Bug#889473: Acknowledgement (mirror submission for mirrors.mit.edu)

2018-02-03 Thread Lizhou Sha 
Hello,

I am a maintainer of mirrors.mit.edu. As far as we know, we did not
submit this request, and we are not ready to be included in the list
of official Debian mirrors at this time.

Please close this request at your convenience.

Thank you!

Best,
Lizhou
MIT SIPB Mirrors Team

-- 
Lizhou Sha
Massachusetts Institute of Technology
Department of Physics

Bug#830074: iodine: Provide a systemd service file

2016-07-14 Thread Lizhou Sha 
Hi Gregor,

Indeed, socket activation would be nice. However, from my latest
testing, the current packaged version of iodined has some bug wrt
IPv6. Namely, systemd sockets are IPv6 by default, and on an IPv4-only
system, iodined will still think that the socket is IPv6. The upstream
master seems to have fixed it in this commit, by forcing the use of
separate IPv4 and IPv6 sockets:
https://github.com/yarrick/iodine/commit/4987aa536db069c9f687c2c85b325fc49756a0f2

In addition, there seems to be another bug that is not fixed upstream
that causes iodined to exit too quickly with the -i argument. From
empirical observation, I don't think they are counting the idle time
correctly. While it should be safe to pull in the upstream changes
that makes socket activation technically possible, I think it's best
for the Debian package to use traditional start-on-boot for now, and
address socket activation in another update.

I have also discovered that my patch is insufficient in a few ways.
The updated files are attached.

1. I forgot to include the chroot parameter. The chroot directory is
created with a tmpfile (see tmpfiles.d(5)). Since the original init
script seems to create the chroot directory with 0755 root:root
permission, I have replicated that in the tmpfile.
2. I've tweaked the service file so that it won't start until
systemd-tmpfile has done its magic.
3. I have not included a iodined.socket file because the upstream
example iodine-server.socket should just work, when the time comes to
enable socket activation for this Debian package.

Finally, I should note that the package needs to build depend on
dh-systemd, which should take care of installing the iodined.service
and iodined.tmpfile files automatically when they're placed in the
debian/ directory.

Lizhou

On Wed, 6 Jul 2016 00:07:44 +0200 gregor herrmann <gre...@debian.org> wrote:
> On Tue, 05 Jul 2016 17:52:07 -0400, Lizhou Sha wrote:
>
> > Please find attached a systemd service file for iodined. This should
> > serve as a drop-in replacement for the existing sysvinit script.
>
> Thank you, much appreciated.
>
> One question I (as a systemd noob) have is:
> Shouldn't iodined use systemd's socket activation feature? What I
> understand from upstream CHANGES and the manpage, and grepping over
> the code, this should be possible but we need an appropriate unit
> file for it (examples already exist in the upstream tarball's doc/
> directory, and also installed as examples in the Debian package; they
> probably just need to be adjusted to Debian systems for paths and
> filenames, and tested ...)
>
>
> Cheers,
> gregor
>
> --
>  .''`.  Homepage https://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06
>  : :' : Debian GNU/Linux user, admin, and developer -  https://www.debian.org/
>  `. `'  Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe
>`-


iodined.tmpfile
Description: Binary data


iodined.service
Description: Binary data

Bug#830074: iodine: Provide a systemd service file

2016-07-05 Thread Lizhou Sha 
Package: iodine
Version: 0.7.0-4
Severity: wishlist

Dear Maintainer,

Please find attached a systemd service file for iodined. This should
serve as a drop-in replacement for the existing sysvinit script.

A couple things to note:

- The original init script depends on $remote_fs, $named, and $syslog.
  It seems that it is sufficient to use Wants=network.service in the
  systemd service file, but you might want to verify that this is the
  case.
- The sysvinit script allows iodined to fork into a daemon, but under
  systemd it is probably easier to have iodined not fork. Therefore, I
  added the -f option to the command line and used Type=simple instead
  of Type=forking.

Best,
Lizhou

-- System Information:
Debian Release: stretch/sid
  APT prefers xenial-updates
  APT policy: (500, 'xenial-updates'), (500, 'xenial-security'), (500, 
'xenial'), (100, 'xenial-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-28-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
# Author: Lizhou Sha <s...@mit.edu>

[Unit]
Description=A daemon for tunneling traffic over DNS queries
After=network.target

[Service]
EnvironmentFile=/etc/default/iodine
ExecStartPre=/bin/sh -xc "test ${START_IODINED} = true"
ExecStart=/usr/sbin/iodined -f -u iodine $IODINED_ARGS -P ${IODINED_PASSWORD}
Restart=on-failure
Type=simple

[Install]
WantedBy=multi-user.target