Re: [systemd-devel] new job systemd-cryptsetup@arkluks.service/stop - Why?

2016-07-25 Thread Andrei Borzenkov
On Tue, Jul 26, 2016 at 7:57 AM, Dave T  wrote:
> Is systemd expected to stop / unmount an encrypted device when another
> device containing the keyfile used to mount it (e.g., a removable USB drive)
> is removed?
>
> when I umount and then remove the USB disk, I see the following line in
> journalctl:
>
>> Jul 25 22:11:20 mserver systemd[1]: systemd-cryptsetup@aluks.service:
>> Installed new job systemd-cryptsetup@aluks.service/stop
>

Well, cryptsetup generator emits RequiresMountsFor for keyfile; which
implies that when filesystem that holds this file is unmounted, it
also stops cryptsetup service.

Which is of course wrong because filesystem is required only once,
when crypto container is setup.

Please file an issue on github.

>
> I will send more logs when I find out exactly how to reproduce this on
> another system.
>
> In the mean time, I appreciate any information on why systemd-cryptsetup
> might stop a service when a different storage device is removed.
>
> Also, would the mount options in fstab impact this behavior? Currently I am
> not using systemd.automount on this machine. Should I? My mount options are
> similar to:
>
>>
>> rw,noatime,nodiratime,compress=lzo,ssd,space_cache,subvolid=123,subvol=@myid
>> 0 0
>
>
> Thanks
>
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] new job systemd-cryptsetup@arkluks.service/stop - Why?

2016-07-25 Thread Dave T
Is systemd expected to stop / unmount an encrypted device when another
device containing the keyfile used to mount it (e.g., a removable USB
drive) is removed?

when I umount and then remove the USB disk, I see the following line in
journalctl:

Jul 25 22:11:20 mserver systemd[1]: systemd-cryptsetup@aluks.service:
> Installed new job systemd-cryptsetup@aluks.service/stop
>

I will send more logs when I find out exactly how to reproduce this on
another system.

In the mean time, I appreciate any information on why systemd-cryptsetup
might stop a service when a different storage device is removed.

Also, would the mount options in fstab impact this behavior? Currently I am
not using systemd.automount on this machine. Should I? My mount options are
similar to:

rw,noatime,nodiratime,compress=lzo,ssd,space_cache,subvolid=123,subvol=@myid
> 0 0
>

Thanks
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] Problems trying to convert a System-V-Init script to systemd

2016-07-25 Thread Andrei Borzenkov
25.07.2016 20:48, Lennart Poettering пишет:
> "su" opens user sessions, it does substantially more than just change
> UIDs. Consider using "runuser" at least.
> 
> The fact that a user session is created means that systemd will track
> the code invoked like that independently of the service unit, in a new
> session scope unit. This means its lifecycle is detach from the
> service have, and it's on you to ensure everything is stopped again
> when the service is terminated.
> 

The problem is that service is not even given chance to ensure anything,
because service processes are killed before systemd tries to stop service.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] understanding systemd ordering vs dependencies

2016-07-25 Thread Zbigniew Jędrzejewski-Szmek
On Mon, Jul 25, 2016 at 10:59:00PM +, Patrick Schleizer wrote:
> Hi!
> 
> I am trying to understand systemd ordering vs dependencies.
> 
> When I am already using Wants=, why should I also add After=?
> 
> When I am already using After=, why should I also add Wants=?

Please see the description of Requires
(https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Requires=)
It explains the relationship between Requires/Wants and After.

> Systemd ordering with Before= and After= is more about speed concerns?
No.

> Such as for example to express "i want the webserver running before the
> backup service" so I added for my custom backup systemd service
> After=apache2.service."
No really.

> Systemd ordering with Before= and After= is not "as strictly" adhered
> compared to Wants= and WantedBy=?
No.

> Before, I thought After= is effectively as good as Wants=, but this is
> apparently wrong?
Yes.

Zbyszek
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] understanding systemd ordering vs dependencies

2016-07-25 Thread Patrick Schleizer
Hi!

I am trying to understand systemd ordering vs dependencies.

When I am already using Wants=, why should I also add After=?

When I am already using After=, why should I also add Wants=?

Systemd ordering with Before= and After= is more about speed concerns?
Such as for example to express "i want the webserver running before the
backup service" so I added for my custom backup systemd service
After=apache2.service."

Systemd ordering with Before= and After= is not "as strictly" adhered
compared to Wants= and WantedBy=?

Before, I thought After= is effectively as good as Wants=, but this is
apparently wrong?

Cheers,
Patrick
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] [ANNOUNCE] systemd 231

2016-07-25 Thread Lennart Poettering
Heya!

Lots of fixes, lots of additions:

https://github.com/systemd/systemd/archive/v231.tar.gz

CHANGES WITH 231:

* In service units the various ExecXYZ= settings have been extended
  with an additional special character as first argument of the
  assigned value: if the character '+' is used the specified command
  line it will be run with full privileges, regardless of User=,
  Group=, CapabilityBoundingSet= and similar options. The effect is
  similar to the existing PermissionsStartOnly= option, but allows
  configuration of this concept for each executed command line
  independently.

* Services may now alter the service watchdog timeout at runtime by
  sending a WATCHDOG_USEC= message via sd_notify().

* MemoryLimit= and related unit settings now optionally take percentage
  specifications. The percentage is taken relative to the amount of
  physical memory in the system (or in case of containers, the assigned
  amount of memory). This allows scaling service resources neatly with
  the amount of RAM available on the system. Similarly, systemd-logind's
  RuntimeDirectorySize= option now also optionally takes percentage
  values.

* In similar fashion TasksMax= takes percentage values now, too. The
  value is taken relative to the configured maximum number of processes
  on the system. The per-service task maximum has been changed to 15%
  using this functionality. (Effectively this is an increase of 512 →
  4915 for service units, given the kernel's default pid_max setting.)

* Calendar time specifications in .timer units now understand a ".."
  syntax for time ranges. Example: "4..7:10" may now be used for
  defining a timer that is triggered at 4:10am, 5:10am, 6:10am and
  7:10am every day.

* The InaccessableDirectories=, ReadOnlyDirectories= and
  ReadWriteDirectories= unit file settings have been renamed to
  InaccessablePaths=, ReadOnlyPaths= and ReadWritePaths= and may now be
  applied to all kinds of file nodes, and not just directories, with
  the exception of symlinks. Specifically these settings may now be
  used on block and character device nodes, UNIX sockets and FIFOS as
  well as regular files. The old names of these settings remain
  available for compatibility.

* systemd will now log about all service processes it kills forcibly
  (using SIGKILL) because they remained after the clean shutdown phase
  of the service completed. This should help identifying services that
  shut down uncleanly. Moreover if KillUserProcesses= is enabled in
  systemd-logind's configuration a similar log message is generated for
  processes killed at the end of each session due to this setting.

* systemd will now set the $JOURNAL_STREAM environment variable for all
  services whose stdout/stderr are connected to the Journal (which
  effectively means by default: all services). The variable contains
  the device and inode number of the file descriptor used for
  stdout/stderr. This may be used by invoked programs to detect whether
  their stdout/stderr is connected to the Journal, in which case they
  can switch over to direct Journal communication, thus being able to
  pass extended, structured metadata along with their log messages. As
  one example, this is now used by glib's logging primitives.

* When using systemd's default tmp.mount unit for /tmp, the mount point
  will now be established with the "nosuid" and "nodev" options. This
  avoids privilege escalation attacks that put traps and exploits into
  /tmp.  However, this might cause problems if you e. g. put container
  images or overlays into /tmp; if you need this, override tmp.mount's
  "Options=" with a drop-in, or mount /tmp from /etc/fstab with your
  desired options.

* systemd now supports the "memory" cgroup controller also on
  cgroupsv2.

* The systemd-cgtop tool now optionally takes a control group path as
  command line argument. If specified, the control group list shown is
  limited to subgroups of that group.

* The SystemCallFilter= unit file setting gained support for
  pre-defined, named system call filter sets. For example
  SystemCallFilter=@clock is now an effective way to make all clock
  changing-related system calls unavailable to a service. A number of
  similar pre-defined groups are defined. Writing system call filters
  for system services is simplified substantially with this new
  concept. Accordingly, all of systemd's own, long-running services now
  enable 

Re: [systemd-devel] systemd[1]: Stopped (with error) /dev/mapper/wxyz.

2016-07-25 Thread Dave
I appreciate the responses. See below. I will paste a full debug log, but I
can't arbitrarily reboot the current production machine. I'll replicate
this on another machine. That could take a day or so.  In the mean time,
below is further explanation:

On Mon, Jul 25, 2016 at 6:42 AM, Stefan Tatschner 
wrote:

>
> Could it be this?
>
> https://github.com/systemd/systemd/issues/1620
>
>
In my case I am not issuing a shutdown. I am only umuonting a USB drive.
Unexpectedly, umounting the USB drive causes systemd to issue what appears
to me to be a stop command for target Encrypted Volumes.

There should be no reason that the encrypted volumes are stopped, umounted,
etc. That's unexpected.

Until I can provide full debug logs, here are what I think may be the most
relevant log lines.

-- Logs begin at Mon 2016-05-16 21:40:56 EDT, end at Sun 2016-07-24
23:41:58 EDT. --
Jul 24 23:38:40 mserver systemd-journald[619]: Runtime journal
(/run/log/journal/) is 8.0M, max 4.0G, 3.9G free.
Jul 24 23:38:40 mserver kernel: microcode: microcode updated early to
revision 0x38, date = 2016-03-28
Jul 24 23:38:40 mserver kernel: Linux version 4.6.4-1-ARCH (builduser@tobias)
(gcc version 6.1.1 20160707 (GCC) ) #1 SMP PREEMPT Mon Jul 11 19:12:32 CEST
2016
Jul 24 23:38:40 mserver kernel: Command line: initrd=\intel-ucode.img
initrd=\initramfs-linux.img rw cryptdevice=UUID=d71113:dluks
root=/dev/mapper/dluks rootflags=subvol=@
...
Jul 24 23:38:40 mserver kernel: usb 3-1: new high-speed USB device number 2
using xhci_hcd
...
Jul 24 23:38:40 mserver kernel: usb-storage 3-1:1.0: USB Mass Storage
device detected
Jul 24 23:38:40 mserver kernel: scsi host10: usb-storage 3-1:1.0
Jul 24 23:38:40 mserver kernel: usb 3-14: new low-speed USB device number 3
using xhci_hcd
...
Jul 24 23:38:42 mserver mtp-probe[760]: checking bus 3, device 2:
"/sys/devices/pci:00/:00:14.0/usb3/3-1"
Jul 24 23:38:42 mserver mtp-probe[759]: checking bus 3, device 3:
"/sys/devices/pci:00/:00:14.0/usb3/3-14"
...
Jul 24 23:41:17 mserver sudo[1195]: dave : TTY=tty1 ; PWD=/home/dave ;
USER=root ; COMMAND=/usr/bin/umount /boot
Jul 24 23:41:17 mserver sudo[1195]: pam_unix(sudo:session): session opened
for user root by dave(uid=0)
Jul 24 23:41:17 mserver sudo[1195]: pam_unix(sudo:session): session closed
for user root
Jul 24 23:41:30 mserver kernel: usb 3-1: USB disconnect, device number 2
Jul 24 23:41:30 mserver systemd[1]: Stopped target Encrypted Volumes.
Jul 24 23:41:30 mserver systemd[1]: Stopping Cryptography Setup for dluks...
Jul 24 23:41:30 mserver systemd[1]: Stopping Cryptography Setup for aluks...
Jul 24 23:41:30 mserver systemd[1]: Stopping Cryptography Setup for bluks...
Jul 24 23:41:30 mserver systemd[1]: Stopped File System Check on
/dev/disk/by-uuid/A4-0E.
Jul 24 23:41:30 mserver systemd[1]: Stopped target Local File Systems.
Jul 24 23:41:30 mserver systemd[1]: Unmounting /ak...
Jul 24 23:41:30 mserver systemd[1]: Unmounting /.snapshots...Jul 24
23:41:30 mserver systemd[1]: Stopped target Encrypted Volumes.
Jul 24 23:41:30 mserver systemd[1]: Unmounting /var/data/nc...
Jul 24 23:41:30 mserver systemd[1]: Unmounting /home...
Jul 24 23:41:30 mserver systemd[1]: Unmounting /bk...
Jul 24 23:41:30 mserver systemd[1]: Unmounting /var/data/cw...
Jul 24 23:41:30 mserver systemd[1]: Stopping Update UTMP about System
Boot/Shutdown...
Jul 24 23:41:30 mserver systemd[1]: Stopped Flush Journal to Persistent
Storage.
Jul 24 23:41:30 mserver umount[1217]: umount: /home: target is busy
Jul 24 23:41:30 mserver umount[1217]: (In some cases useful info
about processes that
Jul 24 23:41:30 mserver umount[1217]:  use the device is found by
lsof(8) or fuser(1).)
Jul 24 23:41:30 mserver systemd[1]: Stopped (with error) /dev/mapper/aluks.
Jul 24 23:41:30 mserver systemd[1]: Stopped (with error) /dev/mapper/bluks.
Jul 24 23:41:30 mserver systemd[1]: home.mount: Mount process exited,
code=exited status=32
Jul 24 23:41:30 mserver systemd[1]: Failed unmounting /home.
Jul 24 23:41:30 mserver systemd[1]: Stopped Update UTMP about System
Boot/Shutdown.
Jul 24 23:41:30 mserver systemd[1]: Unmounting /var/log...
Jul 24 23:41:30 mserver umount[1224]: umount: /var/log: target is busy
Jul 24 23:41:30 mserver umount[1224]: (In some cases useful info
about processes that
Jul 24 23:41:30 mserver umount[1224]:  use the device is found by
lsof(8) or fuser(1).)
Jul 24 23:41:30 mserver systemd[1]: var-log.mount: Mount process exited,
code=exited status=32
Jul 24 23:41:30 mserver systemd[1]: Failed unmounting /var/log.
Jul 24 23:41:30 mserver systemd[1]: Unmounted /var/data/cw.
Jul 24 23:41:30 mserver systemd[1]: Unmounted /.snapshots.
Jul 24 23:41:30 mserver systemd[1]: Unmounted /var/data/nc.
Jul 24 23:41:30 mserver systemd[1]: Unmounted /ak.
Jul 24 23:41:30 mserver systemd[1]: Stopped /dev/disk/by-uuid/67xxx9ae1.
Jul 24 23:41:30 mserver systemd[1]: Stopped /dev/disk/by-label/a_top.
Jul 24 23:41:30 mserver systemd[1]: 

Re: [systemd-devel] systemd-run and -p ProtectSystem=ful

2016-07-25 Thread Reindl Harald



Am 25.07.2016 um 19:41 schrieb Lennart Poettering:

On Mon, 25.07.16 19:26, Reindl Harald (h.rei...@thelounge.net) wrote:


just upgraded to Fedora 24

/usr/bin/systemd-run -t --service-type=oneshot --quiet --nice=19
--unit=spamfilter-fetch-samples --description=spamfilter-fetch-samples -p
ProtectSystem=full /usr/bin/php /scripts/test.php

don't log anything useful or return anything, calling a shellscript which is
using "systemd-run" don't return to the shell while journalctl pretends it
got executed and has finished

removing "-p ProtectSystem=full" as in F23 works

Jul 25 19:23:51 mail-gw.thelounge.net systemd[1]: Starting
spamfilter-fetch-samples...
Jul 25 19:23:51 mail-gw.thelounge.net systemd[1]: Started
spamfilter-fetch-samples.
Jul 25 19:24:21 mail-gw.thelounge.net systemd[1]: Starting
spamfilter-fetch-samples...
Jul 25 19:24:21 mail-gw.thelounge.net systemd[1]: Started
spamfilter-fetch-samples.


This works fine here:

# /usr/bin/systemd-run -t /bin/echo hallo
Running as unit: run-r2d66d66cfd3f4386bd80ecdc057846ce.service
Press ^] three times within 1s to disconnect TTY.
hallo

# sudo /usr/bin/systemd-run -t -p ProtectSystem=full /bin/echo hallo
Running as unit: run-r0a6d313f96684ec598ee84fb483f2f48.service
Press ^] three times within 1s to disconnect TTY.
hallo


all that simple versions are working here too, but not if it comes to 
complex scripts running as root and starting other script using "su"


the reason is simply that first permssions and so on a ensured and than 
the tasks itself are fird with difefrent, low privileged users


the same still for calling "systemd-run" from a cronjob where i would 
expect the typical cronmails if there is some output with or without 
"-p ProtectSystem=full" while without it least works in a ssh session



Maybe SELinux is borked for this? Does it work if you turn off SELinux
or put it in permissive mode?


no SELinux for me



signature.asc
Description: OpenPGP digital signature
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] Problems trying to convert a System-V-Init script to systemd

2016-07-25 Thread Lennart Poettering
On Thu, 14.07.16 12:34, Holger Kiehl (holger.ki...@dwd.de) wrote:

> Hello,
> 
> I am new to systemd and the maintainer of the file distribution software
> AFD (http://www.dwd.de/AFD) and I am trying to adapt this application
> to systemd. The problem I am unable to solve is that doing a reboot,
> poweroff or halt, all process get a SIGTERM before systemd calls the
> command supplied by ExecStop. If I do a 'systemctl stop afd.service'
> everything works as expected. I have searched the web for a solution
> and have tried all the different service Type=, unit After=/Before=
> combination, but failed so far. I must be doing something obviously
> wrong, but unable to see what and need help please.
> 
> The service/unit file looks as follows:
> 
>[Unit]
>Description=Automatic File Distributor
>After=basic.target
> 
>[Service]
>RemainAfterExit=yes
>Type=oneshot
>ExecStart=-/etc/init.d/afd start
>ExecStop=-/etc/init.d/afd stop
>KillMode=none
>StandardOutput=syslog+console
>StandardError=syslog+console
> 
>[Install]
>WantedBy=multi-user.target

If you write a unit file like this then you might as well just use the
sysv compat logic we provide.

> 
> /etc/init.d/afd is a shell script that starts one or more instances of
> the AFD under different users. The users are configured in /etc/sysconfig/afd
> and are started via the following command: su - $afduser -c " start/sop AFD>"

"su" opens user sessions, it does substantially more than just change
UIDs. Consider using "runuser" at least.

The fact that a user session is created means that systemd will track
the code invoked like that independently of the service unit, in a new
session scope unit. This means its lifecycle is detach from the
service have, and it's on you to ensure everything is stopped again
when the service is terminated.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] UseDNS

2016-07-25 Thread Lennart Poettering
On Wed, 13.07.16 13:33, Zack Baron (zbaro...@gmail.com) wrote:

> I am currently modifying some of the systemd source (specifically
> the resolved section) and was wondering if you could point me in the
> right direction. I need access to the UseDNS= setting provided in
> the .network config files preferably without parsing through them
> again. Is this data stored anywhere that is available working from
> the file resolved-resolv-conf.c?

This is currently not really accessible. The plan is to expose this as
part of libsystemd one day, but this is not implemented yet.

You can hack this for now by parsing
/run/systemd/netif/links/, but that's not officialy supported
and might break eventually.

Sorry if that's disappointing.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] vconsole-setup updates & fixes

2016-07-25 Thread Lennart Poettering
On Sat, 02.07.16 02:53, Michal Soltys (sol...@ziu.info) wrote:

> Hi,
> 
> This patch fixes issues I mentioned in
> http://permalink.gmane.org/gmane.comp.sysutils.systemd.devel/36874

For those interested, this patch set's discussion moved to:

https://github.com/systemd/systemd/pull/3742

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] systemd-run and -p ProtectSystem=ful

2016-07-25 Thread Lennart Poettering
On Mon, 25.07.16 19:26, Reindl Harald (h.rei...@thelounge.net) wrote:

> just upgraded to Fedora 24
> 
> /usr/bin/systemd-run -t --service-type=oneshot --quiet --nice=19
> --unit=spamfilter-fetch-samples --description=spamfilter-fetch-samples -p
> ProtectSystem=full /usr/bin/php /scripts/test.php
> 
> don't log anything useful or return anything, calling a shellscript which is
> using "systemd-run" don't return to the shell while journalctl pretends it
> got executed and has finished
> 
> removing "-p ProtectSystem=full" as in F23 works
> 
> Jul 25 19:23:51 mail-gw.thelounge.net systemd[1]: Starting
> spamfilter-fetch-samples...
> Jul 25 19:23:51 mail-gw.thelounge.net systemd[1]: Started
> spamfilter-fetch-samples.
> Jul 25 19:24:21 mail-gw.thelounge.net systemd[1]: Starting
> spamfilter-fetch-samples...
> Jul 25 19:24:21 mail-gw.thelounge.net systemd[1]: Started
> spamfilter-fetch-samples.

This works fine here:

# /usr/bin/systemd-run -t /bin/echo hallo
Running as unit: run-r2d66d66cfd3f4386bd80ecdc057846ce.service
Press ^] three times within 1s to disconnect TTY.
hallo

# sudo /usr/bin/systemd-run -t -p ProtectSystem=full /bin/echo hallo
Running as unit: run-r0a6d313f96684ec598ee84fb483f2f48.service
Press ^] three times within 1s to disconnect TTY.
hallo

(this is current git however)

Maybe SELinux is borked for this? Does it work if you turn off SELinux
or put it in permissive mode?

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] systemd-run and -p ProtectSystem=ful

2016-07-25 Thread Reindl Harald

just upgraded to Fedora 24

/usr/bin/systemd-run -t --service-type=oneshot --quiet --nice=19 
--unit=spamfilter-fetch-samples --description=spamfilter-fetch-samples 
-p ProtectSystem=full /usr/bin/php /scripts/test.php


don't log anything useful or return anything, calling a shellscript 
which is using "systemd-run" don't return to the shell while journalctl 
pretends it got executed and has finished


removing "-p ProtectSystem=full" as in F23 works

Jul 25 19:23:51 mail-gw.thelounge.net systemd[1]: Starting 
spamfilter-fetch-samples...
Jul 25 19:23:51 mail-gw.thelounge.net systemd[1]: Started 
spamfilter-fetch-samples.
Jul 25 19:24:21 mail-gw.thelounge.net systemd[1]: Starting 
spamfilter-fetch-samples...
Jul 25 19:24:21 mail-gw.thelounge.net systemd[1]: Started 
spamfilter-fetch-samples.




signature.asc
Description: OpenPGP digital signature
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] Wiki suggestion

2016-07-25 Thread Lennart Poettering
On Fri, 22.07.16 10:29, Marcos Mello (marcos...@outlook.com) wrote:

> Hi,
> 
> SUSE has this nice white paper about systemd in SLE 12:
> 
> systemd in SUSE® Linux Enterprise 12
> A kinder, gentler introduction from SUSE
> 
> https://www.suse.com/docrep/documents/huz0a6bf9a/systemd_in_suse_linux_enterprise_12_white_paper.pdf
> 
> It is a good candidate for "Publications" or "Manuals and Documentation for
> Users and Administrators" wiki sections.
> 
> While you are at it, two nitpicks: "OpenSUSE" can be replaced by "openSUSE" 
> and
> "ArchLinux" by "Arch Linux".

Made all the suggested changes and additions.

Thanks!

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] sequence numbers of udev events not in sequence

2016-07-25 Thread Lennart Poettering
On Mon, 25.07.16 11:44, Anne Mulhern (amulh...@redhat.com) wrote:

> Hi!
> 
> I happened to be printing out the sequence numbers of the udev events I was 
> receiving via the udev monitor,
> and I noticed that they did not occur exactly in sequence, e.g., I was 
> receiving events with sequence numbers
> in this order:
> 
> 13694
> 13696
> 13695
> 13697
> 13698
> 13699
> 13700
> 13701
> 13702
> 13703
> 13706
> 13704
> 13705
> 
> How should I interpret this? Is it behavior I should expect?

udev only maintains ordering of events "within subtrees". Meaning: if
you have completely unrelated devices popping up they will ne
processed and announced in any order. But if you have to devices close
to each other (let's say a master sound card device and its subchannel
devices, or partitions on a block device) then the order is
maintained.

Moreover, due to network namespacing some seqnos might be missing
altogether (as seqnos for network devices from other namespaces do not
show up in local namespaces).

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] sequence numbers of udev events not in sequence

2016-07-25 Thread Anne Mulhern
Hi!

I happened to be printing out the sequence numbers of the udev events I was 
receiving via the udev monitor,
and I noticed that they did not occur exactly in sequence, e.g., I was 
receiving events with sequence numbers
in this order:

13694
13696
13695
13697
13698
13699
13700
13701
13702
13703
13706
13704
13705

How should I interpret this? Is it behavior I should expect?

Thanks for any help.

- mulhern
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] Redirecting logfile to journald

2016-07-25 Thread Lennart Poettering
On Mon, 25.07.16 00:55, Juanjo Presa (juan...@gmail.com) wrote:

> Hi, I'm running a service that only writes output to log file, not
> configurable. Then I'm trying to link the log file to /dev/stdout but I
> guess that is not enough to be received by journald because is not
> working.

Yes, this doesn't work right now, as the Linux kernel prohibits open()
on sockets, and systemd's service management connects stdout/stderr to
an AF_UNIX/SOCK_STREAM socket, and open("/dev/stdout") hence will
fail. There have been ideas how to fix that, and replace the socket by
a pipe, which would make this work, however so far nobody started
working on that. (patches very welcome!)

You could use a fifo in the file system as workound. Connect one side
to your app, and the other one to systemd-cat, and things should
work. But it isn't precisely pretty...

Sorry I don't have any better suggestion for you right now.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] systemd-coredump, coredump is truncated to exactly 2GiB

2016-07-25 Thread Lennart Poettering
On Sat, 23.07.16 17:41, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:

> Sounds like a bug in the logic. 2GiB is the default value for ProcessSizeMax=
> and ExternalSizeMax=. coredump.conf(5) implies coredumps larger than that
> will not be stored. I don't think it's useful to have truncated coredumps,
> so I think we should:

Truncated coredumps (and coredumps lacking some memory regions) are
actually not as problematic and useless as they may sound, as gdb is
pretty good as making use of what is there, and just letting invidual
operations fail where the relevant memory is missing in the
dump. Truncated coredumps is after all the traditional effect of
RLIMIT_CORE...

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] systemd[1]: Stopped (with error) /dev/mapper/wxyz.

2016-07-25 Thread Stefan Tatschner
On 25.07.2016 05:11, Dave T wrote:
> I have a fileserver with several HDDs (btrfs and dm-crypt for all except
> one which is lvm2 and dm-crypt).
> 
> Within the last week when I umount a USB drive, all my other mounts
> immediately get unmounted too. I lose /home and almost everything else
> except the system device. The USB drive is the ESP (EFI system
> partition) mounted at /boot. It is intended to be unmounted after boot
> and it worked appropriately until the last week.
> 
> If I reboot, all is fine until I umount the USB device (ESP).
> 
> I have *not* tried to reproduce the behavior by umounting other devices
> as this is a live fileserver. However, I can trigger this behavior 100%
> of the time if I umount /boot.
> 
> journalctl shows a number of messages similar to this:
> 
> Jul 24 20:25:41 myserver systemd[1]: Stopped (with error)
> /dev/mapper/wxyz.
> -- Subject: Unit dev-mapper-wxyz.device has finished shutting down
> -- Defined-By: systemd
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- Unit dev-mapper-wxyz.device has finished shutting down.
> 
> As I said, the system has started, in the last week, unmounting all
> these other devices. Why?
> 
> I am not a developer and I am new to systemd. I am happy to provide
> additional information upon request.
> 

Could it be this?

https://github.com/systemd/systemd/issues/1620

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] systemd with TPM docs

2016-07-25 Thread han tai
Hi


Is there any documents about systemd with TPM ?

Thanks.



--

Yours Sincerely___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel