Re: [systemd-devel] Where is systemd non-devel list?
Am 28.07.2016 um 23:52 schrieb Chip: I see that my question re: issues with systemd, is more suited for non development list. Is there a non development systemd list? no, just this one signature.asc Description: OpenPGP digital signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Where is systemd non-devel list?
I see that my question re: issues with systemd, is more suited for non development list. Is there a non development systemd list? Thanks. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd-nspawn and shared private network
Hello, I am trying to see how to implement with systemd-nspawn a version of docker's pod when a group of very lightweight containers use a loopback interface or unix sockets to communicate with each other and a shared network interface to communicate with the outside world. Otherwise the containers are isolated and do not share process and other namespaces. My impression from the documentation is that I should create a version of systemd-nspawn@.service that uses JoinsNamespaceOf to join the namespace of the main service for the pod. That main service should configures container networking, expose ports to host etc. For that I plan to use systemd-nspawn --network-veth ... The problem I do not see how to pass the name of the main service created with systemd-nspawn to that template. Obviously I can create own unit for the main service that contains PrivateNetwork=true, but then I cannot use --network-veth with nspawn as that configures the namespace that nspawn creates, not the one from the unit. Any suggestions? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] No rhyme or reason to systemd enabling/disabling service
Ubuntu 16.04 With no changes to software or anything, on reboot, systemd *sometimes* will start dnscrypt-proxy.service while other times just ignores it and it fails to start. There is no rhyme or reason as to why sometimes it starts and other times fails to start. All files in /etc/systemd/system/multi-user.target.wants look correct. I need help troubleshooting this problem. Following is a successful journalctl -xru dnscrypt-proxy.service, otherwise when it fails, it simply shows "no results": journalctl -xru dnscrypt-proxy.service -- Logs begin at Mon 2016-07-18 20:39:36 EDT, end at Mon 2016-07-18 20:48:44 EDT. -- Jul 18 20:39:51 damonster systemd[1]: Started DNSCrypt proxy. -- Subject: Unit dnscrypt-proxy.service has finished start-up -- Defined-By: systemd -- Unit dnscrypt-proxy.service has finished starting up. -- The start-up result is done. Jul 18 20:39:51 damonster dnscrypt-proxy[979]: [NOTICE] Proxying from 127.0.2.1:53 to 23.226.227.93:443 Jul 18 20:39:51 damonster dnscrypt-proxy[979]: [INFO] Server key fingerprint is DB51:0B61:7A1F:DECE:27CE:26B5:8934:756A:0 Jul 18 20:39:51 damonster dnscrypt-proxy[979]: [INFO] Chosen certificate #805564433 is valid from [2016-01-24] to [2017-0 Jul 18 20:39:51 damonster dnscrypt-proxy[979]: [INFO] This certificate is valid Jul 18 20:39:51 damonster dnscrypt-proxy[979]: [INFO] Server certificate #805564433 received Jul 18 20:39:45 damonster dnscrypt-proxy[979]: [INFO] Done Jul 18 20:39:45 damonster dnscrypt-proxy[979]: [INFO] Generating a new session key pair Jul 18 20:39:45 damonster dnscrypt-proxy[979]: [NOTICE] Starting dnscrypt-proxy 1.6.1 Jul 18 20:39:45 damonster dnscrypt-proxy[979]: [INFO] + Provider supposedly doesn't keep logs Jul 18 20:39:45 damonster dnscrypt-proxy[979]: [INFO] + Namecoin domains can be resolved Jul 18 20:39:45 damonster dnscrypt-proxy[979]: [INFO] - [okturtles] does not support DNS Security Extensions Jul 18 20:39:43 damonster systemd[1]: Starting DNSCrypt proxy... -- Subject: Unit dnscrypt-proxy.service has begun start-up -- Defined-By: systemd -- Unit dnscrypt-proxy.service has begun starting up. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] enable/disable swap before/after hibernation
Dear list, I want to enable/disable the swap partition before/after hibernation. However, it seems I cannot get the service to run early enough to avoid the error: Failed to hibernate system via logind: Sleep verb not supported The .service file looks as follows: [Unit] Description=… StopWhenUnneeded=true Before=hibernate.target [Service] Type=oneshot RemainAfterExit=yes ExecStart=/sbin/swapon /my/device ExecStop=/sbin/swapoff /my/device [Install] RequiredBy=hibernate.target The service file itself works (with StopWhenUnneeded=true removed and upon manual start/stop and verification). It was installed by running `systemctl enable /path/to/file.service` As another variation, I tried to hook against sleep.target and hibernate.service with no luck. Any help very much appreciated (this of course includes completely different approaches). Best, Lukas ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] How to securely load a firewall before networking gets up?
TLDR: How to securely load a firewall before networking gets up? Can you provide a secure, recommended or even canonical example of such a firewall.service? Long: Various people have come up with a different implementations and systemd.special documentation makes me wonder if my own interpretation would be ideal. Why not WantedBy=network-pre.target? # firewalld.service (from Debian package) [Unit] Description=firewalld - dynamic firewall daemon Before=network.target Before=libvirtd.service Before=NetworkManager.service Conflicts=iptables.service ip6tables.service ebtables.service [Service] ExecStart=/usr/sbin/firewalld --nofork --nopid ExecReload=/bin/kill -HUP $MAINPID # supress to log debug and error output also to /var/log/messages StandardOutput=null StandardError=null Type=dbus BusName=org.fedoraproject.FirewallD1 [Install] WantedBy=basic.target Alias=dbus-org.fedoraproject.FirewallD1.service # corridor-init-forwarding.service.in (by corridor package) [Unit] Description=corridor's forwarding After=iptables.service systemd-sysctl.service Before=network-pre.target Wants=network-pre.target [Service] ExecStart=SBIN/corridor-init-forwarding ExecStop=SBIN/corridor-stop-forwarding Type=oneshot RemainAfterExit=yes [Install] WantedBy=multi-user.target RequiredBy=systemd-networkd.service ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] REMINDER: systemd.conf 2016 CFP ends Monday!
Heya! I'd like to remind everybody that the systemd.conf CFP ends this monday (Aug 1st), and we are still looking for more submissions! If you'd like to do a presentaton or run a workshop, please submit your proposal until then: https://cfp.systemd.io/en/systemdconf_2016/cfp/session/new It would be great if you'd submit something by then! Thanks a ton! Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
