Re: [systemd-devel] DynamicUser in instantiated (and socket-activated) units

user for each instance, and the user is > called "foo-" suffixed with the instance ID. And each UID is > dynamically assigned. Great, it works, thanks! I see, so without a User= line, username is the same as the unit name (before @)... apparently I didn't read systemd.exec manpag

[systemd-devel] DynamicUser in instantiated (and socket-activated) units

onversion program After=network.target [Service] Type=simple DynamicUser=yes StandardInput=socket ExecStart=/etc/systemd/scripts/convert.sh ->8- Thanks in advance, L. -- Leonid Isaev ___ systemd-devel mailing list systemd-devel@lists.freedeskt

Re: [systemd-devel] DynamicUser in instantiated (and socket-activated) units

On Tue, Jan 21, 2020 at 03:53:10PM +, Leonid Isaev wrote: > I am trying to sandbox processes that run via instantiated units and > the DynamicUser feature seems like a nice solution. However, when I start > several such units simultaneously, the dynamic UID, while random, is

Re: [systemd-devel] Systemd-networkd -- Cannot acquire DHCP lease on bridge interface

be availabel on ALARM) where you can explicitly specify a precise order in which links should be managed. Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgpLL9IO0V0UE.pgp Description

Re: [systemd-devel] Systemd-networkd -- Cannot acquire DHCP lease on bridge interface

set up. Hopefully this thread attracts relevant attention because I don't know how to debug this... HTH, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgp88gtVXlpiz.pgp Description: PGP

Re: [systemd-devel] Systemd-networkd -- Cannot acquire DHCP lease on bridge interface

, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgpLbgK59Yo9L.pgp Description: PGP signature ___ systemd-devel mailing list systemd-devel

Re: [systemd-devel] Misleading udev error messages regarding virtual interfaces

Hi, On Fri, Aug 15, 2014 at 06:20:07PM +0200, Lennart Poettering wrote: On Sun, 06.07.14 12:43, Leonid Isaev (lis...@umail.iu.edu) wrote: Hi, Sorry for a delayed reply. On Thu, Jul 03, 2014 at 01:46:53PM +0200, Lennart Poettering wrote: it would be good to know what the precise

Re: [systemd-devel] Missing forked processes in 'systemctl status'

Hi, On Wed, Aug 13, 2014 at 03:29:40PM +0200, Lennart Poettering wrote: On Mon, 11.08.14 13:22, Leonid Isaev (lis...@umail.iu.edu) wrote: Hi, I am seeing an oddity in the CGroup output of systemctl status ran on some units. On the other hand, systemd-cgls shows correct information

Re: [systemd-devel] Missing forked processes in 'systemctl status'

Hi, On Wed, Aug 13, 2014 at 06:40:48PM +0200, Lennart Poettering wrote: On Wed, 13.08.14 12:30, Leonid Isaev (lis...@umail.iu.edu) wrote: What's the Type= of the units? netclt@.service is Type=oneshot: -- $ cat /usr/lib/systemd/system/netctl@.service [Unit] Description

Re: [systemd-devel] Missing forked processes in 'systemctl status'

systemctl? Maybe netctl is used in your initrd, and the reexec for the transition from initrd to the host os is the issue here? No, netctl is not a part of my initramfs image... and neither is systemd for that matter. Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291

[systemd-devel] Missing forked processes in 'systemctl status'

netctl@wan.service | grep forked Aug 11 11:51:05 borei dhcpcd[650]: forked to background, child pid 663 -- This is systemd-215 running on ArchLinux. Any ideas why this is happening? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF

Re: [systemd-devel] systemd-resolved cannot survive router reinstall

, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgppzzTaxoBj3.pgp Description: PGP signature ___ systemd-devel mailing list systemd-devel

Re: [systemd-devel] right way to log to rsyslog/syslog only?

daemons might send their messages syslog even if run in foreground, but not all. A hard way to fix this is to modify service files for daemons you use to run in background and set 'Type=forking'. HTH, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4

Re: [systemd-devel] right way to log to rsyslog/syslog only?

. There is nothing wrong with the journald per se, but it's not a replacement for the classic syslog: journald offers only log storage, while syslog is a log processing tool. This distinction is dim on a desktop, but is very apparent even on a simple server machine. Cheers, -- Leonid Isaev GPG

Re: [systemd-devel] right way to log to rsyslog/syslog only?

Hi, On Thu, Aug 07, 2014 at 06:11:39PM +, Jóhann B. Guðmundsson wrote: On 08/07/2014 04:12 PM, Leonid Isaev wrote: Perhaps understanding why you're allergic to the journal would help in figuring out solutions to the actual underlying problem. There is nothing wrong with the journald per

Re: [systemd-devel] right way to log to rsyslog/syslog only?

% grep dnsmasq /var/log/daemon.log.1 2014-08-02T15:46:05.00-04:00 metal-0 dnsmasq[460]: possible DNS-rebind attack detected: direct.stroyka.ru -- Sorry for a long reply... -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075

Re: [systemd-devel] right way to log to rsyslog/syslog only?

principles) of journald is that it is an all or nothing solution. Unfortunately, this inflexibility makes it only useful as a supplimentary logger... Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B

[systemd-devel] [networkd] intermittent failure to get DHCP lease on a bond interface

ExecStart=/usr/bin/dhcpcd -q -w %I ExecStop=/usr/bin/dhcpcd -x %I [Install] WantedBy=multi-user.target -- I am a bit at a loss of how to debug this further... Any ideas? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0

Re: [systemd-devel] systemd-sysusers and gshadow

after an update? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgpbpZbXN3pTQ.pgp Description: PGP signature ___ systemd-devel mailing

Re: [systemd-devel] Misleading udev error messages regarding virtual interfaces

Hi, On Mon, Jul 07, 2014 at 03:02:47PM +0200, Tom Gundersen wrote: On Sun, Jul 6, 2014 at 6:43 PM, Leonid Isaev lis...@umail.iu.edu wrote: Hi, Sorry for a delayed reply. On Thu, Jul 03, 2014 at 01:46:53PM +0200, Lennart Poettering wrote: it would be good to know what the precise

Re: [systemd-devel] systemd-sysusers and gshadow

On Mon, Jul 07, 2014 at 05:40:42PM +0200, Lennart Poettering wrote: On Mon, 07.07.14 11:08, Leonid Isaev (lis...@umail.iu.edu) wrote: Hi, Thanks for the explanation... On Mon, Jul 07, 2014 at 12:26:03PM +0200, Lennart Poettering wrote: I wasn#t aware of grpck, and quite

Re: [systemd-devel] Misleading udev error messages regarding virtual interfaces

' -- As before, things seem to work i.e. I can still see servers inside containers. The kernel is 3.15.3. Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgpV0OOFAJwHM.pgp

[systemd-devel] Is there a reason to forcefully create /etc/mtab?

at all, especially if /etc is already properly set up? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgpLVP4W5dKM6.pgp Description: PGP signature

[systemd-devel] systemd-networkd fails to get DHCPv4 lease with disabled IPv6

. The reason why IPv6 router discovery fails is because I boot with 'ipv6.disable=1' on the kernel cmdline. So, is there now a hard dependency on IPv6 being enabled? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE

Re: [systemd-devel] Is there a reason to forcefully create /etc/mtab?

On Sun, Jul 06, 2014 at 09:15:28PM +0400, Ivan Shapovalov wrote: On Sunday 06 July 2014 at 13:13:55, Mike Gilbert wrote: On Sun, Jul 6, 2014 at 1:08 PM, Ivan Shapovalov intelfx...@gmail.com wrote: On Sunday 06 July 2014 at 13:01:22, Leonid Isaev wrote: Hi, I have

Re: [systemd-devel] Is there a reason to forcefully create /etc/mtab?

Hi, On Sun, Jul 06, 2014 at 08:13:56PM +0200, Zbigniew Jędrzejewski-Szmek wrote: On Sun, Jul 06, 2014 at 01:44:05PM -0400, Leonid Isaev wrote: So... the solution would be for distro packages to ship mtab as a symlink to ../proc instead of /proc? No, the latter is fine, or even better

Re: [systemd-devel] systemd-networkd fails to get DHCPv4 lease with disabled IPv6

On Sun, Jul 06, 2014 at 08:43:01PM +0200, Tom Gundersen wrote: On Sun, Jul 6, 2014 at 7:17 PM, Leonid Isaev lis...@umail.iu.edu wrote: Hi, With systemd-215 networkd fails to set up the DHCPv4 on WAN interface: -- $ journalctl -u systemd-networkd.service | grep wlp1s0

[systemd-devel] systemd-sysusers and gshadow

touch /etc/.updated? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgpTYZ8wwQ0je.pgp Description: PGP signature ___ systemd-devel mailing

Re: [systemd-devel] Misleading udev error messages regarding virtual interfaces

On Wed, Jul 02, 2014 at 03:15:58PM +0200, Lennart Poettering wrote: On Sun, 29.06.14 17:50, Leonid Isaev (lis...@umail.iu.edu) wrote: Hi, I am seeing the following messages in my syslog on each boot: -- $ grep link config /var/log/errors.log 2014-06-29T09:31:39.000-04:00

Re: [systemd-devel] systemd-fsck-root semantics

unnecessary to fsck an ro file system. How is it becoming inconsistent if it's read only? You still need to remount / rw for administration tasks or updates. Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE

[systemd-devel] Misleading udev error messages regarding virtual interfaces

=false [Address] Address=10.137.0.1/24 -- The interface 'vethXX' is a container part (I guess) of the veth pair. What is the meaning of the above errors, why are they printed, and is there a way to get rid of them? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF

Re: [systemd-devel] How to quiet cron sessions logging with systemd-212?

want log processing (multiple log directories, advanced filtering, etc.), use syslog-ng or rsyslog. For example, one can setup a special logfile for systemd-related messages with a given syslog facility (authpriv, daemon, etc.). HTH, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF

Re: [systemd-devel] [PATCH] Add a network-pre.target to avoid firewall leaks

, if you bring up a network interface during early boot, e.g. using the kernel parameter ip= or an initramfs. In that case, it's your own responsibility to bring it down before systemd takes over. If you care about leaks. Cool. I see your point now. Thanks, Leonid. -- Leonid Isaev GPG

Re: [systemd-devel] How to quiet cron sessions logging with systemd-212?

(X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 Am 09.06.2014 17:28, schrieb Leonid Isaev: On Mon, Jun 09, 2014 at 10:48:31AM +0300, Leho Kraav wrote: Date: Mon, 09 Jun 2014 10:48:31 +0300 From: Leho Kraav l...@kraav.com To: Reindl Harald h.rei...@thelounge.net

Re: [systemd-devel] How to quiet cron sessions logging with systemd-212?

on virtualization clusters and blow up the systemd-journal If resources are an issue, don't use the journal. In my experience, it consumes ~4x space compared to syslog (on a firewall machine, after 2 months uptime)... -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4

Re: [systemd-devel] [PATCH] Add a network-pre.target to avoid firewall leaks

Hi, On Sun, Jun 08, 2014 at 12:33:44PM +, Rusty Bird wrote: Date: Sun, 08 Jun 2014 12:33:44 + From: Rusty Bird rustyb...@openmailbox.org To: systemd-devel@lists.freedesktop.org Subject: Re: [systemd-devel] [PATCH] Add a network-pre.target to avoid firewall leaks Leonid Isaev

Re: [systemd-devel] [PATCH] Add a network-pre.target to avoid firewall leaks

on the timing, a window in which the network has been set up, but the firewall is not yet in place. But by the time network.target is reached there are no listening services yet, are there? So, why would one need a firewall? Thanks, Leonid. -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6

Re: [systemd-devel] Disable IPv6?

-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D pgpth3iLounnB.pgp

Re: [systemd-devel] Systemd-networkd, default route and multiple interfaces

(mostly cisco APs). Also, when comparing wlan and eth link speeds, does one take into account the different overheads due to frames, encryption, etc., or just compare bare speeds? Cheers, Leonid. -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4

Re: [systemd-devel] Archlinux setup WLAN-Problems

On Sat, 31 May 2014 17:27:11 +0200 Lucas Thieme l...@thiemeonline.de wrote: configurated correct in/etc/rc.conf, and I thought, systemd replaced it. Yes, more than a year ago... Anyway, this is a wrong mailing list for your question. Go to bbs.archlinux.org and ask on the forums. -- Leonid

Re: [systemd-devel] How do I disable rfkill1 service? I only have slot 0 and 2

at all: it works OK in simple cases, but is meaningless and breaks things on tricky hardware. -- Кирилл Елагин Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc

Re: [systemd-devel] How do I disable rfkill1 service? I only have slot 0 and 2

systemd-rfkill@rfkill1`, but there's no output after that and it wasn't disabled at all Any ideas? Yes: systemctl mask systemd-rfkill@rfkill1.service. Or better yet, append systemd.restore_state=0 to your kernel cmdline. Cheers, L. -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF

Re: [systemd-devel] Delaying (SSH) key generation until the urandom pool is initialized

CDT -- ssh-keygen exits Cheers, L. -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature ___ systemd-devel

Re: [systemd-devel] Persistent timers delay Type=idle units

will show nothing by the time I login, because it takes about 30 sec for me to enter login credentials... Use systemctl enable debug-shell... OK will do. I didn't know about the debug shell. Thanks, L. -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4

Re: [systemd-devel] Persistent timers delay Type=idle units

is supposedly delayed?) I'll have to test this, but I'll speculate that list-jobs will show nothing by the time I login, because it takes about 30 sec for me to enter login credentials... Thanks, L. -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4

Re: [systemd-devel] LXC not working with systemd 209 or later

testcontainer Same problem. Same as above, no problem. Cheers, -- Leonid Isaev GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature ___ systemd-devel mailing list systemd-devel

Re: [systemd-devel] Masking .network files

Hi, On Sat, 5 Apr 2014 11:26:17 +0200 Tom Gundersen t...@jklm.no wrote: On Sat, Apr 5, 2014 at 12:43 AM, Leonid Isaev lis...@umail.iu.edu wrote: I seem to have a strange issue with the way networkd processes its configuration files. The machine is actually a systemd-nspawn container

Re: [systemd-devel] Masking .network files

. -- Leonid Isaev GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] LXC not working with systemd 209 or later

? Can you post your container creation scripts, so that I try to reproduce your issue over the weekend? Also, what's the answer to Tom's question? Cheers, -- Leonid Isaev GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature

[systemd-devel] Masking .network files

sd_event_source_set_enabled(). Ignoring. - I understand that the 1st matching configuration is applied but why does it concern overriden files? Also, why does a symlink to /dev/null match all interfaces (even loopback)? Thanks, -- Leonid Isaev GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D

Re: [systemd-devel] LXC not working with systemd 209 or later

[appuser@appserver1 ~]$ journalctl PRIORITY=4 -- Logs begin at Thu 2014-04-03 10:24:09 EDT, end at Thu 2014-04-03 11:27:50 EDT Cheers, -- Leonid Isaev GnuPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature

Re: [systemd-devel] LXC not working with systemd 209 or later

On Thu, 03 Apr 2014 18:53:48 +0100 John Lane syst...@jelmail.com wrote: On 03/04/14 16:40, Leonid Isaev wrote: Hi, On Thu, 03 Apr 2014 11:25:27 +0100 John Lane syst...@jelmail.com wrote: Hello, I have a number of LXC containers that have been working with systemd for some time. I

Re: [systemd-devel] [PATCH] run systemd-tmpfiles-clean only when we have AC power

and Upower has created _lots_ of confusion. I also don't think couple stats() and rm's have any measurable impact on battery. Stock tmpfiles.d clean routine applies only to tmpfs (by default) filesystems. On a battery-powered system, they are most likely clean due to small uptime. -- Leonid Isaev

Re: [systemd-devel] Mount options for $XDG_RUNTIME_DIR

code. The linker is your ELF interpreter. Sorry if this is off-topic, but how do you that? With /lib/ld-2.19.so /path/to/executable? Thanks, -- Leonid Isaev GPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D signature.asc Description: PGP signature

Re: [systemd-devel] Mount options for $XDG_RUNTIME_DIR

[Sorry, forgot to CC the mailing list] Hi Lennart, On Tue, 18 Mar 2014 02:33:50 +0100 Lennart Poettering lenn...@poettering.net wrote: On Mon, 17.03.14 19:04, Leonid Isaev (lis...@umail.iu.edu) wrote: Hi, Currently, XDG_RUNTIME_DIR=/run/user/UID is mounted with rather permissive

[systemd-devel] Mount options for $XDG_RUNTIME_DIR

to constrain users, e.g. by mounting /home as noexec (I have seen this done in some environments). Is there a need to allow execution from $XDG_RUNTIME_DIR? And how should one configure its mount options? Thanks, -- Leonid Isaev GPG key fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB