[systemd-devel] how to set net_cls.classid cgroups argument for a service?
What is the recommended way to assign cgroups prop net_cls.classid to a systemd service? Seems that a rule of thumb that whatever service property that is supposed to be systemd-managed, got a property in service file. However, https://systemd.io/CGROUP_DELEGATION says that: >>This means systemd currently does not and will never manage the following controllers on cgroup v1: freezer, cpuset, net_cls, perf_event, net_prio, hugetlb. Do It mean I'm on my own and need to write a custom ExecStartPost shell script to handle cgroups creation and cleanup myself just to change a single cgroup argument? vers: centos7, systemd 219(old, but thats all that centos/rhel7 offers), cgroups v1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd-inhibit fails when run from a service file
Hello, I have a small perl program which downloads something. While downloading it inhibits (blocks) shutdown, reboot etc. The program runs as user "foo". Roughly the code is something like this: $ cat /home/foo/downloads/dnld.sh #!/bin/bash /usr/bin/systemd-inhibit --what=shutdown:sleep:idle:handle-power-key:handle-suspend-key:handle-hibernate-key:handle-lid-switch --who=Downloader '--why=Important download in progress' --mode=block /home/foo/downloads/dnld.pl This works fine when I run from a user foo's shell. $ /home/foo/downloads/dnld.sh & $ systemctl --dry-run suspend Operation inhibited by "Downloader" (PID 27441 "systemd-inhibit", user foo), reason is "Important download in progress". But now I call same script via dnld.service file. $ cat /etc/systemd/system/dnld.service [Unit] Description=Download files After=network.target [Service] User=foo Type=simple WorkingDirectory=/home/foo/downloads ExecStart=/home/foo/downloads/dnld.sh When I start the service it gives "Failed to inhibit: Access denied" error. # systemctl start dnld.service # journalctl -u dnld.service Nov 26 13:33:30 foo systemd[1]: Started Download files. Nov 26 13:33:30 foo dnld.sh[27745]: Failed to inhibit: Access denied Nov 26 13:33:30 foo systemd[1]: dnld.service: Main process exited, code=exited, status=1/FAILURE Nov 26 13:33:30 foo systemd[1]: dnld.service: Failed with result 'exit-code'. If I change code to not call systemd-inhibit: $ cat /home/foo/downloads/dnld.sh #!/bin/bash /home/foo/downloads/dnld.pl Then service file runs fine. # systemctl start dnld.service; sleep 30 # journalctl -u dnld.service Nov 26 13:50:17 foo systemd[1]: Started Download files. Nov 26 13:50:37 foo systemd[1]: dnld.service: Succeeded. So how do I allow systemd-inhibit call when a script is called via systemd instead of directly? Is this systemd bug or am I missing something in dnld.service file? Amish. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] How to compile systemd v219
On Di, 26.11.19 10:36, Ankele zhang (ankelezh...@gmail.com) wrote: > On CentOS7.6(3.10.0-957.el7.x86_64), I encrypt my root disk and I have to > enter my passphrase while booting my CentOS before mount root disk. Now, I > want to hardcode the passphrase into the program, what should I do? > > I have tried to recompile `systemd` source V219 but I don not really > understand how to compile it correctly. So I test on > Fedora31(5.3.7-301.fc31.x86_64), compile `systemd` V243 and replace the > executable binary in initramfs-$(uname -r).img with the compiled > systemd-cryptsetup file. But it does not work. Make sure to compile centos 7 systemd with a centos 7 compiler/linker, on centos 7. "yum builddep" can help you install all dependencies you need. That said, for your usecase, just use a keyfile, no need to recompile. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel