Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-25 Thread Jonathan Dowland 
On Mon, Apr 25, 2016 at 04:11:02AM +1000, Andrew McGlashan wrote:
> systemd continues to cause much more trouble than it is worth for so
> many people -- I really wish it wasn't so, but it truly is so. :(

Since I started this thread, I might as well speak up here: I am very
aware of your feelings about systemd, and re-iterating them doesn't help
you, me or anyone else. I'd appreciate it if you would not hijack my
threads.


-- 
Jonathan Dowland
Please do not CC me, I am subscribed to the list.

Automount usb device with systemd (Re: on-demand mounting of filesystems via Systemd (e.g. /backup))

2016-04-25 Thread Dominique Dumont 
On Wednesday 20 April 2016 15:49:00 Jonathan Dowland wrote:
> Anyway, in the past I've read some useful tips for using Systemd on this
> list, so here's the blog post should it be of any interest:
> 
> https://jmtd.net/log/mount_on_demand_backups/

Thanks. Here's my small contribution for a similar issue:

http://ddumont.wordpress.com/2016/04/24/automount-usb-devices-with-systemd/

Let's hope we'll see more on the subject to help people understand systemd.

All the best

-- 
 https://github.com/dod38fr/   -o- http://search.cpan.org/~ddumont/
http://ddumont.wordpress.com/  -o-   irc: dod at irc.debian.org

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-24 Thread tomas 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Apr 25, 2016 at 04:11:02AM +1000, Andrew McGlashan wrote:
> 
> On 24/04/2016 8:10 PM, Ansgar Burchardt wrote:
> > Could you please keep your cancer to lists where people are not expected
> > to follow a minimal code of conduct[1]?
> 
> I call jelly fish on your entire post.
> 
> systemd continues to cause much more trouble than it is worth for so
> many people -- I really wish it wasn't so, but it truly is so. :(

Whatever. Look -- I don't like systemd either. But insulting people is
just no cool. Especially people who make free software (as systemd is).

If you don't like it -- just don't install it. If you want to do a good
deed, just pick an alternative and try to help others making it better.

This flame fest nonsense doesn't lead anywhere.

- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlcdIY0ACgkQBcgs9XrR2kaZZgCfTgYuC1NjspopTi8NLzc+tvtc
aUEAn3ds+7rP4+wvjmPqaCNf0EGa1x6u
=TyYa
-END PGP SIGNATURE-

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-24 Thread Christian Seiler 
On 04/24/2016 08:11 PM, Andrew McGlashan wrote:
> systemd continues to cause much more trouble than it is worth for so
> many people -- I really wish it wasn't so, but it truly is so. :(

You don't seem to understand the criticism that has been levelled at
your conduct here. Ansgar didn't ask you to spout your vitriol
elsewhere because you dislike systemd, or because you criticized it;
he asked you because the way you behave here is to the detriment of
the atmosphere on this list.

Christian



signature.asc
Description: OpenPGP digital signature

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-24 Thread Martin Read 

On 20/04/16 20:44, John L. Ries wrote:

Thanks! I think we need to share more examples on how to use systemd
properly. A lot of the criticism stems from the simple fact that people
just need to learn what the new tools can do for them.


That would be an indication that systemd is non-intuitive and poorly
documented, which has been my impression for the past several years.


Approximately all interfaces for humans to control computers (and 
absolutely all interfaces that involve using typical computer human 
input devices like keyboards, mice, etc.) are non-intuitive, so saying 
"systemd is non-intuitive" is meaningless for all practical purposes.


What *is* fair to say is that some people find that they already had 
acceptable solutions to all the problems they have which systemd is 
intended to solve, and therefore - quite justifiably! - have no desire 
to learn a new set of interfaces for solving those problems. I - and 
indeed most systemd proponents - have no quarrel with those people.


Some of the people who are in that position proceed to generalize their 
own distaste for, and lack of need for, systemd into a claim that 
systemd cannot possibly be solving any problems for anyone. A few of 
them go further still, and proceed to agitate for Angra Mainyu to be 
depicted with Lennart Poettering's face.

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-24 Thread Andrew McGlashan 

On 24/04/2016 8:10 PM, Ansgar Burchardt wrote:
> Could you please keep your cancer to lists where people are not expected
> to follow a minimal code of conduct[1]?

I call jelly fish on your entire post.

systemd continues to cause much more trouble than it is worth for so
many people -- I really wish it wasn't so, but it truly is so. :(

A.



signature.asc
Description: OpenPGP digital signature

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-24 Thread Ansgar Burchardt 
Hi Andrew,

Andrew McGlashan  writes:
> Sadly this software version of
> cancer is planned to keep spreading.

Could you please keep your cancer to lists where people are not expected
to follow a minimal code of conduct[1]?

I'm sure that you will find the Devuan mailing list to be a welcoming
place for people like MikeeUSA or yourself. (After all they referred to
the thread with [2] in their interview with Distrowatch[3]; note that
message is dated from before the interview.)

Ansgar,
  getting bored of dealing with trolls

  [1] 
  [2] 

  [3] , just search
  for "sgryphon"

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-23 Thread Andrew McGlashan 


On 21/04/2016 7:19 AM, Ansgar Burchardt wrote:
> Here is a quick example in an interactive shell:
> 
> +---
> | # umount /boot; ls /boot
> | [empty]
> | # unshare -m

Wheezy seems to need:
  # unshare -m /bin/bash

Jessie gives you the shell by default (perhaps your default).

Cheers
AndrewM



signature.asc
Description: OpenPGP digital signature

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-23 Thread Andrew McGlashan 


On 21/04/2016 5:44 AM, John L. Ries wrote:
>> Thanks! I think we need to share more examples on how to use systemd
>> properly. A lot of the criticism stems from the simple fact that people
>> just need to learn what the new tools can do for them.
> 
> That would be an indication that systemd is non-intuitive and poorly
> documented, which has been my impression for the past several years.
> There may be no good cure for the former (but a better systemadm would
> help), but there is for the latter.

Agreed on the responder part.  There is little that more examples of
systemd will encourage anything for me; it is not the way *nix systems
should be built.  There is definitely far too much reach and over creep
in systemd already, with more to come.  Sadly this software version of
cancer is planned to keep spreading.

:(

AndrewM



signature.asc
Description: OpenPGP digital signature

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Michael Biebl 
Am 20.04.2016 um 23:19 schrieb Ansgar Burchardt:
> I'm not sure you can achieve this via systemd's .mount units, although
> systemd itself also makes use of mount namespaces.  For example, systemd
> uses them to provide a per-service /tmp, make /home unaccessible or only
> allowing read-only access to /usr or /etc for individual service.  See
> the PrivateTmp=, ProtectHome=, ProtectSystem=, PrivateDevices=,
> ReadOnlyDirectories=, InaccessibleDirectories= and ReadWriteDirectories=
> in man:systemd.exec(5).

If you run the backup via a .service file, you could use
MountFlags=private, see

https://www.freedesktop.org/software/systemd/man/systemd.exec.html#MountFlags=
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Jonathan Dowland 
On Wed, Apr 20, 2016 at 11:19:46PM +0200, Ansgar Burchardt wrote:
> I think using mount namespaces is a bit nicer solution for the problem:
...
> I'm not sure you can achieve this via systemd's .mount units, although
> systemd itself also makes use of mount namespaces.  For example, systemd
> uses them to provide a per-service /tmp, make /home unaccessible or only
> allowing read-only access to /usr or /etc for individual service.  See
> the PrivateTmp=, ProtectHome=, ProtectSystem=, PrivateDevices=,
> ReadOnlyDirectories=, InaccessibleDirectories= and ReadWriteDirectories=
> in man:systemd.exec(5).

Thanks, that does look useful. I will look into this some more.

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Ansgar Burchardt 
Hi,

Jonathan Dowland writes:
> I just wrote a blog post about how to use Systemd to configure mount-on-demand
> filesystems, e.g. /backup (in my case). This was triggered by recent news in
> the UK that a major hosting provider had deleted all their customer VMs by
> accident by issuing something like "rm -rf" - but they *also* got all their
> backups because their backup volume was mounted too.
>
> Anyway, in the past I've read some useful tips for using Systemd on this
> list, so here's the blog post should it be of any interest:
>
> https://jmtd.net/log/mount_on_demand_backups/

I think using mount namespaces is a bit nicer solution for the problem:
the /backup mount will only be visible for the backup process and, as
far as I understand, be automatically unmounted when all processes in
the namespace exit, i.e. when the backup is done.

Here is a quick example in an interactive shell:

+---
| # umount /boot; ls /boot
| [empty]
| # unshare -m
| [Note: This will start a subshell]
| # mount /boot; ls /boot
| System.map-4.3.0-1-amd64 [...]
| [Run backup here ;)]
| [Note: /boot will appear empty for other processes at this point.]
| # exit
| # ls /boot
| [empty]
+---

I used /boot instead of /backup as that exists on my computer.

Note that /boot is only visible from the subshell started by unshare or
other processes that entered the namespace (e.g. with nsenter(1)).  A
stray `rm -rf /` can thus not see it even when run at the time of the
backup.

I'm not sure you can achieve this via systemd's .mount units, although
systemd itself also makes use of mount namespaces.  For example, systemd
uses them to provide a per-service /tmp, make /home unaccessible or only
allowing read-only access to /usr or /etc for individual service.  See
the PrivateTmp=, ProtectHome=, ProtectSystem=, PrivateDevices=,
ReadOnlyDirectories=, InaccessibleDirectories= and ReadWriteDirectories=
in man:systemd.exec(5).

Ansgar

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Jonathan Dowland 
On Wed, Apr 20, 2016 at 09:40:40PM +0200, Jochen Spieker wrote:
> Did you edit your blog post afterwards or did I just skim over your own
> rebuttal of the story? :)

No I named it as a hoax from the off -- the tell for me was that one of the
replies to the hoax post was a suggestion to use dd(1) for recovery, and the
OP replied "I've swapped the arguments if= and of=. What do I do now?" That
stretched credulity too much for me.

On the other hand, 123-reg really did do this!

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Jonathan Dowland 
On Wed, Apr 20, 2016 at 01:44:07PM -0600, John L. Ries wrote:
> >Thanks! I think we need to share more examples on how to use systemd
> >properly. A lot of the criticism stems from the simple fact that people
> >just need to learn what the new tools can do for them.
> 
> That would be an indication that systemd is non-intuitive and poorly
> documented, which has been my impression for the past several years.

That may be, and I've listed several opinions of mine as to ways systemd
could improve for this specific case, in the blog post. However, I have
yet to see a solution to do what I just did with bog-standard shellscripts
or whatever which is clearer or conciser than this solution, despite the
niggles.


-- 
Jonathan Dowland

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread John L. Ries 

Thanks! I think we need to share more examples on how to use systemd
properly. A lot of the criticism stems from the simple fact that people
just need to learn what the new tools can do for them.


That would be an indication that systemd is non-intuitive and poorly 
documented, which has been my impression for the past several years. 
There may be no good cure for the former (but a better systemadm would 
help), but there is for the latter.


--|
John L. Ries  |
Salford Systems   |
Phone: (619)543-8880 x107 |
or (435)867-8885  |
--|


On Wed, 20 Apr 2016, Jochen Spieker wrote:


Jonathan Dowland:


I just wrote a blog post about how to use Systemd to configure mount-on-demand
filesystems, e.g. /backup (in my case). This was triggered by recent news in
the UK that a major hosting provider had deleted all their customer VMs by
accident by issuing something like "rm -rf" - but they *also* got all their
backups because their backup volume was mounted too.


That was a marketing hoax (which I didn't even find really credible
because Linux' rm doesn't operate recursively on / without the option
--no-preserve-root for some years now).


Anyway, in the past I've read some useful tips for using Systemd on this
list, so here's the blog post should it be of any interest:

https://jmtd.net/log/mount_on_demand_backups/


Thanks! I think we need to share more examples on how to use systemd
properly. A lot of the criticism stems from the simple fact that people
just need to learn what the new tools can do for them.

J.
--
If I had to live on a desert island I would take a mobile phone,
preferably a Nokia 8810.
[Agree]   [Disagree]

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Jochen Spieker 
Jochen Spieker:
> Jonathan Dowland:
>> 
>> I just wrote a blog post about how to use Systemd to configure 
>> mount-on-demand
>> filesystems, e.g. /backup (in my case). This was triggered by recent news in
>> the UK that a major hosting provider had deleted all their customer VMs by
>> accident by issuing something like "rm -rf" - but they *also* got all their
>> backups because their backup volume was mounted too.
> 
> That was a marketing hoax

Did you edit your blog post afterwards or did I just skim over your own
rebuttal of the story? :)

J.
-- 
I cannot comprehend the idea of chemical and biological weapons.
[Agree]   [Disagree]
 


signature.asc
Description: Digital signature

Re: on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Jochen Spieker 
Jonathan Dowland:
> 
> I just wrote a blog post about how to use Systemd to configure mount-on-demand
> filesystems, e.g. /backup (in my case). This was triggered by recent news in
> the UK that a major hosting provider had deleted all their customer VMs by
> accident by issuing something like "rm -rf" - but they *also* got all their
> backups because their backup volume was mounted too.

That was a marketing hoax (which I didn't even find really credible
because Linux' rm doesn't operate recursively on / without the option
--no-preserve-root for some years now).

> Anyway, in the past I've read some useful tips for using Systemd on this
> list, so here's the blog post should it be of any interest:
> 
> https://jmtd.net/log/mount_on_demand_backups/

Thanks! I think we need to share more examples on how to use systemd
properly. A lot of the criticism stems from the simple fact that people
just need to learn what the new tools can do for them.

J.
-- 
If I had to live on a desert island I would take a mobile phone,
preferably a Nokia 8810.
[Agree]   [Disagree]
 


signature.asc
Description: Digital signature

on-demand mounting of filesystems via Systemd (e.g. /backup)

2016-04-20 Thread Jonathan Dowland 
I just wrote a blog post about how to use Systemd to configure mount-on-demand
filesystems, e.g. /backup (in my case). This was triggered by recent news in
the UK that a major hosting provider had deleted all their customer VMs by
accident by issuing something like "rm -rf" - but they *also* got all their
backups because their backup volume was mounted too.

Anyway, in the past I've read some useful tips for using Systemd on this
list, so here's the blog post should it be of any interest:

https://jmtd.net/log/mount_on_demand_backups/

-- 
Jonathan Dowland
Please do not CC me, I am subscribed to the list.


signature.asc
Description: Digital signature