the daemon must be running to register, so better only ship the service file. I let you decide whether the service should be disabled or enabled by default (but unless something recently changed, daemon usually runs by default on Debian. I admit having lost track :D). > I have been running monopd for the past decade and I also suspect the > daemon is affected by some bugs which might be remotely exploitable. What makes you think that? My daemon is running attached to gdb so I can easily catch and trace any issue that would kill the process. So far it's been over 10 years without a single issue, some process lived for several years between systems reboot. I am not saying it is bug free because nothing is bug free, but if it is remotely exploitable and actively exploited, I would be aware of it on my running instance. > Since users usually don't need the monopd server anyway, if they want > to play a game, they should make a conscious decision to start it if > they want to use it locally. For a simple internet game, the daemon is > not required. Installing the server package isn't already a conscious decision? Kind regards, Sylvain
signature.asc
Description: Digital signature