On 9/13/23 17:32, Jeremy Friesner wrote:
This all works fine and has for a long time; the problem is that the new
version of the device is running systemd.networkd and networkd has some
functionality in it where it detects when an Ethernet device has lost
its carrier, and responds by removing
I am attempting to create a service that will load device-specific
netfilter rules after the corresponding device has been created (bonds,
VLANs, etc.).
Here is my current attempt.
[Unit]
Description=Apply device-specific nftables rules for %I
Wants=sys-devices-virtual-net-%I.device
On 7/31/23 17:18, Nils Kattenbeck wrote:
Huh, I am actually surprised to discover that httpd does not watch these
files itself.
To be honest, I never even considered the posibility that it might do
that. Unfortunately, testing reveals that it doesn't do so.
Regardless, I think the systemd
What is the recommended way for a service that runs as a non-root user
to *conditionally* restart (or reload) another service?
I have created service (along with an associated timer) that checks the
remaining life of a TLS certificate and retrieves an updated certificate
from Let's Encrypt if
On 12/28/22 15:57, 沙包妖梦 wrote:
I can see "ppp0: DHCP: received delegated prefix xx" from
systemd-networkd log output, can I get the prefix by using networkctl or
something else?
I asked this a month or so ago, and I'm pretty sure that I never
received an answer. I'm pretty sure that
All that it reports, even in debug mode is:
DHCPv6 client: Failed to process received reply message, ignoring: Bad
message
Which doesn't give the information required to fix the problem.
Is there a way to configure systemd-networkd to provide a useful error
message?
(BTW, I've placed a
On 12/3/22 09:34, Neal Gompa wrote:
CentOS Stream 9 is being upgraded to systemd 252[1], so this will
likely become unneeded soon.
That will be nice. Thanks!
--
Google Where SkyNet
https://github.com/systemd/systemd-stable/issues/233
Thanks!
--
Google Where SkyNet meets Idiocracy
On 10/22/22 10:37, Kenneth Porter wrote:
The command "ip addr" will display your address assignments.
It won't show the delegated prefix, though, because it isn't assigned to
any interface.
--
Google
On 10/19/22 17:05, Ian Pilcher wrote:
I've managed to get systemd-networkd to request and IPv6 prefix from my
ISP, and I can see it the journal. Now I need to programmatically
retrieve it, so that my home-grown scripts can set up the various
routes, address, firewall rules, etc.
(I know
I've managed to get systemd-networkd to request and IPv6 prefix from my
ISP, and I can see it the journal. Now I need to programmatically
retrieve it, so that my home-grown scripts can set up the various
routes, address, firewall rules, etc.
(I know that systemd-networkd can allocate subnets
What is the best way to use the parent device DEVPATH (or the DEVPATH
where a parent attribute matched) as a substitution in a udev rule?
I am doing this to create stable paths to the sysfs directories
containing the hardware monitoring attributes of my NAS, but the
location of the sysfs
On 4/28/22 05:30, Ulrich Windl wrote:
So are there any distros that have /etc/fstab in initrd?
Having to start mount units manually is just terrible when a simple "mount
/var" would do.
Putting /etc/fstab in the initrd would mean that it would need to be
rebuilt every time that file (or a
I.e., how does it determine that a particular interface is an on-board
interface, and how does it determine the "number" of such an interface?
Thanks!
--
In Soviet Russia, Google searches you!
On 10/18/21 16:56, Kenneth Porter wrote:
On 10/18/2021 1:08 PM, Silvio Knizek wrote:
OTOH, systemd-networkd itself has inbuilt NDPProxy capabilities.
How well does it coexist with RHEL/CentOS 7? I don't really understand
how the various network management ecosystems interact. Pointers
Does anyone have any ideas on how I can move this issue forward?
https://github.com/systemd/systemd/issues/20212
As the subject says, it makes my NAS (and other systems with "lots" of
block devices) basically unbootable. Red Hat reverted the commits that
introduced the issue in their RHEL 8
On 7/15/21 4:40 AM, Mike Beaton wrote:
I may not have understood correctly, but it seems that after `bootcl
install`, `kernel-install` is _not_ called automatically; neither
initially, nor after any system kernel update.
Is this correct? And if so can anyone help with the reasoning behind
On 7/12/21 9:20 AM, Ian Pilcher wrote:
I have hit what appears to be a race condition in udev that causes very
slow booting on systems with a "large" number of disks or block devices.
I have an idea about which commit triggered the issue, so I'd like to
build the previ
I have hit what appears to be a race condition in udev that causes very
slow booting on systems with a "large" number of disks or block devices.
I have an idea about which commit triggered the issue, so I'd like to
build the previous commit (a59b0a9f768f6e27b25f4f1bab6de08842e78d74) as
a test
On 6/23/21 1:31 PM, Tomasz Torcz wrote:
https://github.com/lm-sensors/lm-sensors/blob/master/doc/libsensors-API.txt
I'm using ctypes-based bindings for Python from
https://github.com/paroj/sensors.py
Interesting. I may look into porting my application to that at some
point. OTOH, reading
On 6/23/21 1:18 PM, Tomasz Torcz wrote:
lm_sensors library ought to be used as abstraction layer, hiding
specific hwmon? devices. You can call ‘sensors it8728-isa-0a30'
and have the same output regardless of module loading order.
Try sesnors with -u, -j or language bindings for full
On 6/23/21 12:52 PM, Greg KH wrote:
sysfs should be "self-contained", trying to add symlinks to it from
external places is racy and guaranteed to not work over time.
Hmm. Is that true even when the symlink is created by an appropriate
udev rule (i.e. linking from /run/$known_location to
I would like to add a udev rule that creates a symlink to a sysfs
directory, and a subdirectory of /run seem like the right place to put
it. Of course this means that the subdirectory needs to exist.
The device in question is an "it87" hardware monitoring chip, so the
module doesn't get loaded
On 2/8/21 7:52 AM, Uoti Urpala wrote:
This is wrong. Socket units are useful completely independently of
whether the unit is started on demand, and it's a good idea to use them
even for services that are always started on boot. They allow
configuring listening ports in a consistent manner, and
On 7/28/20 9:44 AM, Lennart Poettering wrote:
Is the service short-lived? There's a race: if a process runs very
quickly and logs journald might process the message after the process
already exited, i.e. at a time where we can't read the cgroup off the
process anymore.
It is indeed a very
On 7/28/20 11:07 AM, Mantas Mikulėnas wrote:
I'd create a single raidcheck.service that runs daily and calls a script
that itself determines which device to check, e.g. /dev/md$[dayofyear % 16].
That is the approach that I'm taking, although it means a fair bit of
work. I need to parse a
My NAS has 16 MD RAID devices. I've created a simple service
(raidcheck@.service) that will trigger a check of the RAID device
identified by the argument. E.g., 'systemctl start raidcheck@md1' will
trigger the check of md1 (after checking that no other array is being
checked/synced, no arrays
I have a simple (non-forking) one-shot service that logs messages via
syslog. These messages are not being "associated" with the service
unit. I.e., they don't show up if I use journalctl's -u option
(although they are in the journal).
UPDATE: I just tried using sd_journal_print, and I'm
On 7/1/20 3:47 AM, Mantas Mikulėnas wrote:
systemd doesn't explicitly reparent processes; the kernel just always
reparents processes to pid 1 when the previous parent no longer exists.
Overall, pid 1 is a legitimate recipient of SIGCHLD regardless of which
init system is being used.
In this
On 6/30/20 4:18 AM, Lennart Poettering wrote:
Maybe it double forks or forks a child off (callout script?) that
double forks somewhere?
I don't know your software, it's probably best to ping the authors of
it about this, they should know what their software does.
LOL! I am the author.
So I
On 6/29/20 2:00 PM, Vito Caputo wrote:
I don't know about freecusd, but if it uses a fire-and-forget approach
to launching helpers, as in it double-forks, so it doesn't need to
bother with asynchronously reaping zombies, then the second fork
becomes a child of init. That results in the second
I originally posted a variation of the question on the SELinux mailing
list, but the more I look at this the more I realize that it really
isn't a SELinux questions. I'm not really sure that it's a systemd
question either, but it definitely falls into the area of Linux process
management, so I'm
he unit file.
Looks like this is going to be a dontaudit, since my service has no
business looking at the overall system state.
--
========
Ian Pilcher arequip...@gmail.com
"I grew
.
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented frien
his denial would be
appreciated.
Thanks!
--
========
Ian Pilcher arequip...@gmail.com
"I grew
er (even though it does use JavaScript rules). :(
--
========
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented friendship"
_
art/reload).
Are there any variables associated with this action that my rule can
use? If not, is there any way to give a particular user permission to
perform only some actions on only some units?
Thanks!
--
========
I
owly.
Well, that's one way to increase mailing list traffic. ;-)
Thanks!
--
========
Ian Pilcher arequip...@gmail.com
"I grew
$SUBJECT pretty much says it all. It seems to work, but I can't find
any mention of it in the documentation or with my Google searches.
Is it deprecated and going away?
Thanks!
--
Ian Pilcher
.
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented friendship"
___
systemd-dev
oc/sys/net/ipv4/ip_forward'
ExecStart=/usr/sbin/dhcrelay -d -i ovs2.19 192.168.19.1 192.168.19.101
[Install]
WantedBy=multi-user.target
Needless to say, this doesn't exactly feel elegant or efficient. Is
there a better way?
--
=========
the service manager
should deal
IIRC, the Python daemon library does this.
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented frien
?
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented frien
hop limit 0, Flags [managed, other stateful], pref medium,
router lifetime 1800s, reachable time 360ms, retrans time 0ms
--
============
Ian Pilcher arequip...@gmail.com
"I
).
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented frien
ry or package that is required for DHCP v6 to work
(something that might have slipped by an RPM packager)?
Any other ideas?
--
============
Ian Pilcher arequip...@gmail.com
"I grew
...
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented frien
processes are not running, so the
addresses are never renewed. I suspect that systemd may be killing
them, because chrony-wait is a oneshot service.
Can anyone suggest a way to achieve this?
--
Ian Pilcher
On 06/08/2017 11:03 PM, Ian Pilcher wrote:
I am tearing my hair out trying to figure out why I an unable to set the
MTU of an OVS port with a .link file.
Replying to myself for posterity ...
As so often seems to be the case, my difficulties were due to that
recurring issue, "You're
I've also created a drop-in for systemd-networkd that sets
SYSTEMD_LOG_LEVEL=debug.
A full boot log with these settings can be found at:
http://www.penurio.us/journal.txt
Any ideas or debugging techniques very much appreciated.
--
======
I've also created a drop-in for systemd-networkd that sets
SYSTEMD_LOG_LEVEL=debug.
A full boot log with these settings can be found at:
http://www.penurio.us/journal.txt
Any ideas or debugging techniques very much appreciated.
--
======
ple trying to figure out why .link files with this sort of
name don't work.
--
====
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented fr
On 03/21/2017 08:09 AM, Mantas Mikulėnas wrote:
Didn't NSS switch to sqlite for precisely that reason?
Yes they did. Unfortunately, this is a FreeIPA server, which still uses
the legacy Berkeley DB format.
--
Ian
this.)
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented frien
now.
sepolicy generate --init -n squoxy /usr/local/bin/squoxy
Yet another tool that I've never heard of before. So much outdated
info on SELinux out there. :-(
--
====
Ian Pilcher areq
On 03/03/2017 10:45 AM, Simon Sekidde wrote:
Ian do you have a copy of this custom policy somewhere?
https://github.com/ipilcher/squoxy/blob/master/squoxy.te
--
Ian Pilcher arequip
oot? I do so love
non-deterministic computers. :-/
--
============
Ian Pilcher arequip...@gmail.com
"I
On 03/02/2017 12:12 AM, Jason Zaman wrote:
On Wed, Mar 01, 2017 at 05:51:01PM -0600, Ian Pilcher wrote:
On 03/01/2017 05:28 PM, Ian Pilcher wrote:
Per Lennart's response, systemd *should* be honoring the file context
rules when creating the directory. It's almost as if the directory is
being
On 03/01/2017 05:28 PM, Ian Pilcher wrote:
Per Lennart's response, systemd *should* be honoring the file context
rules when creating the directory. It's almost as if the directory is
being created with the proper context, but something is changing it
after the fact. I have absolutely no idea
ter the fact. I have absolutely no idea what that might be, though.
--
========
Ian Pilcher arequip...@gmail.com
"I grew
uoxy
What am I doing wrong?
--
========
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg inve
etcap /sbin/ping" as a fully
standalone example, iirc it uses "cap_foo=eip" for this.)
Yup. cap_net_raw+ep seems to work by itself.
Thanks!
--
========
Ian Pilcher arequip...@g
do I need to do?
Thanks!
--
========
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg inve
Any ideas?
--
========
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg inve
add at least some level of
difficulty for a hypothetical attacker.
Always good to remember this counter-intuitive (IMO) behavior.
--
Ian Pilcher arequip...@gmail.com
"I gr
le contain:
After=network.target sshd-keygen.target network-online.target
Or is this sufficient?
After=network-online.target
Thanks!
--
========
Ian Pilcher arequip...@gmail.com
On 12/17/2016 10:59 AM, Ian Pilcher wrote:
I am trying to write a udev rule that will match a GPIO "chip" (not
a particular GPIO).
The device in question is:
# udevadm info -q all -p
/sys/devices/pci:00/:00:1f.0/gpio_ich.1.auto/gpio/gpiochip195
P: /devices/pci:00/00
; with the
same lack of success.)
What am I doing wrong?
--
============
Ian Pilcher arequip...@gmail.com
&qu
On 04/01/2016 05:04 AM, Lennart Poettering wrote:
On Thu, 24.03.16 09:52, Ian Pilcher (arequip...@gmail.com) wrote:
I have a "disconnected" Open vSwitch on my system named ovs1. By
"disconnected" I mean that it is not connected to any physical
interface, bond, etc.; it e
/virtual/net/ovs1 (net)
ACTION=add
DEVPATH=/devices/virtual/net/ovs1
IFINDEX=88
INTERFACE=ovs1
SEQNUM=4240
SUBSYSTEM=net
--
Ian Pilcher arequip...@gmail.com
"I gr
[Install]
WantedBy=multi-user.target
Can anyone think of a better way?
--
========
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zucke
!
--
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zuckerberg invented frien
lock device?
Thanks!
--
========
Ian Pilcher arequip...@gmail.com
"I grew up before Mark Zucke
Is this going to make nspawn/networkd fundamentally incompatible with
distributions that use iptables-based tools (such as firewalld)?
--
Ian Pilcher arequip...@gmail.com
I
On 05/23/2015 11:03 AM, Ian Pilcher wrote:
Is there a simple way to make a service require that a specific network
interface/IP address be active?
I have a manually set up bridge and dnsmasq configuration for my VM
traffic, but dnsmasq is getting started before NetworkManager has
configured
to the bridge's
IP address.
TIA!
--
Ian Pilcher arequip...@gmail.com
I grew up before Mark Zuckerberg invented friendship
? (The systemd.network(5) doesn't list
it.)
--
Ian Pilcher arequip...@gmail.com
I grew up before Mark Zuckerberg invented friendship
On 04/20/2015 01:06 PM, Lennart Poettering wrote:
On Mon, 20.04.15 13:02, Ian Pilcher (arequip...@gmail.com) wrote:
I would love to be able to set the MTU of a physical interface in a
.network file. Is this possible? (The systemd.network(5) doesn't list
it.)
Yes, this is supported via MTU
On 03/05/2015 09:31 AM, Michał Bartoszkiewicz wrote:
You can use options bonding max_bonds=0 to disable the creation of bond0.
Now there's a poorly documented (and named) module parameter!
--
Ian Pilcher
\
$CMDLINE_OPTS; /usr/sbin/ip link set dev bond0 down; \
/usr/sbin/ifrename -c /dev/null -i bond0 -n FOO /dev/null
(Or an equivalent udev rule)
--
Ian Pilcher arequip
On 01/21/2015 03:11 PM, Tom Gundersen wrote:
On Wed, Jan 21, 2015 at 8:50 PM, Ian Pilcher arequip...@gmail.com wrote:
I found my problem:
[root@localhost ~]# cat /usr/lib/systemd/network/99-default.link
[Link]
NamePolicy=kernel database onboard slot path
MACAddressPolicy=persistent
It looks
/network/98-eth0.link makes it work.
--
Ian Pilcher arequip...@gmail.com
I grew up before Mark Zuckerberg invented friendship
packets 288 bytes 33908 (33.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Any idea what I'm missing?
--
Ian Pilcher arequip...@gmail.com
I grew up
.
--
Ian Pilcher arequip...@gmail.com
Sent from the cloud -- where it's already tomorrow
.
--
Ian Pilcher arequip...@gmail.com
Sometimes there's nothing left to do but crash and burn...or die trying.
___
systemd
.)
--
Ian Pilcher arequip...@gmail.com
Sometimes there's nothing left to do but crash and burn...or die trying
and it still created
ifcfg- files with the systemd-provided names?
--
Ian Pilcher arequip...@gmail.com
Sometimes there's nothing left to do but crash and burn...or die trying
On 01/08/2013 12:27 PM, Lennart Poettering wrote:
On Tue, 08.01.13 12:19, Ian Pilcher (arequip...@gmail.com) wrote:
Will there still be a way to turn this off from the kernel command line?
(I don't see anything on the wiki page.)
biosdevname had this, and we have been thinking of adding
systemd. It's really:
Trusting systemd vs. trusting systemd AND rsync
--
Ian Pilcher arequip...@gmail.com
Sometimes there's nothing left to do but crash and burn...or die trying
--
Ian Pilcher arequip...@gmail.com
Sometimes there's nothing left to do but crash and burn...or die trying
On 01/23/2013 08:59 AM, Reindl Harald wrote:
and why do you not use the User= and Group= options?
ISTR reading that runuser was added because User= and Group= don't
actually log in, which is required by vncserver.
--
Ian
91 matches
Mail list logo