Re: [systemd-devel] loose thoughts around portable services

2021-10-22 Thread Lennart Poettering
re other people, we would really like to contribute and send a patch on > this. A patch adding .d/ style drop-ins for profiles would make a ton of sense. Happy to take that. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] A questions about modules-load service in systemd

2021-10-22 Thread Lennart Poettering
l > fork many tasks to process different kernel modules parallelly. It doesn't do that actually. But udev when it loads kernel modules does things from a bunch of worker processes all in parallel. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] loose thoughts around portable services

2021-10-18 Thread Lennart Poettering
rvice file’s sandboxing > directives against a profile and find the delta. Then score the > service file against delta. Interesting idea. Current git has all kinds of JSON hookup for systemd-analyze security btw, so tools could do that externally too. But you are right, doing this implicitly mi

Re: [systemd-devel] [systemd‑devel] Removing bold fonts from boot messages

2021-10-14 Thread Lennart Poettering
es (alternatively: "NO_COLOR=1" as per https://no-color.org/) SYSTEMD_EMOJI=0 → no unicode emojis LC_CTYPE=ANSI_X3.4-1968 → no non-ASCII chars (which also means no emojis) SYSTEMD_URLIFY=0 → no clickable links Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] troubleshooting Clevis

2021-10-12 Thread Lennart Poettering
really has much use, and that's quite a limited userbase, so I'd say: no this should be done outside of systemd. Maybe a plugin for libcryptsetup's "token" feature. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Removing bold fonts from boot messages

2021-10-12 Thread Lennart Poettering
ion to remove the bold face only, but not the colors? > systemd.log_color=0 removes all formatting, but I'd like to keep the > colors... No, this is not configurable. We are not a themeable desktop, sorry. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Tempering the Logging Data when Knowing the Verification Key / Time Synchronization

2021-10-11 Thread Lennart Poettering
act is after all the whole point of the excercise). For cases like this it might make sense to ensure that flushing of the journal to disk (i.e. systemd-journald-flush.service) is scheduled after correct time has been acquired (i.e. time-sync.target). Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] dm-integrity volume with TPM key?

2021-10-11 Thread Lennart Poettering
On Fr, 08.10.21 21:15, Sebastian Wiesner (sebast...@swsnr.de) wrote: > Am Montag, dem 04.10.2021 um 14:49 +0200 schrieb Lennart Poettering: > > On Do, 30.09.21 21:20, Sebastian Wiesner (sebast...@swsnr.de) wrote: > > > > > Hello, > > > > > > thanks for q

Re: [systemd-devel] [systemd]: How to set systemd not to generate loop0.device and mtdblockx.device?

2021-10-11 Thread Lennart Poettering
nted by something you are using. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Antw: [EXT] Re: [systemd‑devel] Q: write error, watchdog, journald core dump, ordering of entries

2021-10-11 Thread Lennart Poettering
al started" message is inserted into the log stream by journald itself before processing the already queued messages. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Q: write error, watchdog, journald core dump, ordering of entries

2021-10-11 Thread Lennart Poettering
y journald starts up again, and resumes processing log messages. it will then process the messages already queued in the sockets from when it was hanging, and thus the order might be surprising. -- Lennart Poettering, Berlin

Re: [systemd-devel] dm-integrity volume with TPM key?

2021-10-04 Thread Lennart Poettering
scheme where we search for the encryption key for volume xyz in /etc/cryptsetup-keys.d/xyz.key, and we should probably do it similar for verity keys, too. > 5. use homed for LUKS-encrypted home areas on /home? > > Does this sound reasonable?   Yes! Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Authenticated Boot and Disk Encryption on Linux

2021-10-04 Thread Lennart Poettering
where your OS payload comes in flatpaks, containers, sysexts, portable services, …, i.e. is not written to /usr. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Prefix for direct logging

2021-10-04 Thread Lennart Poettering
On Mi, 29.09.21 20:21, Arjun D R (drarju...@gmail.com) wrote: > Hi Lennart, > > Please help me understand how the journald is figuring out the PID of the > log line. Google SCM_CREDENTIALS. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Authenticated Boot and Disk Encryption on Linux

2021-09-30 Thread Lennart Poettering
o add logic to shrink to minimal size then (and conversely grow on login again). This will only really work in case btrfs is used inside the homedir images, as only then we can both shrink and grow the fs whenever we want to. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] dm-integrity volume with TPM key?

2021-09-30 Thread Lennart Poettering
file /etc/integrity.key (with a fallback to /var/lib/integrity.key) or similar, that is used as implicit HMAC key for all dm-integrity needs. Then, because (at least in my idealized view) /etc or /var are authenticated territory (bound to TPM) we get the property we want, indirectly. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] FDE: UEFI/Secureboot solves main part / missing link is /boot encryption

2021-09-29 Thread Lennart Poettering
is basic initrd. My focus is that this kernel/initrd signing happens during build time, not at install time, i.e. the secret signature keys should be held by the building party only, not by the local instalations. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] FDE: UEFI/Secureboot solves main part / missing link is /boot encryption

2021-09-28 Thread Lennart Poettering
. The ultimate goal is that servers and embedded devices can boot up entirely unattanded in safe way, and that desktop machines only query the user once, and that the authentication the user does unlocks the user's actual data. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Prefix for direct logging

2021-09-28 Thread Lennart Poettering
output being the log file to write to. You then use it by using StandrdOutput=… in your main unit, to connect its stdout/stderr to that fifo. Also, you add deps so that each time a service that tneeds this starts the log prefix service socket for it starts too. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] troubleshooting Clevis

2021-09-28 Thread Lennart Poettering
s fail during boot, moreover, manual > 'clevis-luks-unlock' works no problems. This is the systemd mailing list, not the clevis/tang mailing list. Please contact the clevis/tang community instead. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Add LUKS disk to an Raspberry Pi 4 install

2021-09-27 Thread Lennart Poettering
e node by the UUID of what's on it. (Presumably that's supposed to be the UUID of the LUKS2 superblock?) And it doesn't appear to match what is *actually* the UUID of your LUKS2 superblock? Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] 回复: systemd-devel Digest, Vol 137, Issue 26

2021-09-23 Thread Lennart Poettering
rarily switch to volatile logging via "journalctl --relinquish-var", then do something with /var/log (like replace it, backup it, overmount it, whatever), and then eventually want to switch back to using it, which you then can do with "journalctl --flush". Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Pre-installed portable services ?

2021-09-20 Thread Lennart Poettering
files the call creates. We could also add some special dirs that may contain images we'll automatically attach + enable during boot as we discover them. That'd be a new feature though. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Examples to distinguish Before=/After= and Wants=/Requires=/BindsTo=

2021-09-18 Thread Lennart Poettering
On Fr, 17.09.21 19:04, Kenneth Porter (sh...@sewingwitch.com) wrote: 65;6402;1c > --On Friday, September 17, 2021 12:49 PM +0200 Lennart Poettering > wrote: > > > more specific example: you can use apache without mysql, and you can > > use mysql without apache, but quit

Re: [systemd-devel] Systemd-boot not properly loading device tree, when loaded by U-boot (ARM64, tested on RK3399)

2021-09-17 Thread Lennart Poettering
? Did you see this: https://github.com/systemd/systemd/pull/19417 (and maybe this: https://github.com/systemd/systemd/pull/20601) maybe that addresses your issues? Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Examples to distinguish Before=/After= and Wants=/Requires=/BindsTo=

2021-09-17 Thread Lennart Poettering
you can use mysql without apache, but quite often they are used together, and if so you likely want to start mysql first, and apache second, since it likely consumes services of mysql, and not the other way round. Hence in this example, you'd place an ordering dep, but not requirement dep. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Preferred way to recurse over a directory?

2021-09-15 Thread Lennart Poettering
rating with readdir() as needed. (Probably best to keep these discussions on the PR though). Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] New developer building systemd

2021-09-14 Thread Lennart Poettering
OK, but instead of replacing the line unconditionally, it should be one or the other depending on `#if HAVE_LIBCRYPTSETUP`, so that it then works in both cases. Would be delighted if you could submit such a patch via github PR. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] [RFC] Switching to OpenSSL 3?

2021-09-14 Thread Lennart Poettering
one actually doing the work. I'd love to do it yesterday. But knowing how things work, this will be a couple of months I guess, maybe half a year. Or could even be longer. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Portable services

2021-09-14 Thread Lennart Poettering
s in secure, trusted way: the basic initrd is now built into the kernel (and thus validated along with it), and exotic storage is then added in via trusted, verifiable system extensions. Lennart -- Lennart Poettering, Berlin

[systemd-devel] [RFC] Switching to OpenSSL 3?

2021-09-14 Thread Lennart Poettering
Heya! Some of the systemd developers have been discussing switching systemd's crypto libraries to be exclusively OpenSSL 3.0, and drop support for older OpenSSL versions, as well as any GNUTLS/libgcrypt support. As you might have noticed OpenSSL 3.0 has been released recently, and for the first

Re: [systemd-devel] Filter/Parse NETLINK_KOBJECT_UEVENT Messages

2021-09-14 Thread Lennart Poettering
ering, and in particular the bloom filter that is used for that is mostly internal to udev, and not something that is consider official API and should be reimplemented. Use sd-device/libudev, it implements all of this, and is the only official API to the bpf bloom filter stuff udev does there. Lennar

Re: [systemd-devel] Filter/Parse NETLINK_KOBJECT_UEVENT Messages

2021-09-13 Thread Lennart Poettering
e keep the liberty to change it if we must). Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] resolved: disabling automatic resolution of hostname and IP?

2021-09-10 Thread Lennart Poettering
ipa0.local. > > is problematic when FreeIPA needs to detect whether the IP of the host > already belongs to a reverse zone. I'd expect NXDOMAIN there instead. > > Any input will be much appreciated. > > Thank you, > François > > Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Unable to boot Linux distribution ISO files that have systemd services

2021-09-02 Thread Lennart Poettering
issue, i.e. the upper part of the screen shows kernel debug output that happens on kernel oops. i.e. it's a driver issue, and systemd hangs simply because the kernel hangs/crashed. Please work with your distro, they might be able to help. Kernel/driver issues like this are out of scope for systemd t

Re: [systemd-devel] Using LoadCredential for passing API key to s3 bucket mount unit

2021-09-02 Thread Lennart Poettering
do in mout mount.fuse.s3fs wrapper script really, PID 1 won't do that for you. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Use of systemd-cat

2021-08-31 Thread Lennart Poettering
things that logs its log output to stdout/stderr which you want to invoke from the shell, but still have the logs go to the journal: myscript | systemd-cat Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] why log_set_prohibit_ipc() is set in journald

2021-08-27 Thread Lennart Poettering
log messages to go kmsg, except for a bunch where we know for sure they aren#t immediate effect of an attempt to write a log message, and thus won't result in a cycle. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] why log_set_prohibit_ipc() is set in journald

2021-08-27 Thread Lennart Poettering
; space or something like that), then it can't really *rely* on journal still > working... > > Afaik, messages written to kmsg will be imported back into the journal > anyway, but that happens asynchronously so it's fine. The above describes exactly how it is, and why journald turns of logging via IPC. journald should not be a client to itself. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] How does journald talks to other services?

2021-08-24 Thread Lennart Poettering
t pick up messages from another syslog service, only from syslog clients. Thus, there is no loop. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] How does journald talks to other services?

2021-08-20 Thread Lennart Poettering
ways how log messages are delivered to journald. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] [hostnamed] Why the service will automatically exit after 30 seconds

2021-08-19 Thread Lennart Poettering
as > dropped off the bus and is never going to return a response? If that were > possible we could possibly rely on that rather than an explicit timeout. I > think the answer to this question might be "no" though... it detects that out-of-the-box. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Upgraded multiple systems to systemd 249.3 and all had eth1 not started / configured

2021-08-16 Thread Lennart Poettering
On Mo, 16.08.21 17:31, Amish (anon.am...@gmail.com) wrote: > > On 16/08/21 5:25 pm, Lennart Poettering wrote: > > On Mo, 16.08.21 16:09, Amish (anon.am...@gmail.com) wrote: > > > > > Some old scripts that we have expect interface names starting with eth.

Re: [systemd-devel] Upgraded multiple systems to systemd 249.3 and all had eth1 not started / configured

2021-08-16 Thread Lennart Poettering
piface | sed s/tmpeth/eth/)"; done > > This ensures that I have predictable names starting with eth*. And it is > working fine from 2-3 years. Even with current issue, name assignment is > working fine. This cannot work and is necesarily race. Stay out of the ethXYZ namespace, that's the kernel's namespace. Pick any other names, i.e. "foobar0", "foobar1", but otherwise you just have a racy racy mess, because the kernel might take the name whenever it pleases. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] --luks-offline-discard option has no effect on systemd-homed

2021-07-28 Thread Lennart Poettering
minified on logout. But in my case it's not > at all. Here is my executed command and output. I thought I had fixed that issue. Which systemd version is this? Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.

Re: [systemd-devel] Do Systemd service have limitation w.r.t IPC on forked process

2021-07-28 Thread Lennart Poettering
logs should explain why. "systemd-analyze log-level debug" is the command to do that during runtime. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Problem : service ( systemd )

2021-07-28 Thread Lennart Poettering
ill implicitly then do a "systemctl daemon-reload" for you, too. You can also do that part manually, maybe after you actually removed the unit files from disk. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-d

Re: [systemd-devel] Changing the Priority Level of Journald during Runtime

2021-07-28 Thread Lennart Poettering
e? It's not available right now. Please file an RFE issue on github so that we can look into it. Or provide a patch that adds it. We nowadays have the Varlink IPC API in journald, it should be pretty straight-forward adding this logic there. Lennart -- Lennart Poettering, Berlin

Re: [systemd-devel] Exception safety od sd-bus

2021-07-27 Thread Lennart Poettering
ur support for C++ goes. I have no experience with C++ exceptions and C stack frames. We have no explicit support for any of it, so they are handled like in any program where C++ is called from C contexts, and I figure there will be plenty docs about that. Lennart --

Re: [systemd-devel] Failing UnitTest for Journald

2021-07-06 Thread Lennart Poettering
shot down any attempt to optionally attach more metadata to AF_UNIX datagrams (if we had just the cgroup this would already make things *so* much better for us). Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freede

Re: [systemd-devel] Are there any circumstances under which we would *expect* init.scope to not exist?

2021-07-01 Thread Lennart Poettering
v1 and cgroupvs2 when we added it, even though not strictly necessary on the former, to minimize behavioural differences. maybe your old systemd is just +that* old? Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list sy

Re: [systemd-devel] minimum space needed for reload/reexec

2021-07-01 Thread Lennart Poettering
. This would mean we'd scale the safety net by the amount of physical memory in the system. i.e. 2% of physical RAM, but 16M at most. This should then cover your case too? i.e. enforce a lower limit on smaller systems, and the existing 16M limit

Re: [systemd-devel] Fast respawning jobs

2021-06-25 Thread Lennart Poettering
don't? You configured your unit to prohibit that via the start limits you defined. If you want to allow quick, repeated starts then raise the limit. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Fast respawning jobs

2021-06-25 Thread Lennart Poettering
after 1 Seconds with resultcode 0). Raise the start limit? Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Alias for SMTP providers [ie. mutually exclusive service alternatives]

2021-06-16 Thread Lennart Poettering
is, but your distro might add that. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Running systemd unprivileged in Docker container

2021-06-14 Thread Lennart Poettering
person. Ideally this would be the default setup of Docker, but well, apparently it isn't. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Alais for SMTP providers

2021-06-14 Thread Lennart Poettering
We have no such target upstream, and I am not sure we should add that. Maybe your downstream distro has that though. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] systemd.socket man pages update suggestion

2021-06-14 Thread Lennart Poettering
1 the SELinux context is not computed. Text like > this would have saved a lot of head scratching and code reading :( We should probably make this work for any service that is instantiated with a single fd. Can you file a bug on github asking for this? Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Are Pathnames in /tmp/systemd-private-foo predictable?

2021-06-14 Thread Lennart Poettering
collision attacks. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Discrepancy in using dhclient b/w ubuntu 20.04 and ubuntu 16.04

2021-06-08 Thread Lennart Poettering
gt; container and start dhclient at your own from a trivial systemd-unit? Reindl, I warned you very explicitly not to behave like this: https://lists.freedesktop.org/archives/systemd-devel/2021-February/046028.html You ignored that now. You are now blocked on this mail

Re: [systemd-devel] systemd-nspawn with filesystem id mapping

2021-06-08 Thread Lennart Poettering
heading in the wrong direction? Let's follow up on the PR, it's the better place to development discussions on specific bugs or problems. I replied on it the other day. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] rg...@outlook.com

2021-06-07 Thread Lennart Poettering
s very old. You might want to switch to a newer OS for this anyway. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] rg...@outlook.com

2021-06-07 Thread Lennart Poettering
tate and is stuck forever. In the mail I have attached > a minimalistic reproduction of the issue seen. Are you running systemd inside of a Docker container on Ubuntu 16.04? Docker isn't really up to that. In particular not 5y old versions of it. Lennart -

Re: [systemd-devel] DHCP6 client failing when /etc is mounted as overlayfs

2021-06-02 Thread Lennart Poettering
ld follow the documented behaviour of machine-id, because if you don't then things will break all over the place. Please see machine-id(5) for details about the file. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@li

Re: [systemd-devel] luks - a particular device systemd treats differently?

2021-06-02 Thread Lennart Poettering
rovide the full logs off that unit. "journalctl -u ". Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] what's the order in which systemd .device units are created ?

2021-06-02 Thread Lennart Poettering
this might delay delivery of the events to PID 1. However, there's certainly some relationship here: if certain devices are the ones we start processing first thy are likely also the devices where we finish processing them first, even if there's no strict guarantee for that. Lennart -- Lennart Poetter

Re: [systemd-devel] luks - a particular device systemd treats differently?

2021-06-01 Thread Lennart Poettering
e does not see, mark that one device as "failed" > and I have no idea why systemd would do that for that one device. > Would somebody care to share so ideas? I am not sure I properly grok what you are trying to say, but: did you check the logs? Lennart -- Lennart Poettering, B

Re: [systemd-devel] Adding USB ID to hwdb/usb.ids

2021-06-01 Thread Lennart Poettering
elf din't reveal anything? Anyway, please consider submitting the addition as a PR if it's indeed unlikely linux-usb.org comes back as a maintainer for this. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.fr

Re: [systemd-devel] syntax checker

2021-06-01 Thread Lennart Poettering
x checker tool" to > generate a summary of the overhead, errors, dependencies > etc., before running the daemon into the new configuration > setting... "systemd-analyze verify" Lennart -- Lennart Poettering, Berlin ___ systemd-devel

Re: [systemd-devel] Antw: [EXT] Re: What causes "systemd-journald[3256]: Missed 127 kernel messages"

2021-06-01 Thread Lennart Poettering
On Di, 01.06.21 14:33, Ulrich Windl (ulrich.wi...@rz.uni-regensburg.de) wrote: > >>> Lennart Poettering schrieb am 01.06.2021 um 13:39 > in > Nachricht : > > On Di, 01.06.21 12:42, Ulrich Windl (ulrich.wi...@rz.uni‑regensburg.de) > wrote: > > > >>

Re: [systemd-devel] What causes "systemd-journald[3256]: Missed 127 kernel messages"

2021-06-01 Thread Lennart Poettering
3) Can I avoid that problem? Figure out which kernel driver/subsystem is responsible. You could also enlarge the kernel log buffer, see log_buf_mem= kernel cmdline switch. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel

Re: [systemd-devel] /etc overlay

2021-05-31 Thread Lennart Poettering
executed at that time. Thus, if you intend to drop in additional files as services you should ideally do so before PID 1 initializes, i.e. in the initrd. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists

Re: [systemd-devel] Running pam-enabled /bin/login sessions in unprivileged terminal emulators

2021-05-27 Thread Lennart Poettering
t; hing is that if say cage or vte takes a segfault during say an apt-get > install, > the running command doesn't die... The service that implements your terminal emulator could upload the pty master fds to systemd via the fdstore logic. That way the master will stay open across resta

Re: [systemd-devel] Running pam-enabled /bin/login sessions in unprivileged terminal emulators

2021-05-27 Thread Lennart Poettering
o grant that to your terminal app's user. THe polkit auth request carries the unit name as additional metadata, hence that should be pretty easily done with some minimal polkit JS. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list

Re: [systemd-devel] Running pam-enabled /bin/login sessions in unprivileged terminal emulators

2021-05-27 Thread Lennart Poettering
were: I still donÄt get what the "end goal" is. You start with the tools you want to reach your end goal, but never specify what precisely that end goal is. Do you intend to replace the Linux VT with a userspace implementation of the same concept? Or do you want to run a full-screen g

Re: [systemd-devel] how to prevent systemd-logind from moving process to other cgroups when executing su command

2021-05-25 Thread Lennart Poettering
ee for you. You may request a delegated subtree you can manage your own stuff in, but the top-level of the tree is always owned and controlled by systemd and if you interfere with it, you get to keep the pieces. This is explained here: https://systemd.io/CGROUP_DELEGATION Sorry if this is disappo

Re: [systemd-devel] On the IRC situation

2021-05-25 Thread Lennart Poettering
n their own, so I have registered it there as well (as a > "community" since I'm ~not really~ a representative). So if there are no > objections I'll make a PR to update systemd's README files to "s/ > freenode.org/libera.chat/g" sometime later. S

Re: [systemd-devel] Running pam-enabled /bin/login sessions in unprivileged terminal emulators

2021-05-20 Thread Lennart Poettering
user to run unpriv commands, but it's a all-or-nothing thing. > The second thing: Things like nmtui need a full logind session to be able to > run, and do polkit actions. However on seat0, it seems you need to decide on a > empty TTY to use, which while you can use TTY63, that doesn't seem t

Re: [systemd-devel] manually lading kernel modules and have created /dev/* in container?

2021-05-18 Thread Lennart Poettering
'll really just get the naked devicenodes and not more. This is typically not enough to run any non-trivial software that wants to to device management, since the enumerate/monitor devices via sysfs/uevents/udev and that kind of stuff simply doesn't work

Re: [systemd-devel] APIs for JournalD commands

2021-05-06 Thread Lennart Poettering
documented on the journald man page. Verification is only available in journalctl. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] systemd-run / Failed to create bus connection: Input/output error

2021-05-03 Thread Lennart Poettering
gt; > Someone would care to decipher that for me or/and shed bit more light on > possible troubleshooting? which host OS, which payload OS? which host systemd, which payload systemd? is this an nspawn container? is the container fully booted up? Lennart

Re: [systemd-devel] early mounts in systemd

2021-05-03 Thread Lennart Poettering
writable. The main difference I that in the second case the configuration is immutable too, while the firt case allows it to be changed locally. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] early mounts in systemd

2021-05-03 Thread Lennart Poettering
ions on whether we shouldn't require /var to be mounted from initrd, but so far we didn't decide that this was necessary, given the political effort this would take to require) Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel

Re: [systemd-devel] systemctl reboot get terminated by signal 15

2021-04-30 Thread Lennart Poettering
happens, while sometimes it does reboot during my local > testing. Is there a way/command to make sure system get rebooted? Check the logs? https://freedesktop.org/wiki/Software/systemd/Debugging/#index2h1 Lennart -- Lennart Poettering, Berlin ___

Re: [systemd-devel] systemctl reboot get terminated by signal 15

2021-04-29 Thread Lennart Poettering
file. > Not seeing this issue before /sbin/telinit becomes a softlink to > systemctl. vmtoolsd.service is probably asked to shutdown because of the system shutdown, and the forked off /sbin/telinit is part of that service, so it gets terminated too? Lennart -- Lennart Poettering, Berlin _

Re: [systemd-devel] systemctl reboot get terminated by signal 15

2021-04-28 Thread Lennart Poettering
m processes, of course. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] systemctl reboot get terminated by signal 15

2021-04-23 Thread Lennart Poettering
tailed systemd log? man 5 journald.conf Maybe your distro didn't enable persistent storage of journald, and thus journald uses only in-memory storage in /run, and is thus constrained by its diminutive size? Lennart -- Lennart Poettering, Berlin ___ sys

Re: [systemd-devel] EXT: sdbus_event loop state mark as volatile?

2021-04-23 Thread Lennart Poettering
tall a signal handler or anything like that. > It looks like a stronger memory model is needed here (not volatile). > Other projects use __atomic builtins for this. All of sd-event's data structures should be accessed from a single thread only, in a single non-signal execution context. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] systemctl reboot get terminated by signal 15

2021-04-23 Thread Lennart Poettering
of systemctl on the client side? I was more interested int the logs of systemd, i.e. of PID 1. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] systemd-networkd: How to configure network with environment variables?

2021-04-23 Thread Lennart Poettering
n run this script during boot, and order it before networkd, so that the conversion is completed on each boot, before networkd is run. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Is there a way to know inside of systemd if it's in a reboot state?

2021-04-22 Thread Lennart Poettering
On Mo, 19.04.21 20:19, Tia, Javier (javier@hpe.com) wrote: > Hi, > > Is there a way to know inside of systemd if it's in a reboot state? systemctl is-system-running Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing lis

Re: [systemd-devel] resolved: wrong address w/ cache off, wo/ querying DNS server

2021-04-22 Thread Lennart Poettering
.org/viewtopic.php?pid=196#p196 -- please > ignore the starting comment, the last 3 are the most relevant. See > some system info below the mail. Maybe your local hostname or an /etc/hosts entry exist that match the domain name you are looking up? Le

Re: [systemd-devel] syscvall-filters killing CGI after update to Fedora 33

2021-04-22 Thread Lennart Poettering
r upstream or by the distro. If you do it downstream you might run into issues like this. The idea of @system-service is that it mostly tries to isolate you from this, but in your case you overrode what it does, so it fell apart. Lennart -- Lennart Poettering, Berlin __

Re: [systemd-devel] Request for Feedback on Design Issue with Systemd and "Consistent Network Device Naming"

2021-04-21 Thread Lennart Poettering
atever you want. Anyway, the upstream systemd project is the wrong forum to discuss any of this. You are apparently upset by a RHEL decision. While I sympathize with the decision, it's not a decision the systemd project took, but RHEL did, and technically nothing in systemd mandates this. Lennart -- Le

Re: [systemd-devel] systemctl reboot get terminated by signal 15

2021-04-19 Thread Lennart Poettering
tall a signal handler for SIGTERM via sigaction, and look into the .si_pid field of the siginfo_t you can receive in the handler. It tells you which processes sent the SIGTERM. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list syst

Re: [systemd-devel] How to reboot from within a service

2021-04-19 Thread Lennart Poettering
ld be cleaner (ie. > hooking it up in service files). > > What are the best option(s) here? Use logind's D-Bus APIs. It's the cleanest way to reboot, as it honours inhibitors and stuff. Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] .local searches not working

2021-04-10 Thread Lennart Poettering
s, as that leaks pretty sensitive information about the local network infrastructur Lennart -- Lennart Poettering, Berlin ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Is it meant to be possible to set IO[Read|Write]BandwidthMax on a slice ?

2021-04-08 Thread Lennart Poettering
On Do, 08.04.21 17:19, Hadrien Grasland (hadrien.grasl...@ijclab.in2p3.fr) wrote: > Le 08/04/2021 à 16:11, Lennart Poettering a écrit : > > On Do, 08.04.21 12:24, Hadrien Grasland (hadrien.grasl...@ijclab.in2p3.fr) > > wrote: > > > > > Hi everyone, > >

Re: [systemd-devel] Is it meant to be possible to set IO[Read|Write]BandwidthMax on a slice ?

2021-04-08 Thread Lennart Poettering
rks are running, in order to improve > the stability of said benchmark's I/O performance. Is this on cgroupsv1 or cgroupsv2? IIRC there was some issue that the block io controller wasn't fully recursive on cgroupsv1. It should work on cgroupsv2. Lennart -- Lennart

Re: [systemd-devel] sd_bus_get_unique_name returns -EBADMSG or -EBUSY

2021-04-07 Thread Lennart Poettering
On Mi, 07.04.21 12:17, Carlo Wood (ca...@alinoe.com) wrote: > On Tue, 6 Apr 2021 18:41:21 +0200 > Lennart Poettering wrote: > > > EBADMSG usually means that somehow an invalid dbus packet we couldn't > > parse entered the stream. maybe some memory corruption thing? or ma

  1   2   3   4   5   6   7   8   9   10   >