Re: [systemd-devel] Minimal systemd configuration

2015-04-05 Thread Alison Chaiken
srdb asks:
 1. Is there any documentation for creating minimal systemd
 configuration? I mean for example - for qemu or embedded systems - with
 only sshd daemon running and console to just log into the system?

Yes, at

http://freedesktop.org/wiki/Software/systemd/MinimalBuilds/

The easiest way to get a minimal build is to clone the source, run
autogen.sh, then read the --disable entries in the configure script
that is created.  To get a minimal build with 219, I ran

./configure --disable-gtk-doc --disable-seccomp --disable-selinux
--disable-apparmor --disable-xz --disable-zlib --disable-pam
--disable-acl --disable-smack --disable-gcrypt --disable-audit
--disable-elfutils --disable-libcryptsetup --disable-qrencode
--disable-microhttpd --disable-gnutls --disable-libcurl
--disable-libidn  --disable-quotacheck --disable-vconsole
--disable-logind --disable-machined --disable-importd
--disable-hostnamed --disable-timedated --disable-localed
--disable-polkit --disable-resolved --disable-networkd --disable-efi
--disable-manpages --disable-hibernate --disable-tests  --disable-nls
--disable-python-devel --disable-utmp --disable-xkbcommon
--disable-ima --disable-binfmt --disable-tmpfiles --disable-sysusers
--disable-firstboot --disable-randomseed

You may need different options in your setup.   Edit the configuration
script or use a command-line option to set the installation directory
to your NFS path.   If, for some reason, you don't want systemd-219,
you can checkout an earlier tagged release from git.

 3. Is it possible to reconfigure systemd to run some script at the end
 of initialisation?

Yes, you can add a new service by creating a new unit file in
multi-user.target (more or less old runlevel 3) or graphical.target
(more or less old runlevel 5).   Find a unit file that does something
similar to what you want and use it is a template.

Good luck,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] nspawn and Qemu compatibility?

2015-04-03 Thread Alison Chaiken
I've been using Qemu to cross-compile packages and root filesystems
for a while and thought I'd try nspawn instead.While I sometimes
want a full GUI desktop in the walled-off environment, mostly console
is enough, and for that nspawn sounds more efficient.

Here's the base sequence:

Install
==
qemu-img create -f raw /opt/debian.raw 50G
qemu-system-x86_64  -machine accel=kvm --enable-kvm --cdrom
/opt/debian.iso -boot d -hda /opt/debian.raw -m 4096 -net
nic,model=e1000  -net user,hostfwd=tcp:127.0.0.1:-:22 -name debian
-localtime -no-reboot

Boot as Qemu
===
qemu-system-x86_64 -enable-kvm -boot c -hda /opt/debian.raw -m 4096
-usb -net nic,model=e1000  -net user,hostfwd=tcp:127.0.0.1:-:22
-name debian -localtime -machine accel=kvm -chardev
spicevmc,id=charchannel1,name=vdagent -chardev pty,id=charconsole0
(inside Qemu) systemctl poweroff

Login with nspawn
===
mount -t auto -o ro,loop,offset=1048576 /opt/debian.raw /mnt/loop
[offset moves past /boot partition to linux ext4]
systemd-nspawn -D /mnt/loop
exit
umount /mnt/loop

So far, all smiles.However, when I try the same Boot as Qemu
instructions again, the kernel comes up, but then Reading hard disk .
. .  appears, and then nothing. So I guess that using
systemd-nspawn has somehow corrupted the filesystem, although I'm not
sure *why* that would happen.Is there some reason that switching
between nspawn and Qemu should fail, or that nspawn would have a
problem with a loop mount?   Should I invoke nspawn differently?

Thanks,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] nspawn and Qemu compatibility?

2015-04-03 Thread Alison Chaiken
I asked:
 I've been using Qemu to cross-compile packages and root filesystems
 for a while and thought I'd try nspawn instead.  [ . . .  ]
 Here's the base sequence:
 Install
 ==
[ . . . ]
 Boot as Qemu
 ===
[ . . . ]
 Login with nspawn
 ===
 mount -t auto -o ro,loop,offset=1048576 /opt/debian.raw /mnt/loop
 [offset moves past /boot partition to linux ext4]
 systemd-nspawn -D /mnt/loop
 exit
 umount /mnt/loop

 So far, all smiles.However, when I try the same Boot as Qemu
 instructions again, the kernel comes up, but then Reading hard disk .
 . .  appears, and then nothing.

Andrei Borzenkov arvidj...@gmail.com wrote:
 Did you check if loop device was unconfigured? Just to exclude the
 obvious.

I'm not sure what you mean by unconfigured.I tried rebooting in
case systemd had somehow taken a reference on the raw image and wasn't
releasing it, but that didn't help. fdisk -l debian.raw still
shows the partition table.I'm creating a new GPT-partitioned image
that I can save in /var/lib/machines in order to employ the
more-recommended methods, but I'm curious why this method didn't work.
  I can still start the loop partition with nspawn, but Qemu doesn't
like it anymore.

Thanks,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] drop-ins and watchdogs question

2015-03-21 Thread Alison Chaiken
Typing

 modprobe softdog soft_noboot=0
 watchdog-test -e

turns on the kernel's softdog timer.'sudo lsof /dev/watchdog'
shows no readers, as expected, and system will reboot.   With a
system.conf file in /run/systemd/system.conf.d that contains the singe
uncommented line

 RuntimeWatchdogSec=60

then typing

systemctl daemon-reexec
lsof /dev/watchdog

shows that systemd is holding the file open, and the system does not
reboot: perfect.

To stop systemd from petting the dog, I create a new system.conf file that has

 RuntimeWatchdogSec=0

and type 'systemctl daemon-reexec'.   As expected, 'sudo lsof
/dev/watchdog' shows no one is holding file open.   However, the
system does not reboot!I'm not sure if this is because of the way
that the softdog works, or because I haven't overridden the property
properly.I can see that if I just removed the
/run/systemd/system.conf file, that RuntimeWatchdogSec should be
unchanged upon daemon-reexec, but I would think that manually
overriding it by setting it to zero should have the intended result
here.   Which leads to the questions:

-- Is there a way to get systemd to dump what values it's using for
the variables in system.conf?   'systemctl show-environment' doesn't
do it.

-- In a realistic situation, how would drop-in configuration files in
/run/systemd be created?   I guess a script in the initrd could do it.
   Presumably configuration of a feature like a watchdog that is
needed early in boot is better handled through
/etc/systemd/system.conf.

Thanks,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] experiments with 'minimal build'

2015-03-20 Thread Alison Chaiken
Mantas:
The RSS column in `ps u 1`, `pmap -x -p 1` or in htop describes it a bit 
better.

Using that method, I find 9 MB for maximum-features build and 5 MB for
minimum-features one.

Jeff Waugh:
The last + is +SYSVINIT, but there doesn't appear to be a configure option to 
disable sysvinit compatibility anymore.

I was wondering about that myself.

GKH:
static compilation doesn't affect the ability to plug in dynamic devices into 
your system, like USB :)

If intelligent parasites want to plug HIDs into implanted medical
devices, they'll just have to recompile systemd then.

Andrei Borzenkov  wrote:
 Systemd enumerates devices using udev, so any dependency on device
 won't work. May be it is not that important for embedded world, just
 something to keep in mind.

With proper device-tree, I believe we don't need enumeration.

Thanks,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] experiments with 'minimal build'

2015-03-19 Thread Alison Chaiken
I ran systemd 219 with most recent patches and

-PAM -AUDIT -SELINUX -IMA -APPARMOR -SMACK +SYSVINIT -UTMP
-LIBCRYPTSETUP -GCRYPT -GNUTLS -ACL -XZ -LZ4 -SECCOMP +BLKID -ELFUTILS
+KMOD -IDN

and, to compare, with

+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP
+LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS
+KMOD +IDN

Checking memory RSS usage with 'sudo pmap -x -p 1' as suggested by
Mantas, the former case uses about 5 MB, while the later consumes
close to 9 MB.I'm sure that with statically compiled kernel and
appropriate fstab that KMOD and BLKID are not needed either, but I
doubt that they affect memory usage much.

http://freedesktop.org/wiki/Software/systemd/MinimalBuilds/ says that
the minimum requirements are udev and journald.   I wonder if udev is
really needed if the kernel is completely statically compiled and
module loading is disabled?   That is a common use case for many
embedded devices.

Thanks,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] experiments with 'minimal build'

2015-03-18 Thread Alison Chaiken
After reading about the 'minimal build' on the systemd wiki, I decided
to experiment.

0. WIth basically all options turned on, in a Fedora 21 Qemu, systemd
used about 300 MB of memory according to 'sudo memstat -p 1'.

1. With ./configure --disable-gtk-doc --disable-seccomp
--disable-selinux --disable-apparmor --disable-xz --disable-zlib
--disable-pam --disable-acl --disable-smack --disable-gcrypt
--disable-audit --disable-elfutils --disable-libcryptsetup
--disable-qrencode --disable-microhttpd --disable-gnutls
--disable-libcurl --disable-libidn  --disable-quotacheck
--disable-vconsole --disable-logind --disable-machined
--disable-importd --disable-hostnamed --disable-timedated
--disable-localed --disable-polkit --disable-resolved
--disable-networkd --disable-efi --disable-manpages
--disable-hibernate --disable-tests

[achaiken@localhost systemd (master)]$ ./systemd --version
systemd 219
-PAM -AUDIT -SELINUX +IMA -APPARMOR -SMACK +SYSVINIT +UTMP
-LIBCRYPTSETUP -GCRYPT -GNUTLS -ACL -XZ -LZ4 -SECCOMP +BLKID -ELFUTILS
+KMOD -IDN

In this case, 'memstat -p 1' says systemd uses about 119 MB of memory.

2. Reducing even further,

./configure --disable-gtk-doc --disable-seccomp --disable-selinux
--disable-apparmor --disable-xz --disable-zlib --disable-pam
--disable-acl --disable-smack --disable-gcrypt --disable-audit
--disable-elfutils --disable-libcryptsetup --disable-qrencode
--disable-microhttpd --disable-gnutls --disable-libcurl
--disable-libidn  --disable-quotacheck --disable-vconsole
--disable-logind --disable-machined --disable-importd
--disable-hostnamed --disable-timedated --disable-localed
--disable-polkit --disable-resolved --disable-networkd --disable-efi
--disable-manpages --disable-hibernate --disable-tests  --disable-nls
--disable-python-devel --disable-utmp --disable-xkbcommon
--disable-ima --disable-blkid --disable-binfmt --disable-tmpfiles
--disable-sysusers --disable-firstboot --disable-randomseed
--disable-backlight --disable-rfkill --disable-timesyncd
--disable-coredump --disable-myhostname
[achaiken@localhost systemd (master)]$ ./systemd --version
systemd 219
-PAM -AUDIT -SELINUX -IMA -APPARMOR -SMACK +SYSVINIT -UTMP
-LIBCRYPTSETUP -GCRYPT -GNUTLS -ACL -XZ -LZ4 -SECCOMP -BLKID -ELFUTILS
+KMOD -IDN

Now Qemu doesn't boot because Dependency failed for /boot
Dependency failed for /home.   From emergency shell, 'journalctl -p
err' shows 5 udev failures and 8 systemd ones.   /boot and /home are
empty because fedora-home and the UUID-labelled object are absent in
/dev/mapper.   The last successful target is Swap.

Hypothesis: the failure happened because I turned BLKID off.   Does
that sound right?   Does systemd not work without BLKID?   Would it
work with BLKID off it it hadn't previously been on at installation?

Obviously this was a sandbox experiment and nothing valuable was lost,
but nonetheless I'm curious.   I assume that turning off KMOD and
perhaps SYSVINIT isn't safe either?

Thanks for any suggestions,
Alison


-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] minimal required units

2015-03-12 Thread Alison Chaiken
aaron_wri...@selinc.com writes:
 Just for illustration purposes, here are few units listed in
 systemd.special, that I don't feel like I need, but which I'm left
 wondering if systemd needs them:
 cryptsetup.target
 display-manager.service
 getty.target
 graphical.target
 hibernate.target
 hybrid-sleep.target
 halt.target
 initrd-fs.target
 kbrequest.target
 multi-user.target
 network-online.target
 poweroff.target
 remote-fs.target
 initrd-root-fs.target
 runlevel*.target
 sigpwr.target
 sleep.target
 suspend.target
 swap.target

The right way to think about targets in systemd is as synchronous
points.   If target A Requires target B and is After it, then target A
won't try to start until after target B is ready in the sd_notify()
sense.   The targets are part of the signaling system for systemd's
sequencing method. Neil Brown's article at LWN
(https://lwn.net/Articles/584176/) discusses how targets can be used
to pass configuration signals between services.A target that can
be 'isolated' is akin to a run-level, but a target that cannot be
isolated is used for synchronization or signaling.

Some targets may be useful even if you don't strictly need them.   For
example, we old people may prefer to append '3' to bootargs when we
want to come up to the text console, and runlevel3.target provides
that capability.   You can, assuredly, append
'systemd.unit=multi-user.target' to bootargs instead.

The targets contribute to the file count, but not much to the binary
size.For embedded in general, it seems better not to touch
upstream bits if they don't make the binary larger.  Removing
services you don't need also must be done with caution.   For example,
I found out the hard way that getting rid of PAM means no 'systemctl
--user' commands will work.

Consider choosing different options when running configure.That
interface should in principle cleanly remove file sets corresponding
to individual features.   Removing individual files is always more
dangerous.

-- Alison


-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] how to nest slices under system.slice

2015-03-09 Thread Alison Chaiken
Umut Tezduyar Lindskog (u...@tezduyar.com) asked:
 How do I add a slice that is inside the system.slice?

Lennart answered:
 The name is basically the cgroup path. i.e. foo-bar-baz.slice is a
 slice below foo-bar.slice, which is below foo.slice, which is below
 -.slice.

I got curious about the pathological cases: what would happen if root
started a service that requested to be in user-foo.slice that was
resident in /usr/lib/systemd/system?   The results came out sensibly,
but are not quite what I guessed in advance.   Here are the results of
the four combinations:

Summary:


0. 'firefox.slice' is placed under top-level slice if started with
SUID from /usr/lib/systemd/system.

1. 'firefox.slice' is placed under user-UID.slice if started with
normal user privileges from /usr/lib/systemd/user.

2. 'user-firefox.slice' is placed under user.slice but not under
user-uid.slice if started with SUID from /usr/lib/systemd/system.

3. 'system-firefox.slice' is placed under a system.slice which is
created under user-uid.slice if started with normal user privileges
from /usr/lib/systemd/user.

Takeaway 0: as you'd expect, root can start services in a user's slice
if they are intentionally invoked that way.  Normal users are free to
create slices under their main-level slice of any arbitrary name, but
not to create slices in the top-level system slice.

Takeaway 1: a service's slice is created at top-level only if its unit file
specifies neither system-*.slice or user-*.slice and it is started by root.

Details:
==

0. firefox.service with slice=firefox.slice placed in
/usr/lib/systemd/system and started with 'sudo systemctl start
firefox.service':

sudo systemd-cgls:
├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 23
├─firefox.slice
│ └─firefox.service
│   ├─3895 /usr/lib64/firefox/firefox http://fedoraproject.org/wiki/SysVinit_to_
│   ├─4044 /bin/dbus-launch --autolaunch 8ebf690c04404266b85a36b676fefc7a --bina
│   └─4045 /bin/dbus-daemon --fork --print-pid 5 --print-address 7 --session


1. Firefox with slice=firefox.slice placed in /usr/lib/systemd/user and
started with 'systemctl --user start firefox.service':

└─user.slice
  └─user-1000.slice
├─session-1.scope
│ ├─2689 gdm-session-worker [pam/gdm-autologin]
│ ├─2707 gnome-session
[ . . . ]
   └─user@1000.service
  ├─2698 /usr/lib/systemd/systemd --user
  ├─2700 (sd-pam)
  ├─emacs.service
  │ └─2704 /usr/bin/emacs --daemon
  └─firefox.slice
└─firefox.service
  └─4280 /usr/lib64/firefox/firefox
http://fedoraproject.org/wiki/SysVinit_to_


2. firefox-user-slice.service is placed in /usr/lib/systemd/system, but contains
'Slice=user-firefox.service' and started with sudo systemctl start
firefox-user-slice.service,

└─user.slice
  ├─user-1000.slice
  │ ├─session-1.scope
  │ │ ├─2689 gdm-session-worker [pam/gdm-autologin]
  │ │ ├─2707 gnome-session
  │ │ ├─2714 dbus-launch --sh-syntax --exit-with-session
[ . . . ]
 │ │ └─4752 less
  │ └─user@1000.service
  │   ├─2698 /usr/lib/systemd/systemd --user
  │   ├─2700 (sd-pam)
  │   └─emacs.service
  │ └─2704 /usr/bin/emacs --daemon
  └─user-firefox.slice
└─firefox-user-slice.service


3. Firefox with Slice=system-firefox.slice placed in
/usr/lib/systemd/user and started with 'systemctl --user start
firefox-system-slice.service'

└─user.slice
  └─user-1000.slice
├─session-1.scope
│ ├─2689 gdm-session-worker [pam/gdm-autologin]
│ ├─2707 gnome-session
│ ├─2714 dbus-launch --sh-syntax --exit-with-session

[ . . . ]

   └─user@1000.service
  ├─2698 /usr/lib/systemd/systemd --user
  ├─2700 (sd-pam)
  ├─emacs.service
  │ └─2704 /usr/bin/emacs --daemon
  └─system.slice
└─system-firefox.slice

-- Alison


-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
One consumes a great deal of silence in the course of becoming
educated. -- Matthew B. Crawford
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] USENIX/LISA conference in November 2015 seeks paid presenter for systemd tutorial

2015-02-25 Thread Alison Chaiken
The USENIX/LISA conference to be held in Washington, DC, USA in
November is seeking a paid presenter for a half-day tutorial about
systemd. I received an invitation to present a tutorial which I
will be happy to forward to anyone who would like to respond.I
have no information about the conference other than that in the
invitation.

https://www.usenix.org/conference/lisa15/call-for-participation/submission

Best wishes,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600http://{she-devel.com,
exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] user units and system units behavior

2015-02-14 Thread Alison Chaiken
Thanks very much, Ivan, for the detailed explanation.

I asked:
 Question: What does the error message 'Process
 org.freedesktop.systemd1 exited with status 1' mean?

Ivan:
 this is a sign of that the systemd user instance (`systemd --user`)
 isn't running.  More specifically, the systemd user instance wasn't running, 
 so its bus
 name hadn't been taken, so the dbus1 server tried to do the bus
 activation, but the dbus1 service file for systemd (not to be confused
 with systemd's unit files) contains Exec=/bin/false (as to prevent bus
 activation), so that activation had failed.

Why shouldn't the user be able to activate the systemd user instance?
 Should they start services in the /user unit directories with
'systemctl --session' then?In the spirit of 'systemctl cat' and
'systemctl edit' commands that find the applicable unit even when the
invoker doesn't know the complete path, I would hope that non-SUID
users could type 'systemctl start foo.service' and it would just
work.

Is 'systemctl --user' completely broken then?   If so, shouldn't we
remove it from the documentation?

'ps | grep dbus' does in fact show a --session bus on Fedora 21 and
GNOME, but I guess there is no direct 'plumbing' way to request it to
start units.   Instead the 'porcelain' GNOME method of configured
services calling each other is required.

Ivan:
 This is the current out-of-the-box situation. The problem lies in that
 there is currently no single user bus. There is a number of session
 busses, launched by a scriptlet in /etc/X11/xinitrc.d for each X11
 session separately.

I see that for my fully updated, stock (except for freshly compiled
systemd) Fedora 21 GNOME installation that there is no
/etc/X11/xinitrc.d directory.   I take it that means that is no way
for users to start services without suid.Services can only be
started by root, and only system services, as root's search path for
units does not include user units.

I read Simon McVittie's previous posting on related topics.   He says in part:

http://lists.freedesktop.org/archives/systemd-devel/2015-January/027711.html

systemd-logind implements those semantics, and also runs a `systemd --user`
for the lifetime of the user-session.. . .
In graphical sessions, vaguely modern Unix OSs typically know how to
start up a dbus-daemon during the creation of a graphical session (e.g.
in Debian and derivatives it's started by /etc/X11/Xsession.d, and
Fedora derivatives have a similar setup under a different name). If they
don't, modern desktop environments also know how to start a dbus-daemon
if they need one (e.g. gnome-session does this for GNOME), and if *that*
doesn't start one (the I use Firefox under fvwm use-case), we have a
slightly shaky but functional autolaunch mechanism based on X11
properties.

I suppose, Ivan, that your reference is to these autolaunch mechanisms
when you mentioned /etc/X11/xinitrc.d/.   But shouldn't gnome-session
be starting the user bus already?gnome-session is running on the
stock Fedora 21, but 'ps -ppid' shows that it has parented no D-Bus
daemons.   I suppose that the takeaway then is that the gnome-session
in Fedora 21 is not ready for systemd 218.

 And this all is going to change when kdbus becomes finally there.

My original intention was to test 3.19 with kdbus and systemd 218 in a
Qemu, but so far I'm stumped by the initramfs creation for Fedora.
That's a different topic, though!

-- Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] user units and system units behavior

2015-02-14 Thread Alison Chaiken
Mantas offers:
 I think the idea was that the user instance would be started automatically
 when the user first logged in.

 (Which it is, at least on Arch: logind starts user@1000.service for me as
 soon as pam_systemd tells it that I've logged in.

 Some distros break it, either intentionally or by accident. Not sure about
 Fedora.)

On Fedora 21, I see

[achaiken@fedora21]$ sudo systemctl status -l user@1000.service
● user@1000.service - User Manager for UID 1000
   Loaded: loaded (/usr/lib/systemd/system/user@.service; static;
vendor preset: disabled)
   Active: inactive (dead)

[achaiken@fedora21]$ sudo systemctl enable user@service
The unit files have no [Install] section. They are not meant to be enabled
using systemctl.
Possible reasons for having this kind of units are:
1) A unit may be statically enabled by being symlinked from another unit's
   .wants/ or .requires/ directory.
2) A unit's purpose may be to act as a helper for some other unit which has
   a requirement dependency on it.
3) A unit may be started when needed via activation (socket, path, timer,
   D-Bus, udev, scripted systemctl call, ...).

[achaiken@fedora21]$ sudo systemctl start user@1000.service
[achaiken@fedora21]$ systemctl start --user gnome-weather.service
Failed to start gnome-weather.service: Process
org.freedesktop.systemd1 exited with status 1

I wrote:
 In the spirit of 'systemctl cat' and
 'systemctl edit' commands that find the applicable unit even when the
 invoker doesn't know the complete path, I would hope that non-SUID
 users could type 'systemctl start foo.service' and it would just
 work.

Mantas answers:
 Not sure how that's at all related to knowing the complete path?

I meant only that expecting users to know that they have to type
systemctl --user is undesirable if it's not necessary.

Mantas:
 It's not broken on stock systemd. As long as your `systemd --user` instance
 is running, systemctl can contact it directly over the
 $XDG_RUNTIME_DIR/systemd/private socket, so there's no hard dependency on
 on any D-Bus bus either (neither system nor session nor user).

 So if you see `systemctl --user` trying to contact systemd over the bus, it
 only does so after it has given up trying to contact it over the private
 socket. Does that socket exist?

No, I gather that's the problem: 'ls $XDG_RUNTIME_DIR' shows no
systemd sub-directory at all.

 Also check if the system service user@your uid.service is active, if it
 has logged any errors. Try starting that .service manually too.

'systemctl start user@1000.service' shows no errors in the journal; it
just seems to 'exit 0' with no lasting effects.
I suppose that gnome-session is supposed to create
$XDG_RUNTIME_DIR/systemd/private and for some reason, silently fails
to do so.   gnome-session shows no associated errors in the journal
either.

Thanks,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600http://{she-devel.com,
exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] user units and system units behavior

2015-02-14 Thread Alison Chaiken
Ivan writes:
 So, I suppose, your `systemd --user` just fails to start somewhy, and
 you are getting that cryptic error message because systemctl can't find
 systemd on either of the buses.

Ah, after restarting the Qemu, I see in the journal:

Feb 13 22:09:06 fedora21.exerciseforthereader.org systemd[1900]:
Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.

By the time a gnome-terminal appears, 'echo $XDG_RUNTIME_DIR' shows
/run/user/1000, but it looks like 'systemd --user' is failing because
it can't find the value of this variable.Perhaps this is somehow
related to running in the virtualized environment.   So my takeway
from all this is that systemctl --user gnome-weather in the
beginning was still correct in systemd 218, but I need to track down
why 'systemd --user' can't read this variable when I log in.

Ivan:
 Hope it makes things a bit more clear. And I hope I haven't misunderstood 
 anything in the first place.

Very much so.   I can see that in automotive, where I work, the puzzle
of giving different privileges to driver (can control navigation
system but no Facebook, unless vehicle is stationary), passenger (can
read Facebook at any time, plus view any website, but has no
navigation control) and rear-seat (a kind of passenger who suffers
parental controls to prevent reading of porn) is going to be lots of
fun.   There is especially true when internationalization, which
involves different map and streaming audio databases, is thrown in to
the mix.   I have no fear that we will run out of work.

-- Alison


-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600http://{she-devel.com,
exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] user units and system units behavior

2015-02-14 Thread Alison Chaiken
Inside a Fedora 21 Qemu, I made a dead-simple 'gnome-weather.service'
and experimented with moving it in between system and user directories
in systemd 215.

Case 0: With /etc/systemd/system/gnome-weather.service,  starts
normally with 'systemctl start gnome-weather'

Case 1: With /etc/systemd/user/gnome-weather.service, starts normally
with 'systemctl --user start gnome-weather'

I wanted to try 'busctl monitor' so I compiled systemd 218 and installed it.

[achaiken@fedora21 ~]$ systemctl --version
systemd 218
-PAM -AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP
+LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS
+KMOD +IDN

Case 0: works as before, with 'busctl monitor
org.freedesktop.systemd1' producing many screens of output.

Case 1: 'systemctl --user start gnome-weather'  now fails:

[achaiken@fedora21 ~]$ systemctl start --user gnome-weather
Failed to start gnome-weather.service: Process
org.freedesktop.systemd1 exited with status 1

Meanwhile 'busctl --user monitor org.freedesktop.systemd1' shows no output.

Question: What does the error message 'Process
org.freedesktop.systemd1 exited with status 1' mean?

Question: is it correct that the user bus show no traffic in the
second case?   Or is that a symptom of what's wrong?

Thanks,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] Support for staged startup

2015-01-31 Thread Alison Chaiken
I asked:
 I don't know of any use case for one unit to start another directly.
 Is there one?

Marko responds:
 1.) Coming up with a small tree first reduces the loading time of the unit 
 set (not so much important in my case)

 2.) If you wanna create some dynamics between target A and target B so that 
 depending on the startup situation services are already started before A or 
 in another round they are delayed until A is done, you probably need to 
 disconnect them from the static startup tree and pull them in dynamically at 
 the desired time.

systemd includes 19 conditionals (see './systemd
--dump-configuration-items | grep Cond').The first, static set of
services can therefore use a variety of signals like symlinks or file
modification times to signal the second wave of services.You
could, for example, write a script to dynamically change where
default.target points depending on whether ConditionKernelCommandLine
contains certain bootargs or ConditionFirstBoot is TRUE.   These
signals are in addition to the more usual ones implemented by
sd_notify().

If there's a real need to check a different type of Condition, it
would be more in keeping with the spirit of systemd to add the new
Condition functionality than to have one unit specifically invoke
another.

-- Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] Support for staged startup

2015-01-29 Thread Alison Chaiken
Marko Hoyer asks:
 I'd like to realize a staged startup with systemd which is mainly about:
 - starting up a static tree up to a final service
 - the only job of the final service is to kick off the start of an additional 
 sub tree of units
 This kind of startup could be realized simply by adding an additional one 
 shot service which executes: systemctl start xxx.target

Marko, one target can already be specified as After another.   If
B.target is present in one of the appropriate directories and
specifies

After=A.target

and all the services of the final sub-tree are symlinked in a
B.target.wants directory, doesn't the behavior you need result?   What
is  missing?Of course, some of the units linked in B.target.wants
may already be started by the time A.target completes if they are part
of a earlier target or if they are needed by an earlier unit.   To
suppress that behavior, you'd have to edit the individual units.

I don't know of any use case for one unit to start another directly.
Is there one?

-- Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


[systemd-devel] PrivateDevices=true blocks use of ttys?

2014-12-26 Thread Alison Chaiken
On Fedora 21, I created a unit file in which I included
'PrivateDevices=true'.When I attempt to start the unit from the text
console, the unit fails, and 'systemctl status -l' reports:

startx[2754]: (EE) xf86OpenConsole: Cannot open /dev/tty0 (No such file or
directory)


When I take 'PrivateDevices=true' out of the unit file, it works fine.
The man page for systemd.exec reads

PrivateDevices=
Takes a boolean argument. If true, sets up a new /dev namespace for the
executed processes and only adds API pseudo devices such as /dev/null,
/dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it, but
no physical devices such as /dev/sda.


Isn't /dev/tty0 a pseudo TTY?   Shouldn't a service that has
'PrivateDevices=true' be able to access /dev/tty0?   I'm willing to
investigate further to see if there's a bug, but want to make sure that I
understand the expected behavior first

Best wishes,
Alison

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600http://{she-devel.com,
exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers, or
criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel


Re: [systemd-devel] Improving module loading

2014-12-23 Thread Alison Chaiken
Marko Hoyer:
 Are you talking about Save To RAM, Save to Disk, or a hybrid combination 
 of both?  Or do you have something
 completely different in mind?

GKH:
A number of devices in the past have done a save system image to flash, and 
then when starting up, just load the
system image into memory and jump into it, everything up and running with no 
startup time needed other than the
initial memory load.

Not all processors currently support this behavior.   See Russ Dill's
talk at 2013 ELC,

Extending the swsusp Hibernation Framework to ARM,
http://elinux.org/images/0/0c/Slides.pdf

or, put differently, on x86 3.16,
$# cat /sys/power/state
freeze standby mem disk

On Cortex-A9 3.14:
$# cat /sys/power/state
freeze mem

Dill's work added hibernation support for AM33xx.My understanding
of his presentation is that hibernation is not fully implemented for
other ARM processors.

On another topic that came up in this thread, why does
systemd-udev-settle.service exist?Doesn't the execution of this
service imply a synchronization point, and doesn't systemd create
targets rather than services for this purpose?   Wouldn't
systemd-udev-settle.target make more sense then?

Tom Gundersen:
In a stock Fedora/Arch (and probably others, but didn't check)
systemd-modules-load is not used at all.
[ . . . ]
I'm not aware of any kernel modules that legitimately needs to be
loaded in this way (i.e., all the ones that do can/should be fixed).

On my Debian Testing system, I see fuse, loop, lp, ppdev and
parport_pc.   The last 3 are related to printing, and presumably must
be preloaded because some printers will not usefully identify
themselves when powered on.   Giving unsophisticated users access to a
wide variety of hotplugged devices is undoubtedly the main reasons
distros want to use systemd-modules-load.

Marko Hoyer:
We are not using systemd-modules-load for applying this approach since it is 
trying to load all modules in one shot.

Can systemd units list kernel modules as explicit dependencies?   If
so, systemd's usual methods for ordering the start of units can
influence the loading order of modules.

Marko Hoyer:
- we have heavy graphics drivers (~800kb, stripped), they are needed 
 half the way at startup
- video processing unit drivers (don't know the size), they are needed 
 half the way at startup
- wireless  bluetooth, they are needed very late
- usb subsystem, conventionally needed very late (but this finally 
 depends on the concrete product)
- hot plug mass storage handling, conventionally needed very late (but 
 this finally depends on the concrete product)
- audio driver, in most of our products needed very late
- some drivers for INC communication (partly needed very early - we 
 compiled in them, partly needed later - we have them as module)

Consider that wireless, bluetooth, audio and hotplug mass storage have
the modules on which they rely as systemd Requisites in their unit
files.   We put the units for theseservices into a connectivity.target
that comes After a render.target that the graphics, video and INC are
in.   render.target then has as Requisites the GPU, VPU and INC
modules.   When each of these targets is started, the units could
insmod the modules and just skip udev rules altogether.   These
dependencies won't prevent the kernel from trying to load the later
modules sooner, but insmod'ing earlier needed modules explicitly will
still influence the order.

-- Alison Chaiken,
Mentor Graphics

-- 
Alison Chaiken   ali...@she-devel.com
650-279-5600
http://{she-devel.com,exerciseforthereader.org}
Never underestimate the cleverness of advertisers, or mischief makers,
or criminals.  -- Don Norman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel