[systemd-devel] System halt on service stop
Hello all I'd like to find a clean way to halt a systemd system (actually, a Docker container) when a main service stops (not just on failure). I tried Conflicts=systemd-halt.service and calling shutdown from ExecStopPost= but it seems both cause problems, since I end up with a stop job for my service that takes 90 seconds to time out, instead of taking down the system immediately. What is the right way to achieve this? [Unit] Description=sleeper [Service] ExecStart=/bin/sleep 10 ExecStopPost=/sbin/shutdown -h now [Install] WantedBy=default.target Cheers Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] disabling shared mount propagation
Hello all This change, which made mount propagation default to shared: http://cgit.freedesktop.org/systemd/systemd/commit/?id=b3ac5f8cb98757416d8660023d6564a7c411f0a0 and which went into Fedora 17 in January 2013: http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095395.html is causing some headaches with some services of ours that use unshare to get a new mount namespace and make some private mounts which we don't want propagated. For now, we'd simply like to revert to private mount propagation. A code comment in the change says: If specific setups need other settings they can reset the propagation mode to private if needed. What is the recommended way to do this during early boot? Was the fstab way of doing it (mentioned in the Git commit message) ever implemented? More details: We need to reset this before any of our services run. We are activating services to manage individual disks with SYSTEMD_WANTS via udev, which includes mounting the file system in a private mount namespace, via a unshare in the ExecStart= part. One hack would be to have this unit do ExecStartPre=mount --make-rprivate / but that seems quite gross. Any advice appreciated. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] OnFailure= and killing services
Hello all A question about a slightly older version of systemd. We are running systemd-37-25.fc16.x86_64. We have a service called alarmist with a .service file like so: [Unit] Description=Raise alarms for %i DefaultDependencies=no [Service] Type=oneshot TimeoutSec=0 ExecStart=-/path/to/alarmist -service=%i The idea is that alarmist is run whenever another service fails. Other services look like this: [Unit] OnFailure=alarmist@foo.service [Service] RestartSec=10 Restart=always If we kill -9 a foo process, it seems that the OnFailure= that runs alarmist only triggers just before systemd restarts foo, not immediately when foo dies. Is this the expected behaviour? If not, is this something that might have been fixed by a newer systemd? Thanks! Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] PrivateTmp and hugepages
Hello all We'd like to launch some processes in a private mount namespace so that they can each use a limited amount of private hugepages without running as root. The idea was to use PrivateTmp=true to get systemd to call unshare for us and then configure the service with: PermissionsStartOnly=true ExecStartPre=/bin/mount -t hugetlbfs none /dev/hugepages -o 'size=2G,pagesize=2M' The nice thing about this is that you could configure the amount of hugepages a service gets using an EnvironmentFile. At this point we would also have to set permissions on the hugepages mount point so that the service's user can read/write files in the hugepages directory. I don't know if the permissions changes to the mount point directory will be visible outside the mount namespace? Anyway, we ran into some other issues before we got here: 1. systemd doesn't seem to clean up the /tmp/systemd-namespace-* directories when a service exits. 2. The operations for setting up a PrivateTmp doesn't seem to work if systemd is running directly inside an initramfs. We see: unshare(CLONE_NEWNS) = 0 mount(NULL, /, NULL, MS_REC|MS_SLAVE, NULL) = 0 mount(/, /tmp/systemd-namespace-yqotDP/root/, NULL, MS_BIND|MS_REC, NULL) = -1 EINVAL (Invalid argument) Something seems to go wrong here. Any idea why the bind mount doesn't like a initramfs root? This experience has also made me think that systemd could benefit from a general Unshare= setting so that IPC, network and mount namespaces can all be controlled for a service. Any feedback appreciated. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd hang on reboot
Hello On Mon, Apr 2, 2012 at 10:33 PM, Lennart Poettering lenn...@poettering.net wrote: What is supposed to happen next in the shutdown process? Is there any way we can get more debugging info to find out why it is hanging? If debug mode is enabled systemd will dump the transaction it is about to execute before it executes it. You should look for that output between Trying to enqueue till Enqueued... for the specific shutdown target you are using (poweroff.target most likely). Then, strike of that list everything that is successfully shutdown and you should have an idea what is remaining. Thanks for the help. If I understand correctly, our problem was caused by an OnFailure= service that didn't have DefaultDependencies=no, so it was trying to bring the system back up while it was shutting down. Cheers Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd hang on reboot
Hello all We have a problem with machines running systemd-37-15.fc16.x86_64 hanging on reboot. We have a system that boots from an initramfs based on F16. Nothing much more special than yum --installroot and making a cpio archive out of it. We use the following kernel options that might be pertinent: plymouth.enable=0 readonlyroot systemd.log_level=debug systemd.log_target=kmsg Before trying to reboot, we stop all non-essential services, and unmount all file systems (just in case something there was causing problems). All that's left over when we hit shutdown -r is our read-only initramfs and a few main Fedora services. We were able to capture the systemd debugging logging towards the end of the shutdown process using netconsole: systemd[1]: Job mdmonitor-takeover.service/stop finished, result=done type=1130 audit(1333039788.810:1424): pid=0 uid=0 auid=4294967295 ses=4294967295 msg=': comm=mdmonitor-takeover exe=/bin/systemd hostname=? addr=? terminal=? res=success' type=1131 audit(1333039788.827:1425): pid=0 uid=0 auid=4294967295 ses=4294967295 msg=': comm=mdmonitor-takeover exe=/bin/systemd hostname=? addr=? terminal=? res=success' systemd[1]: systemd-sysctl.service changed exited - dead systemd[1]: Job systemd-sysctl.service/stop finished, result=done systemd[1]: systemd-modules-load.service changed exited - dead systemd[1]: Job systemd-modules-load.service/stop finished, result=done type=1130 audit(1333039788.908:1428): pid=0 uid=0 auid=4294967295 ses=4294967295 msg=': comm=systemd-modules-load exe=/bin/systemd hostname=? addr=? terminal=? res=success' type=1131 audit(1333039788.925:1429): pid=0 uid=0 auid=4294967295 ses=4294967295 msg=': comm=systemd-modules-load exe=/bin/systemd hostname=? addr=? terminal=? res=success' systemd[1]: swap.target changed active - dead systemd[1]: Job swap.target/stop finished, result=done systemd[1]: systemd-vconsole-setup.service changed exited - dead systemd[1]: Job systemd-vconsole-setup.service/stop finished, result=done systemd[1]: systemd-ask-password-wall.path changed waiting - dead systemd[1]: Job systemd-ask-password-wall.path/stop finished, result=done systemd[1]: Received SIGCHLD from PID 8066 (ck-log-system-s). systemd[1]: Got SIGCHLD for process 8066 (ck-log-system-s) systemd[1]: Child 8066 died (code=exited, status=0/SUCCESS) systemd[1]: Child 8066 belongs to console-kit-log-system-stop.service systemd[1]: console-kit-log-system-stop.service: main process exited, code=exited, status=0 systemd[1]: console-kit-log-system-stop.service changed start - dead systemd[1]: Job console-kit-log-system-stop.service/start finished, result=done systemd[1]: Accepted connection on private bus. systemd[1]: Accepted connection on private bus. systemd[1]: Got D-Bus request: org.freedesktop.systemd1.Agent.Released() on /org/freedesktop/systemd1/agent systemd[1]: console-kit-log-system-stop.service: cgroup is empty systemd[1]: Got D-Bus request: org.freedesktop.systemd1.Agent.Released() on /org/freedesktop/systemd1/agent systemd[1]: network.service: cgroup is empty systemd[1]: Got D-Bus request: org.freedesktop.DBus.Local.Disconnected() on /org/freedesktop/DBus/Local systemd[1]: Got D-Bus request: org.freedesktop.DBus.Local.Disconnected() on /org/freedesktop/DBus/Local What is supposed to happen next in the shutdown process? Is there any way we can get more debugging info to find out why it is hanging? Thanks! Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] MemoryLimit and MemorySoftLimit
Hello On Mon, Mar 26, 2012 at 11:44 AM, Manuel Amador rud...@rudd-o.com wrote: memorylimit and memorysoftlimit can be determined using the ulimit system call. Do you mean getrlimit? man 2 ulimit on F16 says it's not implemented. If it's getrlimit, is it RLIMIT_AS? you cannot detect when you've hit the soft limit other than by getting a NULL on malloc. Thanks. I guess I could just duplicate this info with an environment variable or parameter passed to the process. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] MemoryLimit and MemorySoftLimit
On Mon, Mar 26, 2012 at 4:46 PM, Lennart Poettering lenn...@poettering.net wrote: Also, is there some standard way for the app[M#O7lication to determine if a MemoryLimit= is configured? We might want to automatically size some buffers based on this limit. You can read /proc/self/cgroup. Find the line with :memory: there, then extract the path after the second :. Then use that path under /sys/fs/cgroup/memory and read the memory.soft_limit_in_bytes file in it. Sweet, thanks very much! Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH v3 3/4] manager: add a global watchdog reboot timestamp
Hello On Wed, Feb 1, 2012 at 11:24 PM, Chris Paulson-Ellis ch...@edesix.com wrote: On 01/02/12 19:05, Lennart Poettering wrote: (As I figured out newer Intel chipsets all have watchdogs now, so I am actually quite keen to see this implemented in systemd now, since I can actually test it.) Just a warning to anyone who's thinking of depending on the chipset watchdog... In my experience, many boards are not correctly wired up to reset properly when the chipset watchdog fires. Although it works most of the time, I've had boards hang under testing using the iTCO_wdt watchdog driver. Some more info: I've found that the Optimal Defaults BIOS option on some motherboards disables the iTCO_wdt watchdog. Luckily server boards usually also have an IPMI watchdog, which works great under Linux. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] socket failed to queue socket startup job: Transport endpoint is not connected
Hello all We've had a machine up for about 9 days with lots of connections to a socket unit: [Socket] ListenStream=2 Accept=yes MaxConnections=128 [Install] WantedBy=sockets.target We noticed today that the socket had stopped listening. syslog said: systemd[1]: foo.socket failed to queue socket startup job: Transport endpoint is not connected systemd[1]: Unit foo.socket entered failed state. systemctl status said: foo.socket Loaded: loaded (/etc/systemd/system/foo.socket; enabled) Active: failed since Wed, 18 Jan 2012 04:53:40 +; 5h 1min ago Accepted: 902; Connected: 0 What does this error mean? Should the socket be failing? We are running systemd v37 on Fedora 16. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl and detach in udev RUN
Hello On Thu, Oct 6, 2011 at 1:05 PM, Kay Sievers kay.siev...@vrfy.org wrote: On Thu, Oct 6, 2011 at 11:29, Albert Strasheim full...@gmail.com wrote: On Wed, Oct 5, 2011 at 4:10 PM, Albert Strasheim full...@gmail.com wrote: Hello all I have the following udev rule in a machine with a bunch of disks: SUBSYSTEM==block, KERNEL==sd*, TAG+=systemd, ACTION==add, RUN+=/bin/systemctl restart blockinit@%k.service To answer myself: systemctl has a --no-block option that seems like the right thing to do here. It doesn't sound right, to call systemd from udev context. You might want to try if: SYSTEMD_WANTS= (man systemd.device) works for you. I've tried SYSTEMD_WANTS in the past, but it doesn't quite do what I want. Usually when a device is re-added to the system, I want to restart the associated service. In some cases this might happen before the service itself has even detected that its device has disappeared (example: rmmod your SAS controller's module). I'm also not quite sure how SYSTEMD_WANTS deals with failed services: does it restart them if the device added again? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-logind bug in systemd v35
Hello On Wed, Oct 5, 2011 at 1:40 AM, Lennart Poettering lenn...@poettering.net wrote: On Tue, 04.10.11 15:40, Albert Strasheim (full...@gmail.com) wrote: Hello all I think we've found a bug in systemd-logind with systemd v35 (specifically, systemd-35-1.fc16.x86_64.rpm). After a few thousand ssh logins, we start seeing stuff like this in /var/log/secure: After a few thousand parallel ssh logins or one after the other? This really looks as if we are leaking file descriptors in some way. What's the contents of /proc/$(pidof systemd-logind)/fd/ if this happens? There's 1023 entries in that directory. What is the contents of /run/systemd/sessions/? There's about 2000 files in that directory. Filenames with numbers and the same number.ref. This is even when no-one is logged into the system. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-logind bug in systemd v35
Hello On Wed, Oct 5, 2011 at 1:40 AM, Lennart Poettering lenn...@poettering.net wrote: On Tue, 04.10.11 15:40, Albert Strasheim (full...@gmail.com) wrote: Hello all I think we've found a bug in systemd-logind with systemd v35 (specifically, systemd-35-1.fc16.x86_64.rpm). After a few thousand ssh logins, we start seeing stuff like this in /var/log/secure: After a few thousand parallel ssh logins or one after the other? Forgot to answer this one: this is only with a few parallel logins, but many logins over a period of hours. Which raises the question: what is systemd-logind going to do when more than 1024 users log in to a machine at the same time? Which raises the more general question: what will other services like systemd-stdout-syslog-bridge do when the number of processes that log go into the hundreds? I haven't thought about it carefully, but there seems to be some cases where one could run into the default limit of 1024 open files. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemctl and detach in udev RUN
Hello all I have the following udev rule in a machine with a bunch of disks: SUBSYSTEM==block, KERNEL==sd*, TAG+=systemd, ACTION==add, RUN+=/bin/systemctl restart blockinit@%k.service The blockinit service is a one-shot service that runs a program that checks if the block device matches some criteria (right size, etc.), formats it (if it doesn't have the right file system yet), fscks it (always) and mounts it. I always want this service to restart if a block device is added, because I want to deal with block devices that are unplugged and replugged, etc. Since it always fscks, the systemctl restart of the service takes about 20-30 seconds to complete. However, the udev manual page says: RUN - Add a program to the list of programs to be executed for a specific device. - This can only be used for very short running tasks. - Long running tasks need to be immediately detached from the event process itself. Is there a way systemd can help me to do this detaching? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd-logind bug in systemd v35
Hello all I think we've found a bug in systemd-logind with systemd v35 (specifically, systemd-35-1.fc16.x86_64.rpm). After a few thousand ssh logins, we start seeing stuff like this in /var/log/secure: Oct 4 13:34:29 next-10-221-0-2 sshd[568]: pam_systemd(sshd:session): Failed to create session: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. Oct 4 13:34:29 next-10-221-0-2 sshd[568]: pam_unix(sshd:session): session opened for user root by (uid=0) Oct 4 13:34:30 next-10-221-0-2 sshd[621]: pam_systemd(sshd:session): Failed to create session: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. Oct 4 13:34:30 next-10-221-0-2 sshd[621]: pam_unix(sshd:session): session opened for user root by (uid=0) Oct 4 13:34:31 next-10-221-0-2 sshd[1451]: Accepted password for root from 10.221.255.254 port 41899 ssh2 and strace on systemd-logind produces this: stat(/etc/localtime, {st_mode=S_IFREG|0644, st_size=118, ...}) = 0 sendmsg(3, {msg_name(0)=NULL, msg_iov(5)=[{27, 4}, {Oct 4 13:37:35 , 16}, {systemd-logind, 14}, {[2169]: , 8}, {Failed to save user data for root: Too many open files, 54}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 96 sendmsg(8, {msg_name(0)=NULL, msg_iov(2)=[{l\4\1\1=\0\0\0?\333 \3h\0\0\0\1\1o\0\27\0\0\0/org/freedesktop/login1\0\2\1s\0\36\0\0\0org.freedesktop.login1.Manager\0\0\3\1s\0\n\0\0\0SessionNew\0\0\0\0\0\0\10\1g\0\2so\0, 120}, {\10\0\0\0c6239507\0\0\0\0(\0\0\0/org/freedesktop/login1/session/c6239507\0, 61}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 181 sendmsg(8, {msg_name(0)=NULL, msg_iov(2)=[{l\4\1\0019\0\0\0@\333 \3~\0\0\0\1\1o\0\36\0\0\0/org/freedesktop/login1/user/0\0\0\2\1s\0\37\0\0\0org.freedesktop.DBus.Properties\0\3\1s\0\21\0\0\0PropertiesChanged\0\0\0\0\0\0\0\10\1g\0\10sa{sv}as\0\0\0, 144}, {\33\0\0\0org.freedesktop.login1.User\0\0\0\0\0\0\0\0\0\r\0\0\0\10\0\0\0Sessions\0, 57}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 201 fcntl(1023, F_DUPFD_CLOEXEC, 3) = -1 EMFILE (Too many open files) close(1023) = 0 Looks like systemd-logind isn't closing all its file descriptors under some circumstances. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Reusing stdout-syslog-bridge under sshd
Hello all We have the following situation: We have a service that is exposed through OpenSSH. The unit looks like this: [Unit] Description=bar Server [Service] ExecStart=-@/usr/sbin/sshd bar -ddd -i -f /etc/ssh/sshd_config_bar StandardInput=socket StandardOutput=socket StandardError=syslog [Install] Also=bar.socket Using the very cool ExecStart trick, we can put custom PAM configuration at /etc/pam.d/bar. As far as I understand, sshd logs to syslog directly so the StandardError=syslog has no effect. However, we can configure facility for sshd itself in our /etc/ssh/sshd_config_bar file. This file contains (amongst other things): SyslogFacility AUTHPRIV Subsystem bar /opt/bar/bin/bar Subsystem sftp internal-sftp Users of the bar service have a special shell configured to make the subsystem work. This shell starts the subsystem with stdin and stdout unchanged, so the bar program reads/writes data via the encrypted SSH connection. At the moment, the bar commands logs to stderr, which is also forwarded over the SSH connection to the client. However, I would like to send the stderr output from bar to syslog on the server as if it were started directly under systemd. Finally my question: is it possible for my custom shell to connect stderr of bar to stdout-syslog-bridge? Is this feasible, or was stdout-syslog-bridge designed to interact with systemd only? I've also looked at using logger in the util-linux package, but it isn't quite flexible enough. Also, our logging code already supports the facility/level prefix expected by stdout-syslog-bridge, so it would be nice to reuse the mechanism. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Reusing stdout-syslog-bridge under sshd
Hello On Wed, Sep 7, 2011 at 7:11 PM, Albert Strasheim full...@gmail.com wrote: Finally my question: is it possible for my custom shell to connect stderr of bar to stdout-syslog-bridge? Is this feasible, or was stdout-syslog-bridge designed to interact with systemd only? Okay, wow, that was easy: printf syslog\n134\nbar\n1\n134VERY\nNICE\n | strace -f socat STDIN UNIX-CONNECT:/run/systemd/logger My custom shell can open the UNIX socket to /run/systemd/logger, prime the connection by setting up the facility, etc and then pass the socket as stderr to the program being run. Could this interface be made part of the sd-daemon API? :-) Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] Fix typo in systemd manual page.
--- man/systemd.xml |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/man/systemd.xml b/man/systemd.xml index a11c96e..a8a6967 100644 --- a/man/systemd.xml +++ b/man/systemd.xml @@ -259,7 +259,7 @@ services and sockets, i.e. controls the default for optionStandardOutput=/option -resp. optionStandardExecute=/option +resp. optionStandardError=/option (see citerefentryrefentrytitlesystemd.exec/refentrytitlemanvolnum5/manvolnum/citerefentry for details). Takes one of -- 1.7.5.4 0001-Fix-typo-in-systemd-manual-page.patch Description: Binary data ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Restart and RestartSec in packaged .service files
Hello all I was wondering if there is some kind of guideline about whether packaged .service files in Fedora, etc. should specify Restart=, RestartSec=, etc. Most of the system services shipped with Fedora are quite stable, but it might be could to have Restarts in place for services that crash once every few weeks, or that fall prey to the OOM killer or a mistyped kill command. If the policy is not to include Restart= and RestartSec= by default, it might be nice to have a way to override them without having to override a large number of .service files with copies in /etc/systemd, which will have to be kept up-to-date with each distribution upgrade. Thoughts? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] sd-daemon documentation vs syslog log levels and facilities
Hello all We started using systemd's logging today, but the documentation tripped us up a bit and could perhaps be improved to help other users. The example in the sd-daemon manual page makes no mention of facilities. Thus we assumed that our logs would have the facility we configured in SyslogFacility of our .service and logged our messages with only a level, like in the example: fprintf(stderr, SD_NOTICE Hello World!\n); After lots of stracing, we finally discovered that if you do this, systemd uses the LOG_USER facility, instead of the one we configured in our .service file. Only once we had the full facility and log level in our prints did it behave as we had expected. The sd-daemon manual page should probably mention this, and maybe systemd could use the configured SyslogFacility if it detects that messages are being logged without a facility. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] SYSTEMD_WANTS and oneshot services
Hello On Tue, Aug 23, 2011 at 6:09 PM, Lennart Poettering lenn...@poettering.net wrote: On Sun, 21.08.11 14:01, Albert Strasheim (full...@gmail.com) wrote: Is there a way to always get this behavior? I'd like my network interfaces to be brought up regardless of how and when their modules are loaded. Hmm, can you run systemctl status on the service before you reload the kmod and paste the output here? Just to verify that the foo-net-em1.service Loaded: loaded (/etc/systemd/system/foo-net-em1.service) Active: active (exited) since Wed, 24 Aug 2011 12:30:08 +; 1min 49s ago Process: 1044 ExecStart=/sbin/ifup em1 (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/foo-net-em1.service service is properly stopped. Then, please set systemd.log_level=debug systemd.log_target=kmsg when reloading it. This will cause the transaction to be written to kmsg, please paste that as well. This should tell us what is included in the triggered transaction. When reloading the module, there is no transaction in the debug log. When I strace systemd, I can see that epoll returns and that systemd calls recvmsg twice for the netlink messages about the two network ports. systemd doesn't do anything else after that. At this point, a systemctl daemon-reload followed by a systemctl status still yields an active (exited) service. Reloading the module after the systemctl daemon-reload still does not rerun the service. I must then do systemctl stop foo-net-em1.service. Then systemctl status says: foo-net-em1.service Loaded: loaded (/etc/systemd/system/foo-net-em1.service) Active: inactive (dead) CGroup: name=systemd:/system/foo-net-em1.service If I then load the module again, I get the transaction as expected and the service is started again. Maybe the service should have a Requisite= on the sys-subsystem...device so that it is stopped when the device disappears? I tried this, but the subsystem alias still doesn't seem to work, even with the fixed udev rules. Thoughts? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] SYSTEMD_WANTS and oneshot services
Hello On Wed, Aug 24, 2011 at 2:04 PM, Lennart Poettering lenn...@poettering.net wrote: On Wed, 24.08.11 13:26, Albert Strasheim (full...@gmail.com) wrote: When reloading the module, there is no transaction in the debug log. When I strace systemd, I can see that epoll returns and that systemd calls recvmsg twice for the netlink messages about the two network ports. systemd doesn't do anything else after that. At this point, a systemctl daemon-reload followed by a systemctl status still yields an active (exited) service. Reloading the module after the systemctl daemon-reload still does not rerun the service. active (exited) suggests that you set RemainAfterExit=yes? I have tried with RemainAfterExit=yes and no. Neither one makes systemd restart the service after reloading the module. Maybe the service should have a Requisite= on the sys-subsystem...device so that it is stopped when the device disappears? I tried this, but the subsystem alias still doesn't seem to work, even with the fixed udev rules. You need BindTo=, not Requires= for that. Thanks. I tried adding BindTo= to the service, hoping that it would really be stopped when the device disappeared, but systemd still doesn't rerun the service. Also, a BindTo= that refers to the sys-subsystem-... alias eventually times out saying the device failed to start, so that isn't working either (even with the fixed udev rule). I'll do the extra bit of debugging you suggested. This issue should be quite easy to reproduce using any machine with its network card code as a module. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] ConditionKernelCommandLine not working?
Hello On Wed, Aug 24, 2011 at 9:17 PM, Lennart Poettering lenn...@poettering.net wrote: On Tue, 16.08.11 19:53, Albert Strasheim (full...@gmail.com) wrote: Hello again My previous example confused the issue by mentioning fedora-autorelabal.service. With the following in /etc/systemd/system/foobar.service: So, I tried to reproduce your issue with ConditionKernelCommandLine= to no luck. Everything appears to work just fine for me? Have you tried the .service I provided here? http://lists.freedesktop.org/archives/systemd-devel/2011-August/003143.html I just tested again with systemd v33 and had the same issue. I can't see anything in the git log that would have fixed this issue between v33 and HEAD. Also, Jóhann Guðmundsso said here that foo=bar isn't parsed correctly: http://lists.freedesktop.org/archives/systemd-devel/2011-August/003155.html Was he right about that? Maybe it matters where foo=bar appears in cmdline? In my tests I have it as the last parameter. By the way, it might be useful if systemctl status could provide more information about which condition failed instead of just start condition failed? Can you isolate a minimal test case for me against current git? Testing against current git is a bit tricky for me, since I don't have a F16 development machine up yet. I'm building and running test systems using F16 packages on F15 with qemu-kvm. I'll see if I can get one up tomorrow. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] SYSTEMD_WANTS and oneshot services
Hello all After my misadventures with SYSTEMD_ALIAS, I've tried to do it with SYSTEMD_WANTS instead. My udev rule: SUBSYSTEM==net, NAME==em[1-2], TAG+=systemd, ENV{SYSTEMD_WANTS}=foo-net-$name.service And my foo-net-em1.service unit (just calls the existing network scripts for now): [Unit] Requires=foo-configure.service After=foo-configure.service [Service] # using the old network scripts for now ExecStart=/sbin/ifup em1 Type=oneshot TimeoutSec=0 RemainAfterExit=no When the machine boots, the unit runs and configures my interface. After that, if I do: rmmod igb (my network card's module) modprobe igb systemd does not run foo-net-em1.service again. I tried with both RemainAfterExit=yes|no. However, if I do: rmmod igb systemctl daemon-reload modprobe igb systemd does run foo-net-em1.service again. Is there a way to always get this behavior? I'd like my network interfaces to be brought up regardless of how and when their modules are loaded. Regards Albert P.S. With biosdevname in F15, I'm not sure that ENV{SYSTEMD_ALIAS}=/sys/subsystem/net/devices/%k is the most useful thing. Users might want $name instead of %k? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] /sys/subsystem device dependency not working
Hello again On Thu, Aug 18, 2011 at 10:03 PM, Albert Strasheim full...@gmail.com wrote: I am trying to use systemd-26 to configure a network device. I've decided to try this instead of the standard Fedora init scripts because I want the network configuration to depend on a kernel command line argument (which should be possible as soon as ConditionKernelCommandLine=foo=bar gets fixed) and some files that are generated during bootup. I spotted the following in /lib/udev/rules.d/99-systemd.rules: SUBSYSTEM==net, KERNEL!=lo, TAG+=systemd, ENV{SYSTEMD_ALIAS}=/sys/subsystem/net/devices/%k I have done some debugging with gdb. When the initial device gets added, with a name like sys-devices-pci:80-:80:09.0-:86:00.0-net-em2.device everything works fine and unit_add_name calls unit_add_to_dbus_queue. I can see that systemd picks up the SYSTEMD_ALIAS from udev and calls device_add_escaped_name(u, alias) in device_update_unit. After that the alias is added, with a name like sys-subsystem-net-devices-em2.device it does a goto fail at this point: 151 if ((r = hashmap_put(u-meta.manager-units, s, u)) 0) { (gdb) n 152 set_remove(u-meta.names, s); (gdb) n 153 goto fail; where s = strdup(text), and text contains the alias string. This is the only obvious difference I can see in the code that adds the original device and its alias. Any thoughts? Thanks! Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] /sys/subsystem device dependency not working
Hello all I am trying to use systemd-26 to configure a network device. I've decided to try this instead of the standard Fedora init scripts because I want the network configuration to depend on a kernel command line argument (which should be possible as soon as ConditionKernelCommandLine=foo=bar gets fixed) and some files that are generated during bootup. I spotted the following in /lib/udev/rules.d/99-systemd.rules: SUBSYSTEM==net, KERNEL!=lo, TAG+=systemd, ENV{SYSTEMD_ALIAS}=/sys/subsystem/net/devices/%k I understood this and the comment above it to mean that I could add a dependency on sys-subsystem-net-devices-em2.device to my service that configures the device. I have a foo-configure.service that runs to generate some files: [Unit] Description=Configure the Next system DefaultDependencies=no Conflicts=shutdown.target Wants=foo-net.target Before=foo-net.target multi-user.target shutdown.target After=local-fs.target [Service] ExecStart=/opt/foo/systemd/foo-configure ExecStart=/bin/hostname --file /etc/hostname Type=oneshot TimeoutSec=0 RemainAfterExit=yes [Install] WantedBy=basic.target foo-configure writes /etc/hostname and /etc/sysconfig/network-scripts/foo based on IPMI configuration of the machine. foo-net.target contains: [Unit] Wants=foo-net-em2.service [Install] WantedBy=network.target foo-net-em2.service contains: [Unit] ConditionKernelCommandLine=foo=bar Conflicts=shutdown.target Before=network.target shutdown.target Requires=sys-subsystem-net-devices-em2.device foo-configure.service After=sys-subsystem-net-devices-em2.device foo-configure.service [Service] EnvironmentFile=/etc/sysconfig/network-scripts/foo ExecStart=/bin/true #eventually: ExecStart=/sbin/ifconfig ... $FOO ... Type=oneshot TimeoutSec=0 RemainAfterExit=yes When the system boots, I see that eth1 is renamed to em2 and I see a sys-devices-pci:00-:00:09.0-:03:00.0-:04:02.0-:07:00.0-net-em2.device go from dead to plugged. However, the startup of foo-net-em2.service fails because the startup of sys-subsystem-net-devices-em2.device times out. Did I misunderstand how the udev rule is supposed to work? Is the udev 167 that ships with FC15 too old perhaps? Thanks. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] ConditionKernelCommandLine not working?
Hello again My previous example confused the issue by mentioning fedora-autorelabal.service. With the following in /etc/systemd/system/foobar.service: [Unit] Description=foobar ConditionKernelCommandLine=foo=bar [Service] ExecStart=/bin/true Type=oneshot TimeoutSec=0 RemainAfterExit=yes [Install] WantedBy=multi-user.target I get the following after booting: # dmesg | grep foo [0.00] Command line: foo=bar console=ttyS0,38400 systemd.log_level=debug [0.00] Kernel command line: foo=bar console=ttyS0,38400 systemd.log_level=debug [5.137548] systemd[1]: Installed new job foobar.service/start as 84 [6.551148] systemd[1]: Starting of foobar.service requested but condition failed. Ignoring. [6.556179] systemd[1]: Job foobar.service/start finished, result=done Regards Albert P. S. I'm running systemd-26-5.fc15.x86_64. I tried to test with systemd v33, but the systemctl enable problem mentioned elsewhere on this list prevented me from setting up my environment. On Mon, Aug 15, 2011 at 1:27 PM, Albert Strasheim full...@gmail.com wrote: Does ConditionKernelCommandLine work in systemd-26-5.fc15.x86_64? I've tested it with my own units and with the Fedora fedora-autorelabel.service, but no luck. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] ConditionKernelCommandLine not working?
Hello all Does ConditionKernelCommandLine work in systemd-26-5.fc15.x86_64? I've tested it with my own units and with the Fedora fedora-autorelabel.service, but no luck. Here's the dmesg: [0.00] Command line: selinux=0 systemd.log_level=debug autorelabel [0.00] Kernel command line: selinux=0 systemd.log_level=debug autorelabel [3.215830] systemd[1]: Installed new job fedora-autorelabel.service/start as 55 [3.229562] systemd[1]: Installed new job fedora-autorelabel-mark.service/start as 59 [4.512418] systemd[1]: Starting of fedora-autorelabel.service requested but condition failed. Ignoring. # cat /lib/systemd/system/fedora-autorelabel.service [Unit] Description=Relabel all filesystems, if necessary DefaultDependencies=no Requires=local-fs.target Conflicts=shutdown.target After=local-fs.target Before=sysinit.target shutdown.target ConditionSecurity=selinux ConditionKernelCommandLine=|autorelabel ConditionPathExists=|/.autorelabel [Service] ExecStart=/lib/systemd/fedora-autorelabel Type=oneshot TimeoutSec=0 RemainAfterExit=yes StandardInput=tty Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] root directory permissions vs OpenSSH chroot
Hello all OpenSSH has a chroot feature, but for it to work, the root directory must have permissions of 0755 otherwise one gets the error: sshd[15705]: fatal: bad ownership or modes for chroot directory component / Is this something that systemd can control or fix when it starts? It seems to be defaulting to 0775 on my Fedora 15 system. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Invalid poll event on socket
Hello On Wed, Apr 20, 2011 at 1:49 AM, Lennart Poettering lenn...@poettering.net wrote: On Tue, 12.04.11 16:15, Albert Strasheim (full...@gmail.com) wrote: Heya, I had the following in my syslog today while my service was running: systemd[1]: Got invalid poll event on socket. systemd[1]: foo.service: main process exited, code=exited, status=1 What causes invalid poll events on the socket? Which socket? Good question. I have now changed git to be log a bit more context here. If you manage to reproduce this this would be very interesting. Right now we assume that the only epoll event we can get on a socket fd is EPOLLIN. And I really wonder what event you might have gooten there. I think I have reproduced this issue. I have a service that uses the following socket unit with two sockets: [Unit] Description=sockets [Socket] ListenStream=2 ListenStream=@foo/bar Backlog=128 Service=foo.service [Install] WantedBy=sockets.target If I stop and start the service with systemctl, everything works fine. But if I tell systemctl to restart the service, I see: systemd[1]: Got invalid poll event on socket. in syslog and LISTEN_FDS=0 instead of 2, which causes my service to exit. I'm running systemd-24-1.fc15.x86_64. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Invalid poll event on socket
Hello On Mon, Apr 25, 2011 at 9:59 AM, Albert Strasheim full...@gmail.com wrote: On Wed, Apr 20, 2011 at 1:49 AM, Lennart Poettering lenn...@poettering.net wrote: On Tue, 12.04.11 16:15, Albert Strasheim (full...@gmail.com) wrote: Heya, I had the following in my syslog today while my service was running: systemd[1]: Got invalid poll event on socket. systemd[1]: foo.service: main process exited, code=exited, status=1 What causes invalid poll events on the socket? Which socket? Good question. I have now changed git to be log a bit more context here. If you manage to reproduce this this would be very interesting. Right now we assume that the only epoll event we can get on a socket fd is EPOLLIN. And I really wonder what event you might have gooten there. With systemd 25 I get: systemd[1]: Got invalid poll event on socket. systemd[1]: foo.socket: Got invalid poll event (0x11) on socket. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Invalid poll event on socket
Hello On Mon, Apr 25, 2011 at 10:03 AM, Albert Strasheim full...@gmail.com wrote: With systemd 25 I get: systemd[1]: Got invalid poll event on socket. systemd[1]: foo.socket: Got invalid poll event (0x11) on socket. I think I know what's going on here. My service that is consuming this socket is written in Go. Go currently has an issue where if you close a socket, it also calls shutdown on that socket. This has been discussed on the Go mailing list, but not fixed yet: http://groups.google.com/group/golang-dev/browse_thread/thread/c6ef223b67936f07 It seems this happens even for listen sockets, which causes an EPOLLHUP, which is 0x10. Maybe systemd needs to guard against this kind of buggy service behavior, where the service cleans up the socket that systemd has passed to it? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] failed @ services listed in systemctl output
Hello all I've been experimenting with http://0pointer.de/public/systemd-units/sshd@.service It works well, but I've noticed that each client connection adds a line to the output in systemctl --system --full e.g., sshd@127.0.0.1:2-127.0.0.1:35006.service error failed failed sshd@127.0.0.1:2-127.0.0.1:35006.service sshd@127.0.0.1:2-127.0.0.1:35007.service error failed failed sshd@127.0.0.1:2-127.0.0.1:35007.service sshd@127.0.0.1:2-127.0.0.1:35008.service error failed failed sshd@127.0.0.1:2-127.0.0.1:35008.service sshd@127.0.0.1:2-127.0.0.1:35009.service error failed failed sshd@127.0.0.1:2-127.0.0.1:35009.service sshd@127.0.0.1:2-127.0.0.1:35903.service error failed failed sshd@127.0.0.1:2-127.0.0.1:35903.service sshd@127.0.0.1:2-127.0.0.1:35904.service error failed failed sshd@127.0.0.1:2-127.0.0.1:35904.service sshd@127.0.0.1:2-127.0.0.1:37381.service error failed failed sshd@127.0.0.1:2-127.0.0.1:37381.service that stays there after the client logs out. Is this intended? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl runs systemd-tty-ask-password-agent and hangs?
Hello again I had the same problem again today trying to start a service. The last few system calls made by systemd-tty-ask-password-agent are: 19048 mkdir(/run, 0755) = -1 EEXIST (File exists) 19048 mkdir(/run/systemd, 0755) = -1 EEXIST (File exists) 19048 mkdir(/run/systemd/ask-password, 0755) = -1 EEXIST (File exists) 19048 inotify_init1(O_CLOEXEC) = 4 19048 inotify_add_watch(4, /run/systemd/ask-password, IN_CLOSE_WRITE|IN_MOVED_TO) = 1 19048 rt_sigprocmask(SIG_SETMASK, [INT TERM], NULL, 8) = 0 19048 signalfd4(-1, [INT TERM], 8, O_NONBLOCK|O_CLOEXEC) = 5 19048 open(/run/systemd/ask-password, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 6 19048 getdents(6, {{d_ino=9748, d_off=1, d_reclen=24, d_name=.} {d_ino=9747, d_off=2, d_reclen=24, d_name=..}}, 32768) = 48 19048 getdents(6, {}, 32768)= 0 19048 close(6) = 0 19048 poll([{fd=4, events=POLLIN}, {fd=5, events=POLLIN}], 2, -1) = 1 ([{fd=5, revents=POLLIN}]) I am running systemd-24-1.fc15.x86_64. Full trace attached. Regards Albert On Tue, Apr 5, 2011 at 10:06 AM, Albert Strasheim full...@gmail.com wrote: Hello all Sometimes (not sure when), when I run systemctl stop foo.service where foo.service is in this state: foo.service loaded failed failed stop Foo systemctl just hangs. I can see that it has started a process called /bin/systemd-tty-ask-password-agent --watch which is apparently waiting for input of some kind, but I don't know where or what. It hangs until I kill systemctl with Ctrl-C. I'm running systemd-22-1.fc15.x86_64 and upgraded the machine from FC14 using yum distro-sync, if that matters. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl runs systemd-tty-ask-password-agent and hangs?
Hello Finally, a clue. It seems after a really long time, or maybe sometimes, systemctl will print: A dependency job failed. See system logs for details. and sometimes (but not always), syslog will contain: systemd[1]: Job dev-dm-0.device/start timed out. This is caused by an After=dev-%i.device in my .service. Still strange that things hang for so long though. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Device names with dashes
Hello again My previous problem with an After= referring to a device seems to have been caused by a device with a dash in the name. I had a service called mounter@dm-0.service with BindTo=dev-%i.device After=dev-%i.device which fails to find dev-dm-0.device because systemd seems to be calling it: dev-dm\x2d0.deviceloaded active plugged /dev/dm-0 Is there any way to reconcile these two? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] ListenStream in an @.socket unit
Hello all I have the following socket unit: [Unit] Description=unix sock [Socket] ListenStream=@foo/%i Backlog=128 Service=foo@%i.service [Install] Alias=foo@dev1.socket Alias=sockets.target.wants/foo@dev1.socket Alias=foo@dev2.socket Alias=sockets.target.wants/foo@dev2.socket Alias=foo@dev3.socket Alias=sockets.target.wants/foo@dev3.socket so that I can configure a socket per device, where each device is handled by a separate service instance. However, ListenStream= doesn't seem to understand %i, because it listens on @foo/%i (no substitution), causing foo@dev2.socket and foo@dev3.socket to fail on startup. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemctl runs systemd-tty-ask-password-agent and hangs?
Hello all Sometimes (not sure when), when I run systemctl stop foo.service where foo.service is in this state: foo.service loaded failed failed stop Foo systemctl just hangs. I can see that it has started a process called /bin/systemd-tty-ask-password-agent --watch which is apparently waiting for input of some kind, but I don't know where or what. It hangs until I kill systemctl with Ctrl-C. I'm running systemd-22-1.fc15.x86_64 and upgraded the machine from FC14 using yum distro-sync, if that matters. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] RLIM_INFINITY for LimitNOFILE, etc.
Hello all Is there a way to specify the equivalent of RLIM_INFINITY for LimitNOFILE, etc.? I did a quick grep of the systemd source, but couldn't find an obvious answer. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] ListenStream=0
Hello On Mon, Apr 4, 2011 at 4:32 PM, Lennart Poettering lenn...@poettering.net wrote: On Mon, 04.04.11 07:13, Albert Strasheim (full...@gmail.com) wrote: Hello all I just tried to start a socket unit with ListenStream=0 in the configuration, but this yields the following error: Failed to issue method call: Unit zero.socket failed to load: Invalid argument. See system logs and 'systemctl status' for details. I would expect that it would simply bind to any free port. Bug or feature? We validate all input data, and to me it appeared as if port 0 would be a not so useful feature. But uh, I can be convinced to allow port == 0. Do you have a good usecase for this? How do you determine the port number actually used? If we allow port 0 we would have to add an interface so that clients can query what was actually used, or not? Our use-case looks something like this: We are running a bunch of services across multiple machines. Depending on the number of cores/memory/etc. in a machine, it will be configured to run a variable number of instances of a particular service. Each instance will announce itself to the rest of the machines using multicast or some kind of central registry. Part of this announcement contains the IP address and port where it can be contacted, so this port can be dynamically assigned. In this kind of scenario it's nice to not have to worry about the specifics of the ports, or about keeping port ranges for different services separated. I think you can leave the problem of which port was actually assigned to someone else for now. The service itself can discover its port number using getsockname. This paradigm is supported in various programming languages, including Go, Erlang, etc. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Chroot jail for service with /proc, etc. already mounted
Hello On Mon, Apr 4, 2011 at 8:45 AM, Albert Strasheim full...@gmail.com wrote: I was wondering if anyone had an example of a service unit that sets up a chroot jail with RootDirectory= but also mounts /proc, /sys and maybe a directory with some binaries and configuration inside it? It seems I could write a program that runs under ExecStartPre= to prepare the environment, if I set RootDirectoryStartOnly=true and PermissionsStartOnly=true. Any alternatives would be appreciated. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Assertion 'u-meta.type != _UNIT_TYPE_INVALID' failed at src/unit.c:257, function unit_add_to_load_queue(). Aborting.
Hello all I'm trying to set up a configuration where a variable number of devices under /dev/mapper get automounted. I've started with the following: # cat mpath\@.mount [Unit] Description=Data File System [Mount] What=/dev/mapper/%i Where=/mnt/%i Type=ext4 [Install] Also=mpath@.automount Alias=mpath@mpathc.mount Alias=mpath@mpathd.mount # cat mpath\@.automount [Unit] Description=Data Automount Point Before=local-fs.target [Automount] Where=/mnt/%i [Install] Alias=local-fs.target.wants/mpath@mpathc.automount Alias=local-fs.target.wants/mpath@mpathd.automount but if I tell systemd to reload the configuration and then do systemctl enable mpath\@.mount I get the following error in /var/log/messages: systemd[1]: Assertion 'u-meta.type != _UNIT_TYPE_INVALID' failed at src/unit.c:257, function unit_add_to_load_queue(). Aborting. systemd[1]: Caught ABRT, dumped core as pid 27495. systemd[1]: Freezing execution. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Assertion 'u-meta.type != _UNIT_TYPE_INVALID' failed at src/unit.c:257, function unit_add_to_load_queue(). Aborting.
Hello On Mon, Apr 4, 2011 at 6:01 PM, Albert Strasheim full...@gmail.com wrote: I'm trying to set up a configuration where a variable number of devices under /dev/mapper get automounted. I've started with the following: # cat mpath\@.mount [Unit] Description=Data File System After reading the systemd.mount manual page more carefully, it seems this isn't going to work since each mount unit needs a file named path-to-mount.mount. systemd probably shouldn't crash though. Given some tens of devices under /dev/mapper, is there a better way to get them all mounted without having to make a separate unit for each? This is quite common when one starts connecting lots of disks in SAS enclosures together. Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] sshd inside in a nspawn container
Hello all On Sun, Apr 3, 2011 at 4:59 PM, Albert Strasheim full...@gmail.com wrote: pam_loginuid(sshd:session): set_loginuid failed This one is caused by: 32open(/proc/self/loginuid, O_WRONLY|O_TRUNC|O_NOFOLLOW) = 4 32write(4, 0, 1) = -1 EPERM (Operation not permitted) This happens regardless of whether systemd-nspawn is run with sudo or directly as root. pam_systemd(sshd:session): Failed to get user data. This is caused by my user ID not being present in the passwd file in the container. If I login to the host machine as root and then run systemd-nspawn this error disappears, but the write to /proc/self/loginuid still doesn't succeed. pam_unix(sshd:session): session opened for user root by (uid=0) error: PAM: pam_open_session(): Cannot make/remove an entry for the specified session This is caused by a call to socket(PF_NETLINK, SOCK_RAW, 9) = -1 EPROTONOSUPPORT NETLINK_AUDIT=9, so it seems getting rid of auditing might be more difficult than audit=0. Regards Albert P.S. I managed to get a shell going based on rescue.service so that I could strace sshd running inside the container. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] ListenStream=0
Hello all I just tried to start a socket unit with ListenStream=0 in the configuration, but this yields the following error: Failed to issue method call: Unit zero.socket failed to load: Invalid argument. See system logs and 'systemctl status' for details. I would expect that it would simply bind to any free port. Bug or feature? Regards Albert ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel