Re: [systemd-devel] Using systemd to as a FD Store to provide service while package upgrade

[Pathangi Janardhanan]

Hi Lennart,

 Thanks.

 Yes, shutdown does take care of removing the fds from the systemd context.

 The solution seems fine and it is working good. Thanks for the help.

Thanks
Jana



On Tue, Jan 12, 2016 at 12:24 PM, Lennart Poettering  wrote:

> On Wed, 06.01.16 13:05, Pathangi Janardhanan (path.j...@gmail.com) wrote:
>
> > Currently in my package scripts I am doing a service stop and start.
> > But when I need to do an upgrade, if I do a service stop, systemd clears
> > all the fds. So would that mean that my package scripts would have to:
> >
> >  a. In case of upgrade, do not call stop, but ensure that the fds are
> > saved, and then after the upgrade, ensure that we call a service restart?
> > Is it safe to remove/change the service files while it is executing?
>
> Well, my recommendation would be to push the fds to systemd as soon as
> you received them, so that systemd always has them. Then, a simple
> "systemctl restart" is sufficient to restart the daemon while the fds
> stay open.
>
> By pushing the fds to PID 1 right-away when you acquire them you get a
> certain level of stability regarding crashes: you can crash any time,
> and systemd will allow you to continue if your daemon is restarted
> after the crash right where you left off...
>
> An alternative to pushing the fds to PID 1 right-away is to do so when
> your daemon shuts down. Note that it doesn't really matter if your
> daemon is restarted or shut down in this case, all fds you pass to
> systemd will be closed by systemd should your service just be stopped
> and not actually restarted...
>
> >  b. In case the service package is being removed, do a normal stop in the
> > scripts
> >
> >Is this approach o.k., or are there other recommendations?
>
> This should be fully sufficient.
>
> >
> > 2. I had also indicated in the other thread, that systemd does not seem
> to
> > clear the fds, even if the fds are actually closed. So to repeat, the
> > sequence is
>
> See other thread, shutdown() is your friend.
>
> > 3. Is Systemd intended for this type of fd store for upgrade handling,
> and
> > if others have any other approaches or limitations with this approach,
> that
> > would be welcome?
>
> Yes, we added it explicitly for purposes like this. journald has been
> made restartable using this logic. It needs to deal with many incoming
> client connections, and get them passed back should it die
> or get restarted. In journald we send the connection fds to PID 1
> right after we got them via accept().
>
> Lennart
>
> --
> Lennart Poettering, Red Hat
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] user unit blocking login shell from popping out because wanted by default target?

[Lennart Poettering]

On Sun, 10.01.16 17:15, Mantas Mikulėnas (graw...@gmail.com) wrote:

> I remember this discussed before, I think one suggestion was to split into
> two targets, and only hold the login until the first target. Nobody
> implemented it though.

Yes, that is indeed the plan, user@.service should only wait until
the user instance's basic.target has been reached. Happy to take a
patch for that.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] user unit blocking login shell from popping out because wanted by default target?

[Lennart Poettering]

On Sun, 10.01.16 22:25, Tom Yan (tom.t...@gmail.com) wrote:

> So I am recently experiencing some issue with pulseaudio (which I
> already filed a bug report:
> https://bugs.freedesktop.org/show_bug.cgi?id=93651) that it takes a
> long time to start.
> 
> The thing is, I am thinking whether it exposed a problem of systemd as
> well. For example:
> 
> Jan 10 21:31:33 localhost systemd[257]: Starting Sound Service...
> Jan 10 21:31:33 localhost systemd[257]: Started D-Bus User Message Bus.
> Jan 10 21:31:39 localhost systemd[257]: Started Sound Service.
> Jan 10 21:31:39 localhost systemd[257]: Reached target Default.
> Jan 10 21:31:39 localhost systemd[257]: Startup finished in 5.830s.
> 
> As you can see, because of pulseaudio, it takes about 6 seconds to
> reach the default target.
> 
> The reason I realise that pulseaudio is having this issue, is because
> I can actually "experience" the 6 seconds after I entered my password
> in the tty, if I have pulseaudio.service enabled. The login shell only
> pops up after the default target has been reached.

Why would it wait for that?

Also, PA taking 6s to start is quite something...

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multicast signaling with sd-bus questions

[Lennart Poettering]

On Tue, 12.01.16 20:25, Gorman, Brian (Vancouver) (bgor...@hp.com) wrote:

> Hi Lennart, Do you have any suggestions on where to look to see a
> good example of how to have a process emit a signal to a different
> DBus listening process using sd-bus? If matching against ":1.x" is
> not advised I am assuming I should request a name? My initial
> attempt is:

You can either emit directed or undirected signals (the latter is a
"broadcast"). If you want to send directed signals, then yes, it's
probably a good idea to make the target acquire a well-known name
first. But note that to acquire a well-known on the system bus name
you need the perms for it, and configure that via dbus XML
policy. (the user bus comes without restrictions, no need to
write any policy there). 

A simple way to issue signals is via sd_bus_emit_signal().

To acquire a name, use sd_bus_request_name().

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Failed to start Container: minus sign is replaced to slash in container name

[Lennart Poettering]

On Tue, 12.01.16 21:23, Stefan Schweter (ste...@schweter.it) wrote:

> Dear systemd-users,
> 
> e.g. when a container name includes a minus sign like:
> 
> ls -l /var/lib/machines
> insgesamt 4
> drwxr-xr-x 22 root root 4096 12. Jan 21:14 host.cis.uni-muenchen.de
> 
> Enabling the systemd-nspawn service with:
> 
> systemctl enable systemd-nsp...@host.cis.uni-muenchen.de
> Created symlink from
> /etc/systemd/system/machines.target.wants/systemd-nsp...@host.cis.uni-muenchen.de.service
> to /usr/lib/systemd/system/systemd-nspawn@.service.

Yeah, the way systemd encodes slashes in unit names is by converting
them to dots. Thus when you actually want a dash you need to escape
it. The tool systemd-escape can help you with getting this right from
shell scripts. See the last example in the systemd-escape(1) man page
For details.

But, given that this is a bit nasty to use, you can alternatively just
use "machinectl start ..." and "machinectl enable ..." which will do
the escaping for you, prefix the systemd-nspawn@ thing and the suffix
the .service thing, and is otherwise equvialent to systemctl start and
systemctl enable.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multicast signaling with sd-bus questions

[Gorman, Brian (Vancouver)]

Hi Lennart, Do you have any suggestions on where to look to see a good example 
of how to have a process emit a signal to a different DBus listening process 
using sd-bus? If matching against ":1.x" is not advised I am assuming I should 
request a name? My initial attempt is:

/* Sender */
r = sd_bus_add_match(
bus,
slot,
"type='signal',"
"sender=Test.Blaster,"
"interface='Japan.Reset',"
"member='Test',"
"path='/Japan'",
my_signal_callback,
my_user_data);

fd = sd_bus_get_fd(bus);
if (fd < 0)
assert(0);
FD_ZERO(&rd_fdset);
FD_SET(fd, &rd_fdset);
for (;;) {
printf("enter select\n");
select(fd +1, &rd_fdset, NULL, NULL,NULL);

/* End sender excerpt */

/* Transmitter code: */
r = sd_bus_open_system(&bus);
if (r < 0) {
fprintf(stderr, "Failed to connect to bus: %s\n", strerror(-r));
goto finish;
}

r = sd_bus_request_name(bus, "Test.Blaster", 0);

if (r < 0) {
fprintf(stderr, "Failed to get service name\n");
goto finish;
}

sd_bus_emit_signal(bus,
   "/Japan",
   "/Japan.Reset.Test",
   "Testing",
   "Testing2");

/* End Transmitter excerpt */

It seems like the main problem here from looking at busctl is that no signal is 
getting emitted towards "Japan". Perhaps this is a problem with my 
/etc/dbus-1/system.d/*.conf file for my sender program?

Thanks and regards,
Brian

-Original Message-
From: Lennart Poettering [mailto:lenn...@poettering.net] 
Sent: Tuesday, January 12, 2016 12:17 PM
To: Gorman, Brian (Vancouver)
Cc: Mantas Mikulėnas; systemd-devel@lists.freedesktop.org
Subject: Re: [systemd-devel] Multicast signaling with sd-bus questions

On Tue, 12.01.16 20:13, Gorman, Brian (Vancouver) (bgor...@hp.com) wrote:

> Hi Mantas
> 
> >>You really seem to be intent on using select() rather than an existing 
> >>event loop or, at least, standard poll(); curious why.
> 
> There is existing code blocking on select, so it seems like the easiest way 
> to crowbar DBus into my code.
> 
> >>Also, the 'sender' field is always a bus name (not sure but I think it's 
> >>always the unique ":1.x" name), so "sender='testsignal'," would never match 
> >>dbus-send (or anything at all).
> 
> Is there a way to “match” against “:1.x” with sd-bus i.e. instead of 
> “testsignal”? Is it advised to match against this, or should I have 
> the emitting program request a name?

Hmm? ":1.x" are so called "unique names, they are assigned automatically, and 
each peer on the bus has exactly one of these.

Since they are assigned automatically and effectively non-predictable it only 
makes to match against them if the peer in question first contacted you to let 
you know the unique name it has.

Lennart

--
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Failed to start Container: minus sign is replaced to slash in container name

[Stefan Schweter]

Dear systemd-users,

e.g. when a container name includes a minus sign like:

ls -l /var/lib/machines
insgesamt 4
drwxr-xr-x 22 root root 4096 12. Jan 21:14 host.cis.uni-muenchen.de

Enabling the systemd-nspawn service with:

systemctl enable systemd-nsp...@host.cis.uni-muenchen.de
Created symlink from
/etc/systemd/system/machines.target.wants/systemd-nsp...@host.cis.uni-muenchen.de.service
to /usr/lib/systemd/system/systemd-nspawn@.service.

works fine, but when starting the service with:

systemctl start systemd-nsp...@host.cis.uni-muenchen.de
Job for systemd-nsp...@host.cis.uni-muenchen.de.service failed because
the control process exited with error code. See "systemctl status
systemd-nsp...@host.cis.uni-muenchen.de.service" and "journalctl -xe"
for details.

an error occurs - the status -l command:

Jan 12 21:15:22 arch-64-platon systemd[1]: Starting Container
host.cis.uni/muenchen.de...
Jan 12 21:15:22 arch-64-platon systemd-nspawn[1086]: Invalid machine
name: host.cis.uni/muenchen.de
Jan 12 21:15:22 arch-64-platon systemd[1]:
systemd-nsp...@host.cis.uni-muenchen.de.service: Main process exited,
code=exited, status=1/FAILURE
Jan 12 21:15:22 arch-64-platon systemd[1]: Failed to start Container
host.cis.uni/muenchen.de.

Why is the machine name invalid and the minus sign replaced with a slash?

/usr/bin/systemd-nspawn --quiet --boot --link-journal=try-guest
--network-veth --settings=override --machine=host.cis.uni-muenchen.de

starts my machine without any problems.

Thanks many in advance + regards,

Stefan

Btw: I'm using version 228 from the Arch Linux repository, my locale is
set to de_DE.UTF-8.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Using systemd to as a FD Store to provide service while package upgrade

[Lennart Poettering]

On Wed, 06.01.16 13:05, Pathangi Janardhanan (path.j...@gmail.com) wrote:

> Currently in my package scripts I am doing a service stop and start.
> But when I need to do an upgrade, if I do a service stop, systemd clears
> all the fds. So would that mean that my package scripts would have to:
> 
>  a. In case of upgrade, do not call stop, but ensure that the fds are
> saved, and then after the upgrade, ensure that we call a service restart?
> Is it safe to remove/change the service files while it is executing?

Well, my recommendation would be to push the fds to systemd as soon as
you received them, so that systemd always has them. Then, a simple
"systemctl restart" is sufficient to restart the daemon while the fds
stay open.

By pushing the fds to PID 1 right-away when you acquire them you get a
certain level of stability regarding crashes: you can crash any time,
and systemd will allow you to continue if your daemon is restarted
after the crash right where you left off...

An alternative to pushing the fds to PID 1 right-away is to do so when
your daemon shuts down. Note that it doesn't really matter if your
daemon is restarted or shut down in this case, all fds you pass to
systemd will be closed by systemd should your service just be stopped
and not actually restarted...

>  b. In case the service package is being removed, do a normal stop in the
> scripts
> 
>Is this approach o.k., or are there other recommendations?

This should be fully sufficient.

> 
> 2. I had also indicated in the other thread, that systemd does not seem to
> clear the fds, even if the fds are actually closed. So to repeat, the
> sequence is

See other thread, shutdown() is your friend.

> 3. Is Systemd intended for this type of fd store for upgrade handling, and
> if others have any other approaches or limitations with this approach, that
> would be welcome?

Yes, we added it explicitly for purposes like this. journald has been
made restartable using this logic. It needs to deal with many incoming
client connections, and get them passed back should it die
or get restarted. In journald we send the connection fds to PID 1
right after we got them via accept().

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multicast signaling with sd-bus questions

[Lennart Poettering]

On Tue, 12.01.16 20:13, Gorman, Brian (Vancouver) (bgor...@hp.com) wrote:

> Hi Mantas
> 
> >>You really seem to be intent on using select() rather than an existing 
> >>event loop or, at least, standard poll(); curious why.
> 
> There is existing code blocking on select, so it seems like the easiest way 
> to crowbar DBus into my code.
> 
> >>Also, the 'sender' field is always a bus name (not sure but I think it's 
> >>always the unique ":1.x" name), so "sender='testsignal'," would never match 
> >>dbus-send (or anything at all).
> 
> Is there a way to “match” against “:1.x” with sd-bus i.e. instead of
> “testsignal”? Is it advised to match against this, or should I have
> the emitting program request a name?

Hmm? ":1.x" are so called "unique names, they are assigned
automatically, and each peer on the bus has exactly one of these.

Since they are assigned automatically and effectively non-predictable
it only makes to match against them if the peer in question first
contacted you to let you know the unique name it has.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multicast signaling with sd-bus questions

[Gorman, Brian (Vancouver)]

Hi Mantas

>>You really seem to be intent on using select() rather than an existing event 
>>loop or, at least, standard poll(); curious why.

There is existing code blocking on select, so it seems like the easiest way to 
crowbar DBus into my code.

>>Also, the 'sender' field is always a bus name (not sure but I think it's 
>>always the unique ":1.x" name), so "sender='testsignal'," would never match 
>>dbus-send (or anything at all).

Is there a way to “match” against “:1.x” with sd-bus i.e. instead of 
“testsignal”? Is it advised to match against this, or should I have the 
emitting program request a name?

Thanks,

Brian


From: Mantas Mikulėnas [mailto:graw...@gmail.com]
Sent: Thursday, January 7, 2016 10:36 PM
To: Gorman, Brian (Vancouver)
Cc: systemd-devel@lists.freedesktop.org
Subject: Re: [systemd-devel] Multicast signaling with sd-bus questions

On Fri, Jan 8, 2016 at 2:37 AM, Gorman, Brian (Vancouver) 
mailto:bgor...@hp.com>> wrote:
Hi all, I am in the process of considering using sd-bus to coordinate a 
system-wide multicast messaging system between daemons. At this time I only 
have resources to look into using libsystemd without system running. It seems 
the sd-bus documentation is very sparse compared to sd-event – does this mean 
sd-bus is more immature?

My initial goal is to be able to select() on dbus-signals. Unfortunately my 
dbus experience is quite minimal, and I am not sure what this will take. Here 
is my initial attempt adapted from Lennarts tutorial – I have no idea if this 
is the right approach I was hoping if this list could perhaps provide some 
guidance as I suspect I am doing a few things wrong.

int main(int argc, char *argv[]) {
sd_bus_slot *slot = NULL;
sd_bus *bus = NULL;
int r;
int fd;
fd_set rd_fdset;
int my_user_data;

/* Connect to the system bus this time */
r = sd_bus_open_system(&bus);
if (r < 0) {
fprintf(stderr, "Failed to connect to bus: %s\n", strerror(-r));
goto finish;
}
r = sd_bus_request_name(bus, "Test.Me", 0);
if (r < 0) {
fprintf(stderr, "Failed to acquire service name: %s\n", 
strerror(-r));
goto finish;
}

r = sd_bus_add_match(
bus,
slot,
"type='signal',"
"sender='testsignal',"
"interface='Japan.Reset',"
"member='Test',"
"path='/Japan'",
my_signal_callback,
my_user_data);

fd = sd_bus_get_fd(bus);
if (fd < 0)
assert(0);
FD_ZERO(&rd_fdset);
FD_SET(fd, &rd_fdset);
for (;;) {
select(fd +1, &rd_fdset, NULL, NULL,NULL);
r = sd_bus_process(bus, NULL);
if (r < 0) {
fprintf(stderr, "Failed to process bus: %s\n", 
strerror(-r));
goto finish;
}
}

You really seem to be intent on using select() rather than an existing event 
loop or, at least, standard poll(); curious why.

From here I was hoping to run something like “dbus-send –system –dest=Test.Me 
–print-reply /Japan Japan.Reset.Test string:”Hello””

You're sending a method call here, not a signal. (And signals wouldn't have a 
reply to --print; that's the main difference from methods.) Try `dbus-send 
--type=signal` or `gdbus emit`.

Also, the 'sender' field is always a bus name (not sure but I think it's always 
the unique ":1.x" name), so "sender='testsignal'," would never match dbus-send 
(or anything at all).

It currently get errors about DBUs complaining that Test.Me was not provided in 
any .service files when executing the above command.

It says that because there's no connection who has claimed the "Test.Me" bus 
name, so dbus-daemon is trying to auto-start the apropriate daemon. On the 
system bus, AFAIK, the default policy only allows whitelisted names to be 
claimed, and usually only by root.

See the various dbus-daemon config drop-ins at /etc/dbus-1/system.d/, for 
example. (Many of them also try to whitelist the available method calls at 
dbus-daemon level, although that's not required – some services check 
credentials manually or use polkit.)

For development & debugging, you could use the session bus, which has no such 
restrictions.

(That said, I'm not sure why sd_bus_request_name would have succeeded in that 
case?)

--
Mantas Mikulėnas mailto:graw...@gmail.com>>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] how to get sd_notify state/variables from dbus?

[Lennart Poettering]

On Tue, 12.01.16 17:55, Rick Richardson (rick.richard...@gmail.com) wrote:

> Etcd can certainly store config variables. We have our own versioned
> configuration database. However, I was hoping to use systemd as the
> canonical source for binding which versions of which configs a process
> launched with, since the information world be atomically associated with a
> service's ready notification.
> 
> Looking at the source, I was disappointed to learn that any variables that
> are not the "known" variables are dropped on the floor. The sd_notify man
> page should probably be updated accordingly.

I am fully open to extend the semantics of sd_notify(), but for that I
need to grok what you are actually trying to do.

How does the data look like that you want to push into systemd? If it
has clear generic semantics, we could add native support for it. So,
how precisely does the data look like?

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] On calendar timer

[Lennart Poettering]

On Tue, 12.01.16 19:13, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

> > To express what you want to express I'd just list all days of the
> > first week.
> >
> > Sun 1,3,5,7,9-1,2,3,4,5,6,7 02:00
> 
> Very good. If I follow you correctly, the service will be triggered on
> month 1,3,5,7,9, 11 (in fact, every two months. I do not care which
> one indeed),  on the first Sunday of these months at 2:00 AM. That is
> exactly what I want.
> As a side note, I will need to trigger like 8 services at this moment
> (in fact, it is a letsencrypt ssl web certificate auto renewal for all
> my subdomains). It seems there is no After= for timer, so best would
> be to set, say 2:00, 2:05, 2:10 etc (the ssl renewal just need less
> than one minute). Or simpler, let 2:00 for all of them ?

YOu can use After= between the service units you trigger, if you like.

But if it's not a problem that all your services run in parallel, by
all means run them in parallel, and specify the same time of 2:00...

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] How to suppress coredumps when systemd-coredump is in use?

[Lennart Poettering]

On Tue, 12.01.16 18:08, Simon McVittie (simon.mcvit...@collabora.co.uk) wrote:

> On 12/01/16 17:51, Lennart Poettering wrote:
> > On Fri, 08.01.16 17:31, Robert O'Callahan (rob...@ocallahan.org) wrote:
> >> Maybe systemd could query the
> >> dumping process's RLIMIT_CORE with prlimit() and throw the coredump away if
> >> the limit is 0.
> > 
> > Yes, we really should check RLIMIT_CORE of the dumped process, and
> > honour it. Happy to take a patch for that!
> 
> Please see the thread around https://lkml.org/lkml/2011/8/25/124
> (explaining the reason why the kernel still dumps cores to pipes when
> the limit is 0) before doing so. Neil Horman writes:
> 
> The case (ispipe==true && cprm.lmit==0) has to result in us dumping
> a core. I use to be convinced otherwise, but several user space
> developers changed my mind, particularly the guys writing the abrt
> daemon.  The reason being, the default process limit for
> RLIMIT_CORE is zero.  If you're writing a daemon like abrt that
> wants to catch program crashes, even during boot, there are tons of
> hoops you have to jump through to get core pipes enabled properly
> if you need to change RLIMIT_CORE.  Specifically you have to modify
> all existing processes RLIMIT_CORE values to be non-zero (a racy
> proposition) as well as modify the init processes RLIMIT_CORE value
> (so that it gets inherited by future processes).  Thats a pretty
> rickety thing to set up, and they really didn't want to have that
> much fiddling to do to get it all working, and I don't blame them.
> 
> If systemd's pid 1 has a way to set RLIMIT_CORE globally (including for
> itself), then perhaps that argument doesn't hold on system systems, but
> it's something to think about before making this change.

Yes, we have a setting already for this, and I think it would make a
ton of sense to just bump this to a higher default by default at the
same time as we add the prlimit() stuff. After all a higher default
RLIMIT_CORE that is honoured is certainly in all ways more useful than
an RLIMIT_CORE that is always ignored and without effect.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] On calendar timer

[arnaud gaboury]

On Tue, Jan 12, 2016 at 6:46 PM, Lennart Poettering
 wrote:
> On Wed, 06.01.16 17:17, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:
>
>> I am not sure about how to express date/time in a timer unit.
>>
>> I want the timer to be start every year(*), on month 1,3,5,7,9,11,
>> first day of month at 02:00:00 AM. Here is what I wrote:
>>
>> [Timer]
>> OnCalendar=*-1,3,5,7,9,11-01 02:00:00
>>
>> Is this correct ?
>>
>> Now if I want instead not the first day of the cited months, but the
>> first Sunday:
>>
>> OnCalendar=Sun, *-1,3,5,7,9,11-01 02:00:00
>>
>> Or the above will only trigger the service IF first day of the cited
>> month is a Sunday?
>
> The latter. Basically, for each element in the expression one item of the
> specified list must hold for the event to trigger.
>
> To express what you want to express I'd just list all days of the
> first week.
>
> Sun 1,3,5,7,9-1,2,3,4,5,6,7 02:00

Very good. If I follow you correctly, the service will be triggered on
month 1,3,5,7,9, 11 (in fact, every two months. I do not care which
one indeed),  on the first Sunday of these months at 2:00 AM. That is
exactly what I want.
As a side note, I will need to trigger like 8 services at this moment
(in fact, it is a letsencrypt ssl web certificate auto renewal for all
my subdomains). It seems there is no After= for timer, so best would
be to set, say 2:00, 2:05, 2:10 etc (the ssl renewal just need less
than one minute). Or simpler, let 2:00 for all of them ?


>
> Which means: on every sunday, that is one of the first 7 days of the
> months 1, 3, 5, 7 or 9, at 2am.
>
> Of course, we should probably introduce a ".." syntax so that
> 1,2,3,4,5,6,7 could be written as "1..7". Happy to take a patch for
> that.
>
> Hope this is useful.
>
> Lennart
>
> --
> Lennart Poettering, Red Hat



-- 

google.com/+arnaudgabourygabx
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] How to suppress coredumps when systemd-coredump is in use?

[Simon McVittie]

On 12/01/16 17:51, Lennart Poettering wrote:
> On Fri, 08.01.16 17:31, Robert O'Callahan (rob...@ocallahan.org) wrote:
>> Maybe systemd could query the
>> dumping process's RLIMIT_CORE with prlimit() and throw the coredump away if
>> the limit is 0.
> 
> Yes, we really should check RLIMIT_CORE of the dumped process, and
> honour it. Happy to take a patch for that!

Please see the thread around https://lkml.org/lkml/2011/8/25/124
(explaining the reason why the kernel still dumps cores to pipes when
the limit is 0) before doing so. Neil Horman writes:

The case (ispipe==true && cprm.lmit==0) has to result in us dumping
a core. I use to be convinced otherwise, but several user space
developers changed my mind, particularly the guys writing the abrt
daemon.  The reason being, the default process limit for
RLIMIT_CORE is zero.  If you're writing a daemon like abrt that
wants to catch program crashes, even during boot, there are tons of
hoops you have to jump through to get core pipes enabled properly
if you need to change RLIMIT_CORE.  Specifically you have to modify
all existing processes RLIMIT_CORE values to be non-zero (a racy
proposition) as well as modify the init processes RLIMIT_CORE value
(so that it gets inherited by future processes).  Thats a pretty
rickety thing to set up, and they really didn't want to have that
much fiddling to do to get it all working, and I don't blame them.

If systemd's pid 1 has a way to set RLIMIT_CORE globally (including for
itself), then perhaps that argument doesn't hold on system systems, but
it's something to think about before making this change.

-- 
Simon McVittie
Collabora Ltd. 

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] how to get sd_notify state/variables from dbus?

[Rick Richardson]

Etcd can certainly store config variables. We have our own versioned
configuration database. However, I was hoping to use systemd as the
canonical source for binding which versions of which configs a process
launched with, since the information world be atomically associated with a
service's ready notification.

Looking at the source, I was disappointed to learn that any variables that
are not the "known" variables are dropped on the floor. The sd_notify man
page should probably be updated accordingly.



On Tue, Jan 12, 2016, 12:38 PM Mantas Mikulėnas  wrote:

> On Tue, Jan 12, 2016 at 7:25 PM, Lennart Poettering <
> lenn...@poettering.net> wrote:
>
>> On Fri, 08.01.16 18:09, Rick Richardson (rick.richard...@gmail.com)
>> wrote:
>>
>> > I have a fleet of applications that need to pass some critical variables
>> > back to systemd so that our services monitor can collect them.  My hope
>> is
>> > that this can be done via sd_notify as it is very much a
>> config-management
>> > and process monitoring related task.
>> >
>> > Currently my monitor subscribes to PropertiesChanged in dbus, and gets
>> the
>> > active/running notification upon an sd_notify from the service, I can
>> see
>> > the StatusText variable set via the STATUS=... but I can't seem to
>> figure
>> > out where the rest of the notify state is stored.
>>
>> It currently is not.
>>
>> We could expose this data I figure, but I am not entirely sure how
>> that could even look like, as for unknown sd_notify() fields it's not
>> clear whether they are supposed to extend or replace any unrelated
>> previously set settings... i.e. if you first send X_FOO=1 and then
>> X_BAR=1 and then query the data, would you get "X_FOO=1 X_BAR=1" back,
>> or just "X_BAR=1"? The former would mean we'd might get into trouble
>> if people keep inventing new fields. The latter would mean it's
>> useless if people assume additive operation of the the data...
>>
>
> Isn't this basically something that etcd was meant to do?
>
> --
> Mantas Mikulėnas 
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] how to get sd_notify state/variables from dbus?

[Lennart Poettering]

On Tue, 12.01.16 19:38, Mantas Mikulėnas (graw...@gmail.com) wrote:

> On Tue, Jan 12, 2016 at 7:25 PM, Lennart Poettering 
> wrote:
> 
> > On Fri, 08.01.16 18:09, Rick Richardson (rick.richard...@gmail.com) wrote:
> >
> > > I have a fleet of applications that need to pass some critical variables
> > > back to systemd so that our services monitor can collect them.  My hope
> > is
> > > that this can be done via sd_notify as it is very much a
> > config-management
> > > and process monitoring related task.
> > >
> > > Currently my monitor subscribes to PropertiesChanged in dbus, and gets
> > the
> > > active/running notification upon an sd_notify from the service, I can see
> > > the StatusText variable set via the STATUS=... but I can't seem to figure
> > > out where the rest of the notify state is stored.
> >
> > It currently is not.
> >
> > We could expose this data I figure, but I am not entirely sure how
> > that could even look like, as for unknown sd_notify() fields it's not
> > clear whether they are supposed to extend or replace any unrelated
> > previously set settings... i.e. if you first send X_FOO=1 and then
> > X_BAR=1 and then query the data, would you get "X_FOO=1 X_BAR=1" back,
> > or just "X_BAR=1"? The former would mean we'd might get into trouble
> > if people keep inventing new fields. The latter would mean it's
> > useless if people assume additive operation of the the data...
> >
> 
> Isn't this basically something that etcd was meant to do?

Not seeing how a distributed key store could be related to daemon
status notifications?

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] How to suppress coredumps when systemd-coredump is in use?

[Lennart Poettering]

On Fri, 08.01.16 17:31, Robert O'Callahan (rob...@ocallahan.org) wrote:

> http://rr-project.org has a test suite which runs a lot of programs that
> intentionally crash with core-dumping signals. I added "ulimit -c 0" to the
> test suite to suppress those core dumps, but I discovered that doesn't work
> when systemd has set /proc/sys/kernel/core_pattern to
> "|/usr/lib/systemd/systemd-coredump". (Apparently the kernel ignores that
> rlimit when a coredump is piped to a process.) So thousands of files get
> stashed in /var/lib/systemd/coredump every time the test suite runs :-(.
> 
> Is there any way to avoid this on my side or systemd's? Making it
> impossible to disable coredumps seems bad. Maybe systemd could query the
> dumping process's RLIMIT_CORE with prlimit() and throw the coredump away if
> the limit is 0. Obvoiusly I could modify /proc/sys/kernel/core_pattern but
> I'd like a solution that works for everyone without messing with their
> system configuration.

Yes, we really should check RLIMIT_CORE of the dumped process, and
honour it. Happy to take a patch for that!

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] On calendar timer

[Lennart Poettering]

On Wed, 06.01.16 17:17, arnaud gaboury (arnaud.gabo...@gmail.com) wrote:

> I am not sure about how to express date/time in a timer unit.
> 
> I want the timer to be start every year(*), on month 1,3,5,7,9,11,
> first day of month at 02:00:00 AM. Here is what I wrote:
> 
> [Timer]
> OnCalendar=*-1,3,5,7,9,11-01 02:00:00
> 
> Is this correct ?
> 
> Now if I want instead not the first day of the cited months, but the
> first Sunday:
> 
> OnCalendar=Sun, *-1,3,5,7,9,11-01 02:00:00
> 
> Or the above will only trigger the service IF first day of the cited
> month is a Sunday?

The latter. Basically, for each element in the expression one item of the
specified list must hold for the event to trigger.

To express what you want to express I'd just list all days of the
first week.

Sun 1,3,5,7,9-1,2,3,4,5,6,7 02:00

Which means: on every sunday, that is one of the first 7 days of the
months 1, 3, 5, 7 or 9, at 2am.

Of course, we should probably introduce a ".." syntax so that
1,2,3,4,5,6,7 could be written as "1..7". Happy to take a patch for
that.

Hope this is useful.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Multicast signaling with sd-bus questions

[Lennart Poettering]

On Fri, 08.01.16 00:37, Gorman, Brian (Vancouver) (bgor...@hp.com) wrote:

> Hi all, I am in the process of considering using sd-bus to
> coordinate a system-wide multicast messaging system between
> daemons. At this time I only have resources to look into using
> libsystemd without system running. It seems the sd-bus documentation
> is very sparse compared to sd-event - does this mean sd-bus is more
> immature?

I wouldn't say so. sd-bus and sd-event are equally old, but the former
is a much larger API thus the docs aren't complete.

> >From here I was hoping to run something like "dbus-send -system 
> >-dest=Test.Me -print-reply /Japan Japan.Reset.Test string:"Hello""
> 
> It currently get errors about DBUs complaining that Test.Me was not
> provided in any .service files when executing the above command. Any
> suggestion how to get around that issue would be helpful. My initial
> attempt at copying:

If you want to broadcast a signal, then you shouldn't send it to any
destination, i.e. drop the "--dest=Test.Me" in your command line. If
you send it to a destination and it is not around you'll get the error
you are seeing.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] how to get sd_notify state/variables from dbus?

[Mantas Mikulėnas]

On Tue, Jan 12, 2016 at 7:25 PM, Lennart Poettering 
wrote:

> On Fri, 08.01.16 18:09, Rick Richardson (rick.richard...@gmail.com) wrote:
>
> > I have a fleet of applications that need to pass some critical variables
> > back to systemd so that our services monitor can collect them.  My hope
> is
> > that this can be done via sd_notify as it is very much a
> config-management
> > and process monitoring related task.
> >
> > Currently my monitor subscribes to PropertiesChanged in dbus, and gets
> the
> > active/running notification upon an sd_notify from the service, I can see
> > the StatusText variable set via the STATUS=... but I can't seem to figure
> > out where the rest of the notify state is stored.
>
> It currently is not.
>
> We could expose this data I figure, but I am not entirely sure how
> that could even look like, as for unknown sd_notify() fields it's not
> clear whether they are supposed to extend or replace any unrelated
> previously set settings... i.e. if you first send X_FOO=1 and then
> X_BAR=1 and then query the data, would you get "X_FOO=1 X_BAR=1" back,
> or just "X_BAR=1"? The former would mean we'd might get into trouble
> if people keep inventing new fields. The latter would mean it's
> useless if people assume additive operation of the the data...
>

Isn't this basically something that etcd was meant to do?

-- 
Mantas Mikulėnas 
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] User service with suid executable

[Lennart Poettering]

On Fri, 08.01.16 13:49, Martin Novák (mt...@seznam.cz) wrote:

> On 01/08/2016 11:27 AM, Simon McVittie wrote:
> > On 07/01/16 23:14, Martin Novák wrote:
> >> I've created this (toy) user service for running desktop of differnt
> >> user
> >
> > I don't think a user service is an appropriate tool for this job. If you
> > have sudo privileges, you can use a system service, or perhaps even a
> > user service that runs as the other user.
> 
> Well, I have sudo privileges for the other user, not for root. Besides,
> the service executable could have been setuid for different user and not
> root. I think both are valid use cases. Imagine 2 developers working on
> a multiseat system wanting to share their programs for accessing some
> webservice without revealing their credentials. The other developer may
> want to use it from a systemd timer unit. Distasteful as it may be, it's
> the straightforward way to do the job and it's secure if used
> correctly.

You should be able to write a polkit policy that allows your user to
invoke the "start" operation on that specific unit. polkit receives
enough details from systemd so that you can express this, without
involving sudo or anything like that.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] how to get sd_notify state/variables from dbus?

[Lennart Poettering]

On Fri, 08.01.16 18:09, Rick Richardson (rick.richard...@gmail.com) wrote:

> I have a fleet of applications that need to pass some critical variables
> back to systemd so that our services monitor can collect them.  My hope is
> that this can be done via sd_notify as it is very much a config-management
> and process monitoring related task.
> 
> Currently my monitor subscribes to PropertiesChanged in dbus, and gets the
> active/running notification upon an sd_notify from the service, I can see
> the StatusText variable set via the STATUS=... but I can't seem to figure
> out where the rest of the notify state is stored.

It currently is not. 

We could expose this data I figure, but I am not entirely sure how
that could even look like, as for unknown sd_notify() fields it's not
clear whether they are supposed to extend or replace any unrelated
previously set settings... i.e. if you first send X_FOO=1 and then
X_BAR=1 and then query the data, would you get "X_FOO=1 X_BAR=1" back,
or just "X_BAR=1"? The former would mean we'd might get into trouble
if people keep inventing new fields. The latter would mean it's
useless if people assume additive operation of the the data...

Hence, let's take a step back: which field are you particularly
interested in?

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Subprocess

[Lennart Poettering]

On Mon, 11.01.16 19:58, Mihamina RAKOTOMANDIMBY 
(mihamina-rakotomandi...@rktmb.org) wrote:

> Hi all,
> 
> Walking trhough my virtual machines, I noticed something strange:
> The sensu process is inside the CFEngine CGroup.
> 
> This is mainly because of the way I launch Sensu after install
> 
> Please have a look at
>  https://bitbucket.org/snippets/rakotomandimby/nLkaM
> 
> How should I launch Sensu on systemd enabled system in order to have it
> in a dedicated CGroup? Should I create the service file and start it
> instead?

I have no idea about cfengine, and never heard of "sensu", but
if you have some daemon that starts some other daemon, make sure it
does so through systemd. i.e. fork off "systemctl", or use some bus
calls, or so. 

On some distros sysv scripts forward to systemctl internally, but that
might not work on other distros, or 3rd party scripts.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] radvd and sysctl systemd under Debian

[Colin Guthrie]

William Hay wrote on 08/01/16 16:44:
> Which has CONFIG_IPV6=y meaning the various IPV6 sysctls should be available
> as soon as the /proc filesystem is mounted.
> 
> /etc/sysctl.d/ contains only 99-sysctl.conf 
> which is a symlink pointing to /etc/sysctl.conf
> 
> which contains the following uncommented lines:
> net.ipv4.ip_forward=1
> net.ipv6.conf.default.forwarding=1
> net.ipv6.conf.all.forwarding=1
> net.ipv6.conf.ppp0.accept_ra=2
> 
> However on boot net.ipv6.conf.all.forwarding is set to 0

This could be something related to networkd which might be changing the
ip forwarding status overriding these details.

If you are not using it, I would recommend disabling it to see if it
helps, but it should be possible to configure it accordingly too.

There were some discussions recently about the defaults networkd imposes
so it could be a that a newer version would also solve the issues, but
my memory of that discussion is vague and thus you shouldn't trust me or
what I say above.

Other more knowledgeable folk here (e.g. Tom) will be able to answer
more authoritatively  on the matter!

Col


-- 

Colin Guthrie
colin(at)mageia.org
http://colin.guthr.ie/

Day Job:
  Tribalogic Limited http://www.tribalogic.net/
Open Source:
  Mageia Contributor http://www.mageia.org/
  PulseAudio Hacker http://www.pulseaudio.org/
  Trac Hacker http://trac.edgewall.org/
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Using Systemd "FD Store" facilitiy

[Lennart Poettering]

On Tue, 12.01.16 01:50, Pathangi Janardhanan (path.j...@gmail.com) wrote:

> Hi,
> 
>  I had previously sent a mail on this but got no response, so wanted to
> check again.
> 
>  I am trying to use systemd as a way to store and restore the FDs used by a
> service, so that the service can provide continuation of service during an
> upgrade. for the purpose of trying it out, I am using a simple TCP echo
> server as my service
> 
>  The issues I see are :
> 
> 1. I store the fds using sd_pid_notify_with_fds, and then do a systemctl
> restart of the service. Then I use sd_listen_fds and get all the fds back
> and the service continues without disturbance. But the problem is
> 
> a.  systemd continues to hold all these fds, so now if my service is done
> with the fd and closes the connection, this is not getting through to the
> client, as systemd continues to have this fd

systemd watches for POLLHUP/POLLERR on the fds, hence should normally
detect disconnected sockets automatically. This means that connections
made by remote peers do not require any work, but if you close
connections locally, then you have to add an explicit shutdown(), so
that the the POLLHUP is triggered and systemd notices.

> b. Even if the client closes the connection, my service gets it and closes
> the connection but systemd still holds on to this fd.
> 
>  so in essence once I store the fd with systemd using
> sd_pid_notify_with_fds, they do not go away untill I do a systemctl stop of
> my service
> 
> This is making it difficult to use this service in the intended way. It
> would be nice
> if on sd_listen_fds, the sytemd passes all fds back to the service and
> internally cleared its state, so that only the service has the fds. (this
> is ofcourse only for
> those fds that the service had previously send in sd_pid_notify_with_fds,
> the other fds that the service gets as part of socket activation would
> continue to be held in systemd also.)
> 
> Let me know if this sounds correct, or am I mis-understanding the way this
> service is to be used.

I figure adding an API that explicitly allows removing fds from
systemd's FD store would make sense. i.e. maybe something like an
FDSTORE_REMOVE=1 msg that takes the same fds again, and then compares
the fds with same_fd() and if they match closes both the newly passed
in fd and the stored one...

But that said, I think using shutdown() as suggested above is probably
the better and easier fix for your case.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] info/request

[Lennart Poettering]

On Tue, 12.01.16 14:34, Moreanu Robert - Nicolae (robertmore...@gmail.com) 
wrote:

> hi,
> 
> i have to file word.docx and excel.xlsx on my hdd on desktop of debian and
> I want to copy them from a live Linuxmint usbstick but I cant because I
> have denied permiss acces on them, also I can't open this file from live
> Linuxmint.
> 
> can you tell me how I can to copy this 2 file? tell me a procedure, please.
> thank you for your time

The systemd mailing list is not the right forum for questions like
this. Please use your distribution's support forums instead!

Thanks,

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] How to add startup delay?

[Martin Pitt]

Hello Masanari,

Masanari Iida [2016-01-12 22:07 +0900]:
> My question is How can I add 30sec delay for squid.service startup ?

The simplest thing would be to add a drop-in
/etc/systemd/system/squid.service/delay.conf with

  [Service]
  ExecStartPre=/bin/sleep 30

systemd has timer units too, but setting those up is probably not
worth the effort for this.

Martin
-- 
Martin Pitt| http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] How to add startup delay?

[Masanari Iida]

Hi,
I want to start squid.service 30sec after the network.service complete
initialization.
Currently I know how to change unit startup order.
( Aadd "netweork.service" in  After =  line of squid.service)

My question is How can I add 30sec delay for squid.service startup ?
My environment is on Centos7.

Regards,
Masanari
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] info/request

[Moreanu Robert - Nicolae]

hi,

i have to file word.docx and excel.xlsx on my hdd on desktop of debian and
I want to copy them from a live Linuxmint usbstick but I cant because I
have denied permiss acces on them, also I can't open this file from live
Linuxmint.

can you tell me how I can to copy this 2 file? tell me a procedure, please.
thank you for your time
robert

-- 

*o zi frumoasa !Robert - Nicolae  MOREANU*
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel