Re: [systemd-devel] journald does not support syslog?

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 18:20, dE (de.tec...@gmail.com) wrote:

> On 09/06/2015 06:00 PM, Michael Chapman wrote:
> >On Sun, 6 Sep 2015, dE wrote:
> >>Hello all!
> >>
> >>As per the systemd-journald man page,
> >>
> >>>It creates and maintains
> >>>   structured, indexed journals based on logging information that
> >>>is received from a variety of sources:
> >>>Simple system log messages, via the libc syslog(3) call
> >>
> >>Unfortunately I did not find any configuration parameter to make
> >>systemd-journald listen on a unix/network socket for syslog messages,
> >>making me high suspicious of this claim.
> >>
> >>So final question is -- How do you make journald listen for syslog
> >>messages via syslog protocol?
> >
> >See the systemd-journal-dev-log.socket unit on your system (it's mentioned
> >in that manpage). This socket is passed to journald when it's started. The
> >socket unit should be enabled and acive on any standard systemd
> >installation.
> >
> >- Michael
> 
> Yes, I got that socket (/run/systemd/journal/dev-log).
> 
> However /dev/log is not present (it's not made by default) and ss -xnlp does
> not list /run/systemd/journal/dev-log or it's corresponding inode as being
> listened by any program.
> 
> Anyway, thanks for helping out. I've made the /dev/log symlink and now it
> works.

If the symlink is missing then something on your system must be
actively deleting it. systemd-journald-dev-log.socket contains
Symlinks=/dev/log to ensure the symlink is created as ĺong as the
socket for it is up.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Method to solve a "ordering cycle"

2015-09-06 Thread Lennart Poettering 
On Wed, 02.09.15 17:08, Daniel Spannbauer (d...@marco.de) wrote:

> Hello,
> 
> I often have a ordering cycle so a service is deleted at boot.
> 
> Is there a standard way of getting rid of that cycles or to find the
> cause of them?

Well, when systemd finds one of these cyclic ordering dependencies it will
print your the full chain of it in the logs. It's not too difficult to
read that actually, as it starts with one unit, and then shows you the
next one that is ordered after it, and then the next one, and so on,
until it comes back to the original one which is supposed to be after
that last one... Now it's just a matter to figure out where to break
the cycle and drop the ordering dependency.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Cannot start service due to 'systemd-tty-ask-password-agent --watch' not answering

2015-09-06 Thread Lennart Poettering 
On Thu, 03.09.15 04:39, Yeela Kaplan (ykap...@redhat.com) wrote:

> Hi all,
> We have run into a problem starting a service on EL7.1.
> We installed the same environment on two hosts, on the first one the service 
> started successfully and on the second one it failed to start.
> 
> On the machine failing when running:
> systemctl start supervdsmd.service
> 
> we see that a child process `systemd-tty-ask-password-agent --watch`
> is spawned by systemctl:
>  
> [root@green-vdsc ~]# pstree -p $$
> bash(13179)─┬─pstree(13494)
> └─systemctl(13440)───systemd-tty-ask(13441)
> 
> using strace -f we see that systemctl is waiting on a response from 
> systemd-tty-ask but never receives it and gets stuck forever polling:
> 
> [pid 14884] execve("/usr/bin/systemd-tty-ask-password-agent", 
> ["/usr/bin/systemd-tty-ask-passwor"..., "--watch"], [/* 31 vars */]) = 0
> .
> .
> .
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "\242\233\270\f9\257\326\257_\n\30\264\263\17\32\272\0058\331\245\236f\207\202\321(\322`pS\324\376"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "G\262_$\210%*\275Q`G\240\361F\323\306\254.\334\323]\314:!u\343H\200\227\1\206&"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "\272\177J\330D\252\367\2\367w\302\230-\221'\267\365\376\214\217\334\327\245a\311\377\tfc\177\273j"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "\324\230x\231\222\210\271-\22a\2134\202\274\\\373\305\231;\177\244e\246=k\204\216\327\340iG\17"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "3\210\234X\0N\202G\354\22WFt^\331V\344\32\\A\36\323[\302\370\363\371\210\211\t\2129"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "+\235\26\274\373R\34\377Rs9\370\273\370\t),V\276\v`\233^E\256\257lX#\27\23W"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "\346\237\ru5\311\372\362K?2\203\300\246C2K(\4+\20\341t\4S\370\35\25}>\265\240"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "F\25\257j\233q\315W\25\334\306\233\217!\306$\255Y\33\364\0039Qy\2\223@o\235\257hw"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "\324\316\10k*\332A\253\344^\5y\372\10I\375\216\372\271\277\205\2264\0\35>?]`\263\374\275"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "\34P\10w\314e\270\226X\t\212\30\"\17.\334\3471\342B\334\272\315\351\367\324k\273S\363\323f"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "\210\230;\227\31\261\364A\301#\374\311\206?\17\202\2749\340\246\323gm\315\325\361\335K\200\6h\275"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> read(3, 
> "i\10Dl\5\312\222\376\10l\37\277X\341CIs\\\"\235{\315|\334\227\10>\246a\5,\36"...,
>  120) = 120
> poll([{fd=3, events=POLLIN}], 1, 100)   = 1 ([{fd=3, revents=POLLIN}])
> 
> systemctl is waiting for a response from its child process forever and does 
> not close it. 
> As a result, it never even tries to run the start command for our service 
> supervdsm.
> So it looks like an issue either with systemd or the way our service 
> interacts with systemd.
> 
> Is anyone familiar with such an issue or has an idea why it happens and how 
> to fix it? 

This is really a misconception about what
systemd-tty-ask-password-agent actually does. It's job is to bring
password queries from system components to the screen while you wait
for systemctl to finish. This is useful for things like LUKS hdd
encryption where the system might have to query the user for a
passphrase to proceed starting units. Other cases where this is used
is for passphrases of SSL certificates.

Unless you actually use LUKS or SSL certificates with a passphrase
(with a web server that supports querying passwords via systemd's
password querying mechanism), the agent does pretty much nothing.

The agent is forked off, waits for passwords to be queried, queries
them when there are any, and then exits when systemctl finishes. 

You can pass --no-ask-password to systemctl to turn off the agent. See
the man page for details.

Or in short: I doubt that the password agent has anything to do with
the problem you are running into.

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread arnaud gaboury 
On Sun, Sep 6, 2015 at 3:36 PM, Lennart Poettering
 wrote:
> On Sun, 06.09.15 13:14, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>
>> On Sun, Sep 6, 2015 at 1:08 PM, Lennart Poettering
>>  wrote:
>> > On Sun, 06.09.15 13:01, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>> >
>> >> On Sun, Sep 6, 2015 at 12:53 PM, Lennart Poettering
>> >>  wrote:
>> >> > On Thu, 03.09.15 13:26, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>> >> >
>> >> >> I plan to use the systemd mutli-seat features, but I am not sure at
>> >> >> all how I must proceed and in waht order. I understand the main
>> >> >> principle for mouse and keyboard: detect the device then
>> >> >> $ loginctl attach seatNumber DevicePath
>> >> >> As for the graphic card, I am lost.
>> >> >>
>> >> >> OS: Fedora 22
>> >> >> gdm
>> >> >> 1 nvidia card
>> >> >> 1 USB3 plugable dockin station for the second monitor
>> >> >
>> >> > I presume this hardware is not marked for "auto seat" yet, using
>> >> > udev's ID_AUTO_SEAT property. If you let me know USB product and
>> >> > vendor id of this device (as reported by lsusb in hex) I'll add it to
>> >> > the default rules files. If that's done then just plugging in the
>> >> > device will make it a new seat, without any configuration.
>> >>
>> >>
>> >> Bus 002 Device 005: ID 17e9:4323 DisplayLink
>> >
>> > The docking station probably is an USB hub with the displaylink device
>> > connected to it. the vendor/product ID i am interested in is the id of
>> > that hub, i.e. the top-level device in the docking station device.
>>
>> If it can help, here is the udev rule and service shipped with the rpm:
>>
>> displaylink.service
>> ---
>> [Unit]
>> Description=DisplayLink Manager Service
>> After=display-manager.service
>> Conflicts=getty@tty7.service
>>
>> [Service]
>> ExecStartPre=/sbin/modprobe evdi
>> ExecStart=/usr/lib/displaylink/DisplayLinkManager
>> Restart=always
>> WorkingDirectory=/usr/lib/displaylink
>> RestartSec=5
>> 
>>
>> /etc/udev/rules.d/99-displaylink.rules
>> ACTION=="add", SUBSYSTEM=="usb", ENV{ID_VENDOR}=="DisplayLink",
>> MODE="0660", RUN+="/bin/systemctl start displaylink.service"
>> ACTION=="remove", SUBSYSTEM=="usb", ENV{ID_VENDOR}=="DisplayLink",
>> RUN+="/bin/systemctl stop displaylink.service"
>
> That's awfully generic...
>
> I'd really just be interested in vendor/product ids if the usb hub
> that is built into your docking station, where the display link is
> connected to.
>
> If in doubt, please run "lsusb" once before you plug in the device,
> and once after you plug it in, and let me know the difference: all the
> lines that appeared in the output by plugging it in.

unplu/plug, diff of $ lsusb

Bus 002 Device 005: ID 17e9:4323 DisplayLink
Bus 002 Device 004: ID 2109:8110 VIA Labs, Inc. Hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 008: ID 1a40:0101 Terminus Technology Inc. Hub
Bus 001 Device 007: ID 2109:2811 VIA Labs, Inc. Hub


>
> Thanks,
>
> Lennart
>
> --
> Lennart Poettering, Red Hat



-- 

google.com/+arnaudgabourygabx
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 16:02, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

> > That's awfully generic...
> >
> > I'd really just be interested in vendor/product ids if the usb hub
> > that is built into your docking station, where the display link is
> > connected to.
> >
> > If in doubt, please run "lsusb" once before you plug in the device,
> > and once after you plug it in, and let me know the difference: all the
> > lines that appeared in the output by plugging it in.
> 
> unplu/plug, diff of $ lsusb
> 
> Bus 002 Device 005: ID 17e9:4323 DisplayLink
> Bus 002 Device 004: ID 2109:8110 VIA Labs, Inc. Hub
> Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
> Bus 001 Device 008: ID 1a40:0101 Terminus Technology Inc. Hub
> Bus 001 Device 007: ID 2109:2811 VIA Labs, Inc. Hub

Ah, hmm, interesting. Which device is this precisely? Have an amazon
link or so? The output above suggests the device is not nicely
recognizable unfortunately.

Could you redo the output, and do this with "lsusb -v" this time? That
shows more information about the USB descriptor of the device.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread arnaud gaboury 
On Sun, Sep 6, 2015 at 4:19 PM, Lennart Poettering
 wrote:
> On Sun, 06.09.15 16:02, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>
>> > That's awfully generic...
>> >
>> > I'd really just be interested in vendor/product ids if the usb hub
>> > that is built into your docking station, where the display link is
>> > connected to.
>> >
>> > If in doubt, please run "lsusb" once before you plug in the device,
>> > and once after you plug it in, and let me know the difference: all the
>> > lines that appeared in the output by plugging it in.
>>
>> unplu/plug, diff of $ lsusb
>>
>> Bus 002 Device 005: ID 17e9:4323 DisplayLink
>> Bus 002 Device 004: ID 2109:8110 VIA Labs, Inc. Hub
>> Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
>> Bus 001 Device 008: ID 1a40:0101 Terminus Technology Inc. Hub
>> Bus 001 Device 007: ID 2109:2811 VIA Labs, Inc. Hub
>
> Ah, hmm, interesting. Which device is this precisely? Have an amazon
> link or so? The output above suggests the device is not nicely
> recognizable unfortunately.

amazon[0]
>
> Could you redo the output, and do this with "lsusb -v" this time? That
> shows more information about the USB descriptor of the device.


Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Couldn't open device, some information will be missing
Device Descriptor:
  bLength18
  bDescriptorType 1
  bcdUSB   3.00
  bDeviceClass9 Hub
  bDeviceSubClass 0 Unused
  bDeviceProtocol 3
  bMaxPacketSize0 9
  idVendor   0x1d6b Linux Foundation
  idProduct  0x0003 3.0 root hub
  bcdDevice4.01
  iManufacturer   3
  iProduct2
  iSerial 1
  bNumConfigurations  1
  Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength   31
bNumInterfaces  1
bConfigurationValue 1
iConfiguration  0
bmAttributes 0xe0
  Self Powered
  Remote Wakeup
MaxPower0mA
Interface Descriptor:
  bLength 9
  bDescriptorType 4
  bInterfaceNumber0
  bAlternateSetting   0
  bNumEndpoints   1
  bInterfaceClass 9 Hub
  bInterfaceSubClass  0 Unused
  bInterfaceProtocol  0 Full speed (or root) hub
  iInterface  0
  Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81  EP 1 IN
bmAttributes3
  Transfer TypeInterrupt
  Synch Type   None
  Usage Type   Data
wMaxPacketSize 0x0004  1x 4 bytes
bInterval  12
bMaxBurst

-

Bus 002 Device 009: ID 17e9:4323 DisplayLink
Device Descriptor:
  bLength18
  bDescriptorType 1
  bcdUSB   3.00
  bDeviceClass  239 Miscellaneous Device
  bDeviceSubClass 2 ?
  bDeviceProtocol 1 Interface Association
  bMaxPacketSize0 9
  idVendor   0x17e9 DisplayLink
  idProduct  0x4323
  bcdDevice1.00
  iManufacturer   1
  iProduct2
  iSerial 3
  bNumConfigurations  1
  Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength  627
bNumInterfaces  7
bConfigurationValue 1
iConfiguration  0
bmAttributes 0xe0
  Self Powered
  Remote Wakeup
MaxPower2mA
Interface Descriptor:
  bLength 9
  bDescriptorType 4
  bInterfaceNumber0
  bAlternateSetting   0
  bNumEndpoints   4
  bInterfaceClass   255 Vendor Specific Class
  bInterfaceSubClass  0
  bInterfaceProtocol  3
  iInterface  0
  ** UNRECOGNIZED:  0c 5f 01 00 0a 00 04 04 01 00 04 00
  Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x02  EP 2 OUT
bmAttributes2
  Transfer TypeBulk
  Synch Type   None
  Usage Type   Data
wMaxPacketSize 0x0400  1x 1024 bytes
bInterval   0
bMaxBurst   0
  Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x08  EP 8 OUT
bmAttributes2
  Transfer TypeBulk
  Synch Type   None
  Usage Type   Data
wMaxPacketSize 0x0400  1x 1024 bytes
bInterval   0
bMaxBurst   0
  Endpoint Descriptor:
bLength

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 13:14, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

> On Sun, Sep 6, 2015 at 1:08 PM, Lennart Poettering
>  wrote:
> > On Sun, 06.09.15 13:01, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
> >
> >> On Sun, Sep 6, 2015 at 12:53 PM, Lennart Poettering
> >>  wrote:
> >> > On Thu, 03.09.15 13:26, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
> >> >
> >> >> I plan to use the systemd mutli-seat features, but I am not sure at
> >> >> all how I must proceed and in waht order. I understand the main
> >> >> principle for mouse and keyboard: detect the device then
> >> >> $ loginctl attach seatNumber DevicePath
> >> >> As for the graphic card, I am lost.
> >> >>
> >> >> OS: Fedora 22
> >> >> gdm
> >> >> 1 nvidia card
> >> >> 1 USB3 plugable dockin station for the second monitor
> >> >
> >> > I presume this hardware is not marked for "auto seat" yet, using
> >> > udev's ID_AUTO_SEAT property. If you let me know USB product and
> >> > vendor id of this device (as reported by lsusb in hex) I'll add it to
> >> > the default rules files. If that's done then just plugging in the
> >> > device will make it a new seat, without any configuration.
> >>
> >>
> >> Bus 002 Device 005: ID 17e9:4323 DisplayLink
> >
> > The docking station probably is an USB hub with the displaylink device
> > connected to it. the vendor/product ID i am interested in is the id of
> > that hub, i.e. the top-level device in the docking station device.
> 
> If it can help, here is the udev rule and service shipped with the rpm:
> 
> displaylink.service
> ---
> [Unit]
> Description=DisplayLink Manager Service
> After=display-manager.service
> Conflicts=getty@tty7.service
> 
> [Service]
> ExecStartPre=/sbin/modprobe evdi
> ExecStart=/usr/lib/displaylink/DisplayLinkManager
> Restart=always
> WorkingDirectory=/usr/lib/displaylink
> RestartSec=5
> 
> 
> /etc/udev/rules.d/99-displaylink.rules
> ACTION=="add", SUBSYSTEM=="usb", ENV{ID_VENDOR}=="DisplayLink",
> MODE="0660", RUN+="/bin/systemctl start displaylink.service"
> ACTION=="remove", SUBSYSTEM=="usb", ENV{ID_VENDOR}=="DisplayLink",
> RUN+="/bin/systemctl stop displaylink.service"

That's awfully generic...

I'd really just be interested in vendor/product ids if the usb hub
that is built into your docking station, where the display link is
connected to.

If in doubt, please run "lsusb" once before you plug in the device,
and once after you plug it in, and let me know the difference: all the
lines that appeared in the output by plugging it in.

Thanks,

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] journald does not support syslog?

2015-09-06 Thread dE 

On 09/06/2015 07:05 PM, Lennart Poettering wrote:

On Sun, 06.09.15 18:20, dE (de.tec...@gmail.com) wrote:


On 09/06/2015 06:00 PM, Michael Chapman wrote:

On Sun, 6 Sep 2015, dE wrote:

Hello all!

As per the systemd-journald man page,


It creates and maintains
   structured, indexed journals based on logging information that
is received from a variety of sources:
Simple system log messages, via the libc syslog(3) call

Unfortunately I did not find any configuration parameter to make
systemd-journald listen on a unix/network socket for syslog messages,
making me high suspicious of this claim.

So final question is -- How do you make journald listen for syslog
messages via syslog protocol?

See the systemd-journal-dev-log.socket unit on your system (it's mentioned
in that manpage). This socket is passed to journald when it's started. The
socket unit should be enabled and acive on any standard systemd
installation.

- Michael

Yes, I got that socket (/run/systemd/journal/dev-log).

However /dev/log is not present (it's not made by default) and ss -xnlp does
not list /run/systemd/journal/dev-log or it's corresponding inode as being
listened by any program.

Anyway, thanks for helping out. I've made the /dev/log symlink and now it
works.

If the symlink is missing then something on your system must be
actively deleting it. systemd-journald-dev-log.socket contains
Symlinks=/dev/log to ensure the symlink is created as ĺong as the
socket for it is up.

Lennart



Yeah, that's the problem. That's why I said /dev/log is not present.

For the record I'm using Gentoo. So maybe some build time FEATURE is 
missing.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Controlling user processes with systemd+cgroups

2015-09-06 Thread Lennart Poettering 
On Thu, 03.09.15 14:57, Benjamin Rose (benr...@math.princeton.edu) wrote:

> As far as I can tell, systemd-logind when included through PAM, only makes a
> cgroup like "user-" under the user slice. But I am looking to make this
> based not only on user ID, but also group ID. Is there any way to achieve
> all of this within systemd? 

This is currently not possible, but certainly something we'd like to
cover eventually. The way we'd like to see this implemented someday
though is through an extensible user database that actually would
allow us to attach slice information to a user directly. 

Currently, because we have no way to store nicely for each user which
slice it shall be attached to we will attach all logged in users to
the same "user.slice". In an ideal world, where the user database is
synchronized from an LDAP server the slice information belongs onto
the LDAP server as well. However, there's no commonly accepted
implementation and API for this on Linux, which we could use to query
such an additional user field from logind.

Ultimately our goal is that you build your tree of slices, and then
freely attach users, services, containers, VMs to these slices at the
places you want them. You can already do that nicely for services and
containers (at least for nspawn containers), but for users this is
really missing.

Sorry,

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] user sessions and remote logins

2015-09-06 Thread Lennart Poettering 
On Sat, 05.09.15 22:49, Chaiken, Alison (ali...@she-devel.com) wrote:

> With systemd-225, when I login to a host from the console or any text
> VT, 'loginctl list-sessions' and 'echo $XDG_SESSION_COOKIE' prints a
> long hash. Each VT login creates a new session. 
> 
> When I ssh into the same host from a remote, 'loginctl list-sessions'
> shows that no new session is created, and XDG_SESSION_COOKIE variable is
> unset. 

Yeah, this should have the same effect. Maybe "pam_systemd" is missing
from the PAM configuration for your ssh? Or maybe you are running a
system where PAM is turned off entirely for ssh? Which distro is this?

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] machinectl shell problems

2015-09-06 Thread Lennart Poettering 
On Sat, 05.09.15 13:48, Michał Zegan (webczat_...@poczta.onet.pl) wrote:

> Hello.
> 
> I have a kvm vps running archlinux with systemd-225, I have just upgraded
> systemd and probably restarted most of the systemd components.
> I am trying machinectl shell from my ordinary user session over ssh. it
> gives me the possibility to authenticate as admin, then says that it
> connected to the local host. But, it disconnects immediately.
> The message in the journal says:
> container-shell@5.service: Failed at step STDIN spawning /bin/sh: No such
> file or directory
> 
> Is it my fault or a systemd bug?

This should be fixed in systemd git. Also, we'll do a new release very
soon where that's fixed.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH] hwdb: Add Thinkpad T550 / W550s to 70-pointingstick.hwdb

2015-09-06 Thread Lennart Poettering 
On Fri, 04.09.15 15:20, Hans de Goede (hdego...@redhat.com) wrote:

> Like many other recent thinkpads the factory default pointingstick
> sensitivity on these devices is quite low, making the pointingstick
> very slow in moving the cursor.
> 
> This extends the existing hwdb rules for tweaking the sensitivity to
> also apply to the T550 / W550s models.
> 
> BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1200717

This was merged now via https://github.com/systemd/systemd/pull/1145

Thanks!

> ---
>  hwdb/70-pointingstick.hwdb | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/hwdb/70-pointingstick.hwdb b/hwdb/70-pointingstick.hwdb
> index a8c21a2..9d15173 100644
> --- a/hwdb/70-pointingstick.hwdb
> +++ b/hwdb/70-pointingstick.hwdb
> @@ -95,6 +95,8 @@ evdev:name:TPPS/2 IBM 
> TrackPoint:dmi:bvn*:bvr*:bd*:svnLENOVO:pn*:pvrThinkPadX240
>  evdev:name:TPPS/2 IBM 
> TrackPoint:dmi:bvn*:bvr*:bd*:svnLENOVO:pn*:pvrThinkPadT440s:*
>  # Lenovo Thinkpad T540p
>  evdev:name:TPPS/2 IBM 
> TrackPoint:dmi:bvn*:bvr*:bd*:svnLENOVO:pn*:pvrThinkPadT540p:*
> +# Lenovo Thinkpad T550 / W550s
> +evdev:name:TPPS/2 IBM 
> TrackPoint:dmi:bvn*:bvr*:bd*:svnLENOVO:pn*:pvrThinkPadT550:*
>POINTINGSTICK_SENSITIVITY=200
>POINTINGSTICK_CONST_ACCEL=1.0
>  
> -- 
> 2.4.3
> 
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread Lennart Poettering 
On Thu, 03.09.15 13:26, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

> I plan to use the systemd mutli-seat features, but I am not sure at
> all how I must proceed and in waht order. I understand the main
> principle for mouse and keyboard: detect the device then
> $ loginctl attach seatNumber DevicePath
> As for the graphic card, I am lost.
> 
> OS: Fedora 22
> gdm
> 1 nvidia card
> 1 USB3 plugable dockin station for the second monitor

I presume this hardware is not marked for "auto seat" yet, using
udev's ID_AUTO_SEAT property. If you let me know USB product and
vendor id of this device (as reported by lsusb in hex) I'll add it to
the default rules files. If that's done then just plugging in the
device will make it a new seat, without any configuration.

> Nvidia driver (I would like to avoid using Nouveau if possible).

Well, the closed source nvidia driver won't work out of the box. Only
the DRM driver is supported nicely with logind, as it exposes proper
DRM APIs.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread arnaud gaboury 
On Sun, Sep 6, 2015 at 1:08 PM, Lennart Poettering
 wrote:
> On Sun, 06.09.15 13:01, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>
>> On Sun, Sep 6, 2015 at 12:53 PM, Lennart Poettering
>>  wrote:
>> > On Thu, 03.09.15 13:26, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>> >
>> >> I plan to use the systemd mutli-seat features, but I am not sure at
>> >> all how I must proceed and in waht order. I understand the main
>> >> principle for mouse and keyboard: detect the device then
>> >> $ loginctl attach seatNumber DevicePath
>> >> As for the graphic card, I am lost.
>> >>
>> >> OS: Fedora 22
>> >> gdm
>> >> 1 nvidia card
>> >> 1 USB3 plugable dockin station for the second monitor
>> >
>> > I presume this hardware is not marked for "auto seat" yet, using
>> > udev's ID_AUTO_SEAT property. If you let me know USB product and
>> > vendor id of this device (as reported by lsusb in hex) I'll add it to
>> > the default rules files. If that's done then just plugging in the
>> > device will make it a new seat, without any configuration.
>>
>>
>> Bus 002 Device 005: ID 17e9:4323 DisplayLink
>
> The docking station probably is an USB hub with the displaylink device
> connected to it. the vendor/product ID i am interested in is the id of
> that hub, i.e. the top-level device in the docking station device.

If it can help, here is the udev rule and service shipped with the rpm:

displaylink.service
---
[Unit]
Description=DisplayLink Manager Service
After=display-manager.service
Conflicts=getty@tty7.service

[Service]
ExecStartPre=/sbin/modprobe evdi
ExecStart=/usr/lib/displaylink/DisplayLinkManager
Restart=always
WorkingDirectory=/usr/lib/displaylink
RestartSec=5


/etc/udev/rules.d/99-displaylink.rules
ACTION=="add", SUBSYSTEM=="usb", ENV{ID_VENDOR}=="DisplayLink",
MODE="0660", RUN+="/bin/systemctl start displaylink.service"
ACTION=="remove", SUBSYSTEM=="usb", ENV{ID_VENDOR}=="DisplayLink",
RUN+="/bin/systemctl stop displaylink.service"

I don't have right now acsess to the box. Will post $ lsusb output later
>
> Lennart
>
> --
> Lennart Poettering, Red Hat



-- 

google.com/+arnaudgabourygabx
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] journald does not support syslog?

2015-09-06 Thread dE 

Hello all!

As per the systemd-journald man page,


It creates and maintains
   structured, indexed journals based on logging information that 
is received from a variety of sources:

Simple system log messages, via the libc syslog(3) call


Unfortunately I did not find any configuration parameter to make 
systemd-journald listen on a unix/network socket for syslog messages, 
making me high suspicious of this claim.


So final question is -- How do you make journald listen for syslog 
messages via syslog protocol?

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] journald does not support syslog?

2015-09-06 Thread Michael Chapman 

On Sun, 6 Sep 2015, dE wrote:

Hello all!

As per the systemd-journald man page,


It creates and maintains
   structured, indexed journals based on logging information that is 
received from a variety of sources:

Simple system log messages, via the libc syslog(3) call


Unfortunately I did not find any configuration parameter to make 
systemd-journald listen on a unix/network socket for syslog messages, making 
me high suspicious of this claim.


So final question is -- How do you make journald listen for syslog messages 
via syslog protocol?


See the systemd-journal-dev-log.socket unit on your system (it's mentioned 
in that manpage). This socket is passed to journald when it's started. The 
socket unit should be enabled and acive on any standard systemd 
installation.


- Michael
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH] udev: build by-path identifiers for ATA

2015-09-06 Thread Lennart Poettering 
On Fri, 04.09.15 10:59, David Milburn (dmilb...@redhat.com) wrote:

Please file this issue as github PR:

https://github.com/systemd/systemd

>  
> +static struct udev_device *handle_scsi_ata(struct udev_device *parent, char 
> **path)
> +{

Please reading CODING_STYLE. We tend to place the opening bracket on
the same line as the function name.

> + struct udev *udev  = udev_device_get_udev(parent);
> + struct udev_device *targetdev;
> + struct udev_device *target_parent;
> + struct udev_device *atadev;
> + const char *port_no;
> +
> + targetdev = udev_device_get_parent_with_subsystem_devtype(parent, 
> "scsi", "scsi_host");
> + if (targetdev == NULL)
> + return NULL;

Usually, we don' compare explicitly with NULL.

> +
> + target_parent = udev_device_get_parent(targetdev);
> + if (target_parent == NULL)
> + return NULL;
> +
> + atadev = udev_device_new_from_subsystem_sysname(udev, "ata_port",
> + 
> udev_device_get_sysname(target_parent));
> + if (atadev == NULL)
> + return NULL;
> +
> + port_no = udev_device_get_sysattr_value(atadev, "port_no");
> + if (port_no == NULL) {
> + parent = NULL;
> + goto out;
> + }
> + path_prepend(path, "ata-%s", port_no);
> +out:
> +udev_device_unref(atadev);
> +return parent;

Indentation is borked... Needs to be 8ch all the way.

> +}
> +
>  static struct udev_device *handle_scsi_default(struct udev_device *parent, 
> char **path)
>  {

This is indication that the patch is not against git master, as this
has been reindented a while back to put the bracket on the same line
as the function name (see above). Please file these things as PRs,
which will catch these issues right away, as the patch is then checked
and test-built just by submitting it.

Thanks,

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread arnaud gaboury 
On Sun, Sep 6, 2015 at 12:53 PM, Lennart Poettering
 wrote:
> On Thu, 03.09.15 13:26, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>
>> I plan to use the systemd mutli-seat features, but I am not sure at
>> all how I must proceed and in waht order. I understand the main
>> principle for mouse and keyboard: detect the device then
>> $ loginctl attach seatNumber DevicePath
>> As for the graphic card, I am lost.
>>
>> OS: Fedora 22
>> gdm
>> 1 nvidia card
>> 1 USB3 plugable dockin station for the second monitor
>
> I presume this hardware is not marked for "auto seat" yet, using
> udev's ID_AUTO_SEAT property. If you let me know USB product and
> vendor id of this device (as reported by lsusb in hex) I'll add it to
> the default rules files. If that's done then just plugging in the
> device will make it a new seat, without any configuration.


Bus 002 Device 005: ID 17e9:4323 DisplayLink

I installed a .rpm package proposed in this Fedora forum thread[0], as
there was no Linux driver for the USB3 plugable dockin station[1]
>
>> Nvidia driver (I would like to avoid using Nouveau if possible).
>
> Well, the closed source nvidia driver won't work out of the box. Only
> the DRM driver is supported nicely with logind, as it exposes proper
> DRM APIs.
>
> Lennart
>
> --
> Lennart Poettering, Red Hat

[0]http://www.displaylink.org/forum/showthread.php?t=64026
[1]http://www.amazon.com/gp/product/B00ECDM78E?redirect=true_=cm_cr_ryp_prd_ttl_sol_0

-- 

google.com/+arnaudgabourygabx
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 13:01, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

> On Sun, Sep 6, 2015 at 12:53 PM, Lennart Poettering
>  wrote:
> > On Thu, 03.09.15 13:26, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
> >
> >> I plan to use the systemd mutli-seat features, but I am not sure at
> >> all how I must proceed and in waht order. I understand the main
> >> principle for mouse and keyboard: detect the device then
> >> $ loginctl attach seatNumber DevicePath
> >> As for the graphic card, I am lost.
> >>
> >> OS: Fedora 22
> >> gdm
> >> 1 nvidia card
> >> 1 USB3 plugable dockin station for the second monitor
> >
> > I presume this hardware is not marked for "auto seat" yet, using
> > udev's ID_AUTO_SEAT property. If you let me know USB product and
> > vendor id of this device (as reported by lsusb in hex) I'll add it to
> > the default rules files. If that's done then just plugging in the
> > device will make it a new seat, without any configuration.
> 
> 
> Bus 002 Device 005: ID 17e9:4323 DisplayLink

The docking station probably is an USB hub with the displaylink device
connected to it. the vendor/product ID i am interested in is the id of
that hub, i.e. the top-level device in the docking station device.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Systemd 226: Neither machinectl login nor machinectl shell works

2015-09-06 Thread Lennart Poettering 
On Sat, 05.09.15 16:20, Tobias Hunger (tobias.hun...@gmail.com) wrote:

> Hello,
> 
> I just upgraded to systemd 226 in the hope that machinectl shell will
> work better for me than machinectl login. Unfortunately it is not and
> machinectl login is also unusable:-/
> 
> Both produce the "Connected to machine X. Press ^] three times within
> 1s to exit session" line and then just sit there.
> 
> In the host machine journal I get: "X login:" followed by the issue
> text of the machine. Both lines are logged by systemd-nspawn running
> the container.
> 
> "strace machinectl shell machine" produces several messages like these
> per second:
> 
> clock_gettime(CLOCK_BOOTTIME, {43??, 573??}, 9, -1) = 1
> epoll_wait(4, {{EPOLLOUT, {u32=, u64=}}, 9, -1) = 1
> 
> Linebreaks got broken in strace output and I fixed those for this mail.
> 
> Any ideas?
> 
> Both host and container are running 64bit Arch Linux using systemd 226
> from the arch packages.

This should be fixed with git now. And we'll do a new release very
soon now.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Systemd user service needs to wait for encrypted $HOME to be decrypted

2015-09-06 Thread Lennart Poettering 
On Fri, 04.09.15 21:10, John (da_audioph...@yahoo.com) wrote:

> Assuming a user has an encrypted $HOME, I need a user service that will:
> 
> 
> 1) Wait for the $HOME to be decrypted, then run ExecStart, and
> 2) Run ExecStop before the user closes the encryption again.
> 3) Totally ignore the encryption requirement if the user has no
> encryption setup, ie just run normally.

But you want to do all this from the system instance of systemd?

How do you encrypt your $HOME? With LUKS? How is that set up? Only
/home or actually /home/$USER?

> RequiresMountsFor=/home/

This line should actually be all you need to make this work, as long
as /home is on LUKS.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] journald does not support syslog?

2015-09-06 Thread Michael Chapman 

On Sun, 6 Sep 2015, dE wrote:

Yes, I got that socket (/run/systemd/journal/dev-log).

However /dev/log is not present (it's not made by default)


It should be, the unit contains:

  [Socket]
  ...
  Symlinks=/dev/log
  ...

- Michael
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 18:24, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

> On Sun, Sep 6, 2015 at 5:22 PM, Lennart Poettering
>  wrote:
> > On Sun, 06.09.15 16:31, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
> >
> > I fear this newer Plugable device is not as carefully designed as the
> > older ones, and uses non-recognizable vendor/product  ids... Thus we
> > cannot really add an ID_AUTO_SEAT rule from upstream for it. Pity.
> 
> I am afraid you are right. I have tried all kind of possibilities and
> with nouveau driver. All tests point to the creation of seat but left
> me with a black screen for monitor of seat1.

Hmm? the ID_AUTO_SEAT stuff is just sugar on top, to make sure that
the multiseat hw just works, without requiring any configuration. 

Without it it just means you have to manually assign devices to a
seat, that's all.

Nouveau is a driver for PCI hardware, not for the usb displaylink.

Before thinking of putting together seats, try to make the displaylink
hw work at all, so that you get something on screen. How to do that is
out of scope for systemd I fear though, can't help you much with that.

In general: systemd just keeps a database of what hw belongs to which
seat, that's all. Drivers and access to the devices are done in the
kernel and X11, and systemd has nothing to do with that really.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread arnaud gaboury 
On Sun, Sep 6, 2015 at 6:53 PM, Lennart Poettering
 wrote:
> On Sun, 06.09.15 18:24, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>
>> On Sun, Sep 6, 2015 at 5:22 PM, Lennart Poettering
>>  wrote:
>> > On Sun, 06.09.15 16:31, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>> >
>> > I fear this newer Plugable device is not as carefully designed as the
>> > older ones, and uses non-recognizable vendor/product  ids... Thus we
>> > cannot really add an ID_AUTO_SEAT rule from upstream for it. Pity.
>>
>> I am afraid you are right. I have tried all kind of possibilities and
>> with nouveau driver. All tests point to the creation of seat but left
>> me with a black screen for monitor of seat1.
>
> Hmm? the ID_AUTO_SEAT stuff is just sugar on top, to make sure that
> the multiseat hw just works, without requiring any configuration.

Yes, I understood that and try to configure by hand
>
> Without it it just means you have to manually assign devices to a
> seat, that's all.

$ loginctl attache ...
That's what I tried
>
> Nouveau is a driver for PCI hardware, not for the usb displaylink.
So good, I booted back to Nvidia driver and blacklisted nouveau.
>
> Before thinking of putting together seats, try to make the displaylink
> hw work at all, so that you get something on screen.

Yes I will

 How to do that is
> out of scope for systemd I fear though, can't help you much with that.
>
> In general: systemd just keeps a database of what hw belongs to which
> seat, that's all. Drivers and access to the devices are done in the
> kernel and X11, and systemd has nothing to do with that really.

Looking at this thread[0], it seems the udev rules I use is not good.
I decompressed the Ubuntu package[1] to see how I can modify the rule.

[0]http://support.displaylink.com/forums/287786-displaylink-feature-suggestions/suggestions/7988955-support-linux-on-all-your-devices?page=1_page=20
[1]http://support.displaylink.com/knowledgebase/articles/683482
>
> Lennart
>
> --
> Lennart Poettering, Red Hat



-- 

google.com/+arnaudgabourygabx
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 16:31, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

I fear this newer Plugable device is not as carefully designed as the
older ones, and uses non-recognizable vendor/product  ids... Thus we
cannot really add an ID_AUTO_SEAT rule from upstream for it. Pity.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] containers

2015-09-06 Thread Michał Zegan 

Hello.

Is systemd-nspawn intended to eventually become usable for full system 
containers/general use with enough security to run things like vps 
hosting? How much is missing to be able to do that, or maybe it already 
can? Like you have user namespaces support that probably adds more 
security in addition to other namespaces, not sure though.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] containers

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 17:49, Michał Zegan (webczat_...@poczta.onet.pl) wrote:

> Hello.
> 
> Is systemd-nspawn intended to eventually become usable for full system
> containers/general use with enough security to run things like vps hosting?
> How much is missing to be able to do that, or maybe it already can? Like you
> have user namespaces support that probably adds more security in addition to
> other namespaces, not sure though.

Well, Linux containers are currently not a security technology, and
you really shouldn't mistake them for one.

But yes, we'll close the biggest holes as we can, and the intention is
certainly to make it hard to escape containers.

nspawn supports user namespaces, but I don't think they are
practically usable, since there's no logic for automatically
allocating user id ranges, and file systems have to be altered to make
them compatible with user namespacing. We'd like to improve the
situation there, but this requires more kernel work.

The focus with nspawn is indeed on full system containers
(i.e. containers running an init system in them), and explicitly not
so much "micro service" virtualization a la docker.

To dogfood myself I run my own dedicated server in an nspawn-based
solution, and I am pretty happy with it.

Note that nspawn + machined is not supposed to be a complete
deployment solution, it focuses on the execution runtime of the
container locally and it does not and will not do orchestration of
containers across a whole cluster, or update/lifecycle management. Use
rkt (which builds on nspawn) for that.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Controlling user processes with systemd+cgroups

2015-09-06 Thread Michał Zegan 
Well, actually I believe you could mess with unit configuration 
overrides, couldn't you?
I was experimenting once by giving the user test 1% of cpu using cgroup 
controls.


W dniu 06.09.2015 o 16:14, Lennart Poettering pisze:

On Thu, 03.09.15 14:57, Benjamin Rose (benr...@math.princeton.edu) wrote:


As far as I can tell, systemd-logind when included through PAM, only makes a
cgroup like "user-" under the user slice. But I am looking to make this
based not only on user ID, but also group ID. Is there any way to achieve
all of this within systemd?

This is currently not possible, but certainly something we'd like to
cover eventually. The way we'd like to see this implemented someday
though is through an extensible user database that actually would
allow us to attach slice information to a user directly.

Currently, because we have no way to store nicely for each user which
slice it shall be attached to we will attach all logged in users to
the same "user.slice". In an ideal world, where the user database is
synchronized from an LDAP server the slice information belongs onto
the LDAP server as well. However, there's no commonly accepted
implementation and API for this on Linux, which we could use to query
such an additional user field from logind.

Ultimately our goal is that you build your tree of slices, and then
freely attach users, services, containers, VMs to these slices at the
places you want them. You can already do that nicely for services and
containers (at least for nspawn containers), but for users this is
really missing.

Sorry,

Lennart



___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Controlling user processes with systemd+cgroups

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 17:05, Michał Zegan (webczat_...@poczta.onet.pl) wrote:

> Well, actually I believe you could mess with unit configuration overrides,
> couldn't you?
> I was experimenting once by giving the user test 1% of cpu using cgroup
> controls.

Well, you can of course configure limits on individual sessions,
per-user and for all users combined, by using "systemctl set-property"
on the session scope unit, the per-user slice unit, or the
"user.slice" unit, respectively. However, what Benjamin tries to do
(as far as I understood it) is to introduce groups that combine the
resources of multiple users into one, and can have limits on
them. Now, the slice concept would allow that, but there's no nice way
to tell logind to place specific users in specific slices, they all
end up below user.slice and that's it.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Controlling user processes with systemd+cgroups

2015-09-06 Thread Michał Zegan 
if you would override the slice in the unit file using override files it 
would not work?
Also not sure, I think I understand the question as "how to create 
cgroup per user group" but well, I may understand it wrong.


W dniu 06.09.2015 o 17:25, Lennart Poettering pisze:

On Sun, 06.09.15 17:05, Michał Zegan (webczat_...@poczta.onet.pl) wrote:


Well, actually I believe you could mess with unit configuration overrides,
couldn't you?
I was experimenting once by giving the user test 1% of cpu using cgroup
controls.

Well, you can of course configure limits on individual sessions,
per-user and for all users combined, by using "systemctl set-property"
on the session scope unit, the per-user slice unit, or the
"user.slice" unit, respectively. However, what Benjamin tries to do
(as far as I understood it) is to introduce groups that combine the
resources of multiple users into one, and can have limits on
them. Now, the slice concept would allow that, but there's no nice way
to tell logind to place specific users in specific slices, they all
end up below user.slice and that's it.

Lennart



___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Controlling user processes with systemd+cgroups

2015-09-06 Thread Lennart Poettering 
On Sun, 06.09.15 17:44, Michał Zegan (webczat_...@poczta.onet.pl) wrote:

> if you would override the slice in the unit file using override files it
> would not work?

No it won't. Currently systemd hardcodes the slice and does not allow
it to be overriden.

> Also not sure, I think I understand the question as "how to create cgroup
> per user group" but well, I may understand it wrong.

well, yes, precisely, the question was regarding being able to have
explicit cgroups (in systemd that would be slices) for specific
groupings of users, and we don't support that right now.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multi seats setup How-to

2015-09-06 Thread arnaud gaboury 
On Sun, Sep 6, 2015 at 5:22 PM, Lennart Poettering
 wrote:
> On Sun, 06.09.15 16:31, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>
> I fear this newer Plugable device is not as carefully designed as the
> older ones, and uses non-recognizable vendor/product  ids... Thus we
> cannot really add an ID_AUTO_SEAT rule from upstream for it. Pity.

I am afraid you are right. I have tried all kind of possibilities and
with nouveau driver. All tests point to the creation of seat but left
me with a black screen for monitor of seat1.

The Fedora box is not at hand ans can't play with udev rules.

Thank you for your help, as usual.

>
> Lennart
>
> --
> Lennart Poettering, Red Hat



-- 

google.com/+arnaudgabourygabx
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel