user for each instance, and the user is
> called "foo-" suffixed with the instance ID. And each UID is
> dynamically assigned.
Great, it works, thanks!
I see, so without a User= line, username is the same as the unit name (before
@)... apparently I didn't read systemd.exec m
onversion program
After=network.target
[Service]
Type=simple
DynamicUser=yes
StandardInput=socket
ExecStart=/etc/systemd/scripts/convert.sh
->8-
Thanks in advance,
L.
--
Leonid Isaev
___
systemd-devel mailing list
systemd-devel@lists.freedeskt
On Tue, Jan 21, 2020 at 03:53:10PM +, Leonid Isaev wrote:
> I am trying to sandbox processes that run via instantiated units and
> the DynamicUser feature seems like a nice solution. However, when I start
> several such units simultaneously, the dynamic UID, while random, is
essfully returns, you know that things are properly set up.
Hopefully this thread attracts relevant attention because I don't know how to
debug this...
HTH,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1B
The only solution which I
found was to use netctl (should be availabel on ALARM) where you can explicitly
specify a precise order in which links should be managed.
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1
hcpcd@.service?
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
pgpLbgK59Yo9L.pgp
Description: PGP signature
___
systemd-devel mai
Hi,
On Fri, Aug 15, 2014 at 06:20:07PM +0200, Lennart Poettering wrote:
> On Sun, 06.07.14 12:43, Leonid Isaev (lis...@umail.iu.edu) wrote:
>
> > Hi,
> >
> > Sorry for a delayed reply.
> >
> > On Thu, Jul 03, 2014 at 01:46:53PM +0200, Lennart Poettering w
s.
Does it simply look in /proc, unlike systemctl?
> Maybe netctl is used in your initrd, and the reexec for the transition
> from initrd to the host os is the issue here?
No, netctl is not a part of my initramfs image... and neither is systemd for
that matter.
Cheers,
--
Leonid Isaev
GPG fingerp
as done) that
> might have resulted in systemd forgetting the path for one of the units?
Well, I can see this on a freshly booted machine, so I guess that's a no.
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C
Hi,
On Wed, Aug 13, 2014 at 06:40:48PM +0200, Lennart Poettering wrote:
> On Wed, 13.08.14 12:30, Leonid Isaev (lis...@umail.iu.edu) wrote:
>
> > > What's the Type= of the units?
> >
> > netclt@.service is Type=oneshot:
> > --
> > $ cat /usr/l
Hi,
On Wed, Aug 13, 2014 at 03:29:40PM +0200, Lennart Poettering wrote:
> On Mon, 11.08.14 13:22, Leonid Isaev (lis...@umail.iu.edu) wrote:
>
> > Hi,
> >
> > I am seeing an oddity in the CGroup output of systemctl status ran on
> > some units. On the other ha
netctl@wan.service | grep forked
Aug 11 11:51:05 borei dhcpcd[650]: forked to background, child pid 663
--
This is systemd-215 running on ArchLinux. Any ideas why this is happening?
Thanks,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF
r is
back up (because another device got your IP)?
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
pgppzzTaxoBj3.pgp
Description: PGP signature
ings stand
> now this cannot be done afaikt.
IMHO, the central technical problem (I am not going to argue about design
principles) of journald is that it is an "all or nothing" solution.
Unfortunately, this inflexibility makes it only useful as a supplimentary
logger...
Cheers,
--
L
var/log/daemon.log.6
0
/var/log/daemon.log.7
23
/var/log/daemon.log.8
30
% grep dnsmasq /var/log/daemon.log.1
2014-08-02T15:46:05.00-04:00 metal-0 dnsmasq[460]: possible DNS-rebind
attack detected: direct.stroyka.ru
--
Sorry for a long reply...
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC
Hi,
On Thu, Aug 07, 2014 at 06:11:39PM +, "Jóhann B. Guðmundsson" wrote:
>
> On 08/07/2014 04:12 PM, Leonid Isaev wrote:
> >>>Perhaps understanding why you're allergic to the journal would help in
> >>>figuring out solutions to the actual under
ual underlying problem.
There is nothing wrong with the journald per se, but it's not a replacement for
the classic syslog: journald offers only log storage, while syslog is a log
processing tool. This distinction is dim on a desktop, but is very apparent
even on a simple server machine.
C
ecommendation above.
For example, sshd(8) now runs with '-D'. Of course, some daemons might send
their messages syslog even if run in foreground, but not all.
A hard way to fix this is to modify service files for daemons you use to run in
background and set 'Type=forking'.
HTH,
pcd-%I.pid
ExecStart=/usr/bin/dhcpcd -q -w %I
ExecStop=/usr/bin/dhcpcd -x %I
[Install]
WantedBy=multi-user.target
--
I am a bit at a loss of how to debug this further... Any ideas?
Thanks,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
On Mon, Jul 07, 2014 at 05:40:42PM +0200, Lennart Poettering wrote:
> On Mon, 07.07.14 11:08, Leonid Isaev (lis...@umail.iu.edu) wrote:
>
> > Hi,
> >
> > Thanks for the explanation...
> >
> > On Mon, Jul 07, 2014 at 12:26:03PM +0200, Lennart Poettering
Hi,
On Mon, Jul 07, 2014 at 03:02:47PM +0200, Tom Gundersen wrote:
> On Sun, Jul 6, 2014 at 6:43 PM, Leonid Isaev wrote:
> > Hi,
> >
> > Sorry for a delayed reply.
> >
> > On Thu, Jul 03, 2014 at 01:46:53PM +0200, Lennart Poettering wrote:
> >> it wo
fig.service, et
al. to run on next boot after an update?
Thanks,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
pgpbpZbXN3pTQ.pgp
Description: PGP signature
ckage manager should touch
/etc/.updated?
Thanks,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
pgpTYZ8wwQ0je.pgp
Description: PGP signature
___
s
On Sun, Jul 06, 2014 at 08:43:01PM +0200, Tom Gundersen wrote:
> On Sun, Jul 6, 2014 at 7:17 PM, Leonid Isaev wrote:
> > Hi,
> >
> > With systemd-215 networkd fails to set up the DHCPv4 on WAN
> > interface:
> > --
> > $ journalctl -u systemd-ne
Hi,
On Sun, Jul 06, 2014 at 08:13:56PM +0200, Zbigniew Jędrzejewski-Szmek wrote:
> On Sun, Jul 06, 2014 at 01:44:05PM -0400, Leonid Isaev wrote:
> >
> > So... the solution would be for distro packages to ship mtab as a symlink to
> > "../proc" instead of "
On Sun, Jul 06, 2014 at 09:15:28PM +0400, Ivan Shapovalov wrote:
> On Sunday 06 July 2014 at 13:13:55, Mike Gilbert wrote:
> > On Sun, Jul 6, 2014 at 1:08 PM, Ivan Shapovalov
> > wrote:
> > > On Sunday 06 July 2014 at 13:01:22, Leonid Isaev wrote:
> > >&
reason why IPv6 router discovery fails is
because I boot with 'ipv6.disable=1' on the kernel cmdline. So, is there now a
hard dependency on IPv6 being enabled?
Thanks,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075
pfiles
touch /etc at all, especially if /etc is already properly set up?
Thanks,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
pgpLVP4W5dKM6.pgp
Descri
/veth7DH07K'
--
As before, things seem to work i.e. I can still see servers inside containers.
The kernel is 3.15.3.
Thanks,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
p
tramfs, before it is mounted. So far so good.
>
> It's not wrong, but it seems unnecessary to fsck an ro file system. How is it
> becoming inconsistent if it's read only?
>
You still need to remount / rw for administration tasks or updates.
Cheers,
--
Leonid Isaev
GPG fingerp
On Wed, Jul 02, 2014 at 03:15:58PM +0200, Lennart Poettering wrote:
> On Sun, 29.06.14 17:50, Leonid Isaev (lis...@umail.iu.edu) wrote:
>
> > Hi,
> >
> > I am seeing the following messages in my syslog on each boot:
> > --
> > $ grep "link confi
LXC containers
DHCP=false
[Address]
Address=10.137.0.1/24
--
The interface 'vethXX' is a container part (I guess) of the veth pair.
What is the meaning of the above errors, why are they printed, and is there a
way to get rid of them?
Thanks,
--
Leonid Isaev
GPG fingerprints:
oise long ago
>
> however - the *large amount* of that messages even if you
> drop them consumes useless ressources on virtualization
> clusters and blow up the systemd-journal
>
If resources are an issue, don't use the journal. In my experience, it consumes
~4x space compare
la/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101
> Thunderbird/24.5.0
>
>
>
> Am 09.06.2014 17:28, schrieb Leonid Isaev:
> > On Mon, Jun 09, 2014 at 10:48:31AM +0300, Leho Kraav wrote:
> >> Date: Mon, 09 Jun 2014 10:48:31 +0300
> >> From: Leho Kraav
> >
l parameter ip= or an initramfs. In that case, it's your
> own responsibility to bring it down before systemd takes over. If you
> care about leaks.
Cool. I see your point now.
Thanks,
Leonid.
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
s when viewing them using journalctl command line or
grep/awk; you can not control what is logged when and where.
If you want log processing (multiple log directories, advanced filtering,
etc.), use syslog-ng or rsyslog. For example, one can setup a special logfile
for systemd-related messages
Hi,
On Sun, Jun 08, 2014 at 12:33:44PM +, Rusty Bird wrote:
> Date: Sun, 08 Jun 2014 12:33:44 +
> From: Rusty Bird
> To: systemd-devel@lists.freedesktop.org
> Subject: Re: [systemd-devel] [PATCH] Add a network-pre.target to avoid
> firewall leaks
>
> Leonid Isaev
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
ow in which the network has been set up, but
> the firewall is not yet in place.
But by the time network.target is reached there are no listening services yet,
are there? So, why would one need a firewall?
Thanks,
Leonid.
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291
27;d only have to check ethtool for wired ethernet and the
> wireless stack for wireless ethernet and can cover 70% of all devices
> with that, this sounds like the right thing to do for me...
Note, however, that wlan link speed can fluctuate in time. At least that's what
happens wit
On Sat, 31 May 2014 17:27:11 +0200
Lucas Thieme wrote:
> configurated correct in/etc/rc.conf, and I thought, systemd replaced it.
Yes, more than a year ago... Anyway, this is a wrong mailing list for your
question. Go to bbs.archlinux.org and ask on the forums.
--
Leonid Isaev
rks OK in simple
cases, but is meaningless and breaks things on tricky hardware.
>
>
> --
> Кирилл Елагин
>
Cheers,
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
sign
ied to run `systemctl disable systemd-rfkill@rfkill1`, but there's
> no output after that and it wasn't disabled at all
>
> Any ideas?
Yes: "systemctl mask systemd-rfkill@rfkill1.service". Or better yet, append
"systemd.restore_state=0" to your kernel cmdline.
.576259 CDT -- ssh-keygen exits
Cheers,
L.
--
Leonid Isaev
GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4
C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
signature.asc
Description: PGP signature
___
systemd-
en the
> > > > bootup is supposedly delayed?)
> >
> > I'll have to test this, but I'll speculate that list-jobs will show nothing
> > by the time I login, because it takes about 30 sec for me to enter login
> > credentials...
>
> Use "systemc
the system.
>
> > What does "systemctl list-jobs" print when this happens? (i.e. when the
> > bootup is supposedly delayed?)
I'll have to test this, but I'll speculate that list-jobs will show nothing
by the time I login, because it takes about 30 sec for me to
iner...
> [...]
> Actually, you can avoid the above. Here's another test with just
> "lxc-create"
>
> $ lxc-create -n testcontainer -t archlinux -- -P util-linux
> $ lxc-start -n testcontainer
>
> Same problem.
Same as above, no problem.
Cheers,
--
L
el free to
ignore me if the above makes no sense.
Best,
L.
--
Leonid Isaev
GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
signature.asc
Description: PGP signature
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Hi,
On Sat, 5 Apr 2014 11:26:17 +0200
Tom Gundersen wrote:
> On Sat, Apr 5, 2014 at 12:43 AM, Leonid Isaev wrote:
> > I seem to have a strange issue with the way networkd processes its
> > configuration files. The machine is actually a systemd-nspawn container
>
nt->state != SD_EVENT_FINISHED' failed at
src/libsystemd/sd-event/sd-event.c:1308, function
sd_event_source_set_enabled(). Ignoring.
-
I understand that the 1st matching configuration is applied but why does it
concern overriden files? Also, why does a symlink to /dev/null match all
interfaces (even l
ce the login
> delay) because it can't talk to systemd-logind due to some IPC problem
> that I can't work out yet...
>
It's difficult to say what's going on without a verbose journal output... Can
you obtain one? Can you post your container creation scripts, so that I
pm-utils and Upower has created _lots_ of confusion.
> I also don't think couple stats() and rm's have any
> measurable impact on battery.
>
Stock tmpfiles.d clean routine applies only to tmpfs (by default) filesystems.
On a battery-powered system, they are most likely clean due t
On Thu, 03 Apr 2014 18:53:48 +0100
John Lane wrote:
> On 03/04/14 16:40, Leonid Isaev wrote:
> > Hi,
> >
> > On Thu, 03 Apr 2014 11:25:27 +0100
> > John Lane wrote:
> >
> >> Hello, I have a number of LXC containers that have been working with
> &
d at Thu 2014-04-03 11:27:50
EDT
[appuser@appserver1 ~]$ journalctl PRIORITY=4
-- Logs begin at Thu 2014-04-03 10:24:09 EDT, end at Thu 2014-04-03 11:27:50
EDT
Cheers,
--
Leonid Isaev
GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
gt; > True for the interpreted code.
>
> And compiled code. The linker is your ELF interpreter.
Sorry if this is off-topic, but how do you that? With
"/lib/ld-2.19.so /path/to/executable"?
Thanks,
--
Leonid Isaev
GPG key fingerprint: C0DF 20D0 C075 C3F1
[Sorry, forgot to CC the mailing list]
Hi Lennart,
On Tue, 18 Mar 2014 02:33:50 +0100
Lennart Poettering wrote:
> On Mon, 17.03.14 19:04, Leonid Isaev (lis...@umail.iu.edu) wrote:
>
> > Hi,
> >
> > Currently, XDG_RUNTIME_DIR=/run/user/ is mounted with rather
&
ability to constrain
users, e.g. by mounting /home as noexec (I have seen this done in some
environments).
Is there a need to allow execution from $XDG_RUNTIME_DIR? And how
should one configure its mount options?
Thanks,
--
Leonid Isaev
GPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE
57 matches
Mail list logo