[atomic-wg] Issue #160: Ship fedora-motd in F24 atomic image
rtnpro added a new comment to an issue you are following: `` @dustymabe did anyone have time to review the above changes? `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
rtnpro added a new comment to an issue you are following: `` Fixed the following issues: - Don't cache update info from motdgen scripts, https://github.com/rtnpro/motdgen/commit/54c7571eb8616a413402bfb1c1ac033a5697bac9 - Replace cron jobs with systemd timer, https://github.com/rtnpro/motdgen/commit/06859c5c333ed7af85a05f67dc68bd7c9089a19f If the cloud WG is OK with the changes, I will update the RPM package and release it. @dustymabe @walters @mattdm ^^ `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
mattdm added a new comment to an issue you are following: `` > We can enable motdgen.service at system boot. This will execute atomic and > dnf commands only during first boot and cache the results. I'm concerned that this'll make the first boot annoying slow. Can we just run it from a systemd timer? `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
rtnpro added a new comment to an issue you are following: `` @walters I created an issue[1] to work on migrating from cron to systemd. Regarding the first run of ``motdgen-cache-updateinfo``, I am not a big fan of it being run from the PAM stack. That's why I have a workaround in place. ## Use cases ### Installing fedora-motd manually User can run ``/usr/bin/motdgen`` manually post install to cache update details. Hence, in subsequent runs, neither ``atomic`` or ``dnf`` update info will be checked. May be we can run ``/usr/bin/motdgen`` post install. Also, another way is to start ``motdgen.service`` or enable it at boot. So, ``atomic`` and ``dnf`` commands won't be run at all from the PAM stack, because it has already been run, post install or at system boot. ### Enabling fedora-motd in images We can enable ``motdgen.service`` at system boot. This will execute ``atomic`` and ``dnf`` commands only during first boot and cache the results. This will result in displaying the motd data from the cached update info result. @walters what do you think? Is this workaround good enough? [1]: https://github.com/rtnpro/motdgen/issues/8 `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
rtnpro added a new comment to an issue you are following: `` I did not manage to work on it post walter's review. I will be off for quite some time from next week on account of my marriage. It will be great if someone can lend me a hand to see this feature to completion. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
trishnag added a new comment to an issue you are following: `` We need to ship this for f25. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
rtnpro added a new comment to an issue you are following: `` @walters I got that. I will fix fedora-motd based on your feedback and share it for review by this weekend. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
walters added a new comment to an issue you are following: `` To repeat again, I am a big fan of this effort - having a nicer interactive experience is great! The cockpit guys were working on something similar to what CoreOS does with displaying the host IP addresses in the console too. But the PAM and update stacks are about some of the most senstitive/critical aspects of the OS, and we have to be really careful when tying them together. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
walters added a new comment to an issue you are following: `` The previous discussion on this was https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2016-April/msg00020.html which I didn't reply to. Okay, so you said: ``` The file /etc/motdgen.d/02-updateinfo.sh does nothing but cat the content of /var/run/updateinfo.txt if available. ``` which, looking at https://kojipkgs.fedoraproject.org//packages/fedora-motd/0.1.2/2.fc25/noarch/fedora-motd-0.1.2-2.fc25.noarch.rpm isn't true, since I see this code: ``` cat etc/motdgen.d/02-updateinfo.sh ... if [ ! -f "$firstrun" ]; then touch $firstrun nohup /usr/bin/motdgen-cache-updateinfo & fi # cat usr/bin/motdgen-cache-updateinfo #!/bin/sh if [ -f /run/ostree-booted ]; then rpm-ostree upgrade --check --preview > /var/run/rpmostree_updateinfo.out ... ``` We're hence starting a potentially long running process out of the PAM stack, which is really not a good idea. Invoking rpm-ostree like this will also block other clients as I said (And that's also true of yum/dnf) - which is again very problematic if the "login" is actually Ansible where you're trying to do things like configure a proxy or mirror. Deleting the first run bit would deal with the biggest of my objections, but then we'd still have the cron job (which itself is problematic because we *just* got rid of cron - this should be a systemd timer) An architecture which is event driven and would implement the "only check automatically if explicitly invoked at least once" is to patch rpm-ostree to do something like `systemctl start --no-block system-motdgen.service` after it's completed a transaction. Then the motd code could call back with the DBus API for `GetCachedUpdateDetails`. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
walters added a new comment to an issue you are following: `` The previous discussion on this was https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2016-April/msg00020.html which I didn't reply to. Okay, so you said: ``` The file /etc/motdgen.d/02-updateinfo.sh does nothing but cat the content of /var/run/updateinfo.txt if available. ``` which, looking at https://kojipkgs.fedoraproject.org//packages/fedora-motd/0.1.2/2.fc25/noarch/fedora-motd-0.1.2-2.fc25.noarch.rpm isn't true, since I see this code: ``` cat etc/motdgen.d/02-updateinfo.sh ... if [ ! -f "$firstrun" ]; then touch $firstrun nohup /usr/bin/motdgen-cache-updateinfo & fi # cat usr/bin/motdgen-cache-updateinfo #!/bin/sh if [ -f /run/ostree-booted ]; then rpm-ostree upgrade --check --preview > /var/run/rpmostree_updateinfo.out ... ``` We're hence starting a potentially long running process out of the PAM stack, which is really not a good idea. Invoking rpm-ostree like this will also block other clients as I said (And that's also true of yum/dnf) - which is again very problematic if the "login" is actually Ansible where you're trying to do things like configure a proxy or mirror. Deleting the first run bit would deal with the biggest of my objections, but then we'd still have the cron job (which itself is problematic because we *just* got rid of cron - this should be a systemd timer) An architecture which is event driven and would implement the "only check automatically if explicitly invoked at least once" is to patch rpm-ostree to do something like `systemctl start --no-block system-motdgen.service` after it's completed a transaction. Then the motd code could call back with the DBus API for `GetCachedUpdateDetails`. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
[atomic-wg] Issue #160 `Ship fedora-motd in F24 atomic image`
rtnpro added a new comment to an issue you are following: `` @walters could you outline the steps to ship fedora-motd in fedora atomic image build? `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 ___ cloud mailing list -- cloud@lists.fedoraproject.org To unsubscribe send an email to cloud-le...@lists.fedoraproject.org
