[systemd-devel] [PATCH 2/6] libsystemd-dhcp: Rename function to be clearer that options are parsed
--- src/libsystemd-dhcp/sd-dhcp-client.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c index 1fdc01a..ffb304d 100644 --- a/src/libsystemd-dhcp/sd-dhcp-client.c +++ b/src/libsystemd-dhcp/sd-dhcp-client.c @@ -741,7 +741,7 @@ static int client_timeout_t1(sd_event_source *s, uint64_t usec, void *userdata) return client_initialize_events(client, usec); } -static int client_parse_offer(uint8_t code, uint8_t len, const uint8_t *option, +static int client_parse_options(uint8_t code, uint8_t len, const uint8_t *option, void *user_data) { DHCPLease *lease = user_data; be32_t val; @@ -891,7 +891,7 @@ static int client_receive_offer(sd_dhcp_client *client, DHCPPacket *offer, return -ENOMEM; len = len - DHCP_IP_UDP_SIZE; -r = dhcp_option_parse(offer-dhcp, len, client_parse_offer, +r = dhcp_option_parse(offer-dhcp, len, client_parse_options, lease); if (r != DHCP_OFFER) return -ENOMSG; @@ -934,7 +934,7 @@ static int client_receive_ack(sd_dhcp_client *client, const uint8_t *buf, if (!lease) return -ENOMEM; -r = dhcp_option_parse(dhcp, len, client_parse_offer, lease); +r = dhcp_option_parse(dhcp, len, client_parse_options, lease); if (r == DHCP_NAK) return DHCP_EVENT_NO_LEASE; -- 1.8.5.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 5/6] libsystemd-dhcp: Fix stopping of DHCP client
Go back to Init state independent of the current state the client is in. --- src/libsystemd-dhcp/sd-dhcp-client.c | 20 ++-- 1 file changed, 2 insertions(+), 18 deletions(-) diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c index 7e79dc1..fd32994 100644 --- a/src/libsystemd-dhcp/sd-dhcp-client.c +++ b/src/libsystemd-dhcp/sd-dhcp-client.c @@ -317,24 +317,8 @@ static int client_stop(sd_dhcp_client *client, int error) { client_notify(client, error); -switch (client-state) { - -case DHCP_STATE_INIT: -case DHCP_STATE_SELECTING: -case DHCP_STATE_REQUESTING: -case DHCP_STATE_BOUND: - -client-start_time = 0; -client-state = DHCP_STATE_INIT; -break; - -case DHCP_STATE_INIT_REBOOT: -case DHCP_STATE_REBOOTING: -case DHCP_STATE_RENEWING: -case DHCP_STATE_REBINDING: - -break; -} +client-start_time = 0; +client-state = DHCP_STATE_INIT; if (client-lease) { lease_free(client-lease); -- 1.8.5.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 6/6] libsystemd-dhcp: Update secs field only when sending Discover
Compute the 'secs' field as seconds since start of lease acquisition procedure. Start off with a value of zero and increase it only for each resent DHCP discover message. See the discussion before and after http://www.ietf.org/mail-archive/web/dhcwg/current/msg05836.html and Section 3.1 of RFC 2131. --- src/libsystemd-dhcp/sd-dhcp-client.c | 24 ++-- 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c index fd32994..f5b4b7d 100644 --- a/src/libsystemd-dhcp/sd-dhcp-client.c +++ b/src/libsystemd-dhcp/sd-dhcp-client.c @@ -75,6 +75,7 @@ struct sd_dhcp_client { struct ether_addr mac_addr; uint32_t xid; usec_t start_time; +uint16_t secs; unsigned int attempt; usec_t request_sent; sd_event_source *timeout_t1; @@ -318,6 +319,7 @@ static int client_stop(sd_dhcp_client *client, int error) { client_notify(client, error); client-start_time = 0; +client-secs = 0; client-state = DHCP_STATE_INIT; if (client-lease) { @@ -550,12 +552,18 @@ static int client_send_request(sd_dhcp_client *client, uint16_t secs) { return err; } +static uint16_t client_update_secs(sd_dhcp_client *client, usec_t time_now) +{ +client-secs = (time_now - client-start_time) / USEC_PER_SEC; + +return client-secs; +} + static int client_timeout_resend(sd_event_source *s, uint64_t usec, void *userdata) { sd_dhcp_client *client = userdata; usec_t next_timeout = 0; uint32_t time_left; -uint16_t secs; int r = 0; assert(s); @@ -615,11 +623,12 @@ static int client_timeout_resend(sd_event_source *s, uint64_t usec, if (r 0) goto error; -secs = (usec - client-start_time) / USEC_PER_SEC; - switch (client-state) { case DHCP_STATE_INIT: -r = client_send_discover(client, secs); + +client_update_secs(client, usec); + +r = client_send_discover(client, client-secs); if (r = 0) { client-state = DHCP_STATE_SELECTING; client-attempt = 1; @@ -631,7 +640,9 @@ static int client_timeout_resend(sd_event_source *s, uint64_t usec, break; case DHCP_STATE_SELECTING: -r = client_send_discover(client, secs); +client_update_secs(client, usec); + +r = client_send_discover(client, client-secs); if (r 0 client-attempt = 64) goto error; @@ -641,7 +652,7 @@ static int client_timeout_resend(sd_event_source *s, uint64_t usec, case DHCP_STATE_REQUESTING: case DHCP_STATE_RENEWING: case DHCP_STATE_REBINDING: -r = client_send_request(client, secs); +r = client_send_request(client, client-secs); if (r 0 client-attempt = 64) goto error; @@ -1207,6 +1218,7 @@ int sd_dhcp_client_start(sd_dhcp_client *client) { client-fd = r; client-start_time = now(CLOCK_MONOTONIC); +client-secs = 0; return client_initialize_events(client, client-start_time); } -- 1.8.5.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 3/6] libsystemd-dhcp: Add Init-Reboot support
Init-Reboot is tried if a client IP address has been given when the DHCP client is started. In Init-Reboot, start by sending a broadcasted DHCP Request including the supplied client IP address but without the server identifier. After sending the request, enter Reboot state. If a DHCP Ack is received, proceed to Bound state as usual. If a DHCP Nak is received or the first timeout triggers, start the address acquisition over from DHCP Init state. See RFC 2131, sections 4.3.2, 4.4, 4.4.1 and 4.4.2 for details. --- src/libsystemd-dhcp/sd-dhcp-client.c | 59 1 file changed, 53 insertions(+), 6 deletions(-) diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c index ffb304d..79a92e5 100644 --- a/src/libsystemd-dhcp/sd-dhcp-client.c +++ b/src/libsystemd-dhcp/sd-dhcp-client.c @@ -513,7 +513,17 @@ static int client_send_request(sd_dhcp_client *client, uint16_t secs) { if (err 0) return err; -if (client-state == DHCP_STATE_REQUESTING) { +switch (client-state) { + +case DHCP_STATE_INIT_REBOOT: +err = dhcp_option_append(opt, optlen, + DHCP_OPTION_REQUESTED_IP_ADDRESS, + 4, client-last_addr); +if (err 0) +return err; +break; + +case DHCP_STATE_REQUESTING: err = dhcp_option_append(opt, optlen, DHCP_OPTION_REQUESTED_IP_ADDRESS, 4, client-lease-address); @@ -525,6 +535,16 @@ static int client_send_request(sd_dhcp_client *client, uint16_t secs) { 4, client-lease-server_address); if (err 0) return err; +break; + +case DHCP_STATE_INIT: +case DHCP_STATE_SELECTING: +case DHCP_STATE_REBOOTING: +case DHCP_STATE_BOUND: +case DHCP_STATE_RENEWING: +case DHCP_STATE_REBINDING: + +break; } err = dhcp_option_append(opt, optlen, DHCP_OPTION_END, 0, NULL); @@ -578,9 +598,14 @@ static int client_timeout_resend(sd_event_source *s, uint64_t usec, next_timeout = usec + time_left * USEC_PER_SEC; break; +case DHCP_STATE_REBOOTING: +/* start over as we did not receive a timely ack or nak */ +client-state = DHCP_STATE_INIT; +client-attempt = 1; + +/* fall through */ case DHCP_STATE_INIT: case DHCP_STATE_INIT_REBOOT: -case DHCP_STATE_REBOOTING: case DHCP_STATE_SELECTING: case DHCP_STATE_REQUESTING: case DHCP_STATE_BOUND: @@ -628,6 +653,7 @@ static int client_timeout_resend(sd_event_source *s, uint64_t usec, break; +case DHCP_STATE_INIT_REBOOT: case DHCP_STATE_REQUESTING: case DHCP_STATE_RENEWING: case DHCP_STATE_REBINDING: @@ -635,11 +661,13 @@ static int client_timeout_resend(sd_event_source *s, uint64_t usec, if (r 0 client-attempt = 64) goto error; +if (client-state == DHCP_STATE_INIT_REBOOT) +client-state = DHCP_STATE_REBOOTING; + client-request_sent = usec; break; -case DHCP_STATE_INIT_REBOOT: case DHCP_STATE_REBOOTING: case DHCP_STATE_BOUND: @@ -1096,20 +1124,37 @@ static int client_receive_message(sd_event_source *s, int fd, break; +case DHCP_STATE_REBOOTING: case DHCP_STATE_REQUESTING: case DHCP_STATE_RENEWING: case DHCP_STATE_REBINDING: r = client_receive_ack(client, buf, len); -if (r == DHCP_EVENT_NO_LEASE) +if (r == DHCP_EVENT_NO_LEASE) { + +client-timeout_resend = +sd_event_source_unref(client-timeout_resend); + +if (client-state == DHCP_STATE_REBOOTING) { +client-state = DHCP_STATE_INIT; +client-attempt = 1; +client-receive_message = + sd_event_source_unref(client-receive_message); + +client_initialize_events(client, time_now); +return 0; +} + goto error; +} if (r = 0) { client-timeout_resend = sd_event_source_unref(client-timeout_resend); -if (client-state == DHCP_STATE_REQUESTING) +if (client-state == DHCP_STATE_REQUESTING ||
[systemd-devel] [PATCH 0/6] Init-Reboot and some minor fixes
Hi, This patch set implements DHCP Init-Reboot support for libsystemd-dhcp and fixes a few other minor things. Init-Reboot support is implemented by patch 03. If the previous IPv4 address is set before starting the DHCP procedure, the code now tries starting with Init-Reboot as described in RFC 2131. As this cuts off broadcasting Discovers and waiting for the first Offer to arrive, the address acquisition time is reduced by a significant amount. Should the Init-Reboot not complete successfully or a timeout occurs before the reply is received, the state machine is reset and a full DHCP exchange is done instead. To utilize Init-Reboot, systemd-networkd would need to persistently store the client IP address used last time. Patches 01 and 02 are trivial cleanups and patches 04 and 05 fix two minor details. Patch 06 has a bit more meat in it. It turns out that the 'secs' field is to be updated only with each sent DHCP Discover and not constantly for each message. The commit message contains a link to the discussion on the IETF DHC WG mailing list some years ago. Cheers, Patrik Patrik Flykt (6): libsystemd-dhcp: DNS name option must be a multiple of 4 bytes libsystemd-dhcp: Rename function to be clearer that options are parsed libsystemd-dhcp: Add Init-Reboot support libsystemd-dhcp: Compute UDP checksum only if set libsystemd-dhcp: Fix stopping of DHCP client libsystemd-dhcp: Update secs field only when sending Discover src/libsystemd-dhcp/sd-dhcp-client.c | 126 --- 1 file changed, 87 insertions(+), 39 deletions(-) -- 1.8.5.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/6] libsystemd-dhcp: DNS name option must be a multiple of 4 bytes
--- src/libsystemd-dhcp/sd-dhcp-client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c index 3b7b9f4..1fdc01a 100644 --- a/src/libsystemd-dhcp/sd-dhcp-client.c +++ b/src/libsystemd-dhcp/sd-dhcp-client.c @@ -775,7 +775,7 @@ static int client_parse_offer(uint8_t code, uint8_t len, const uint8_t *option, break; case DHCP_OPTION_DOMAIN_NAME_SERVER: -if (len = 4) { +if (len !(len % 4)) { unsigned i; lease-dns_size = len / 4; -- 1.8.5.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 4/6] libsystemd-dhcp: Compute UDP checksum only if set
A checksum field with value zero means no UDP checksum has been computed for the packet. --- src/libsystemd-dhcp/sd-dhcp-client.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/libsystemd-dhcp/sd-dhcp-client.c b/src/libsystemd-dhcp/sd-dhcp-client.c index 79a92e5..7e79dc1 100644 --- a/src/libsystemd-dhcp/sd-dhcp-client.c +++ b/src/libsystemd-dhcp/sd-dhcp-client.c @@ -881,13 +881,18 @@ static int client_verify_headers(sd_dhcp_client *client, DHCPPacket *message, hdrlen)) return -EINVAL; -message-ip.check = message-udp.len; -message-ip.ttl = 0; - -if (hdrlen + be16toh(message-udp.len) len || -client_checksum(message-ip.ttl, be16toh(message-udp.len) + 12)) +if (hdrlen + be16toh(message-udp.len) len) return -EINVAL; +if (message-udp.check) { +message-ip.check = message-udp.len; +message-ip.ttl = 0; + +if (client_checksum(message-ip.ttl, +be16toh(message-udp.len) + 12)) +return -EINVAL; +} + if (be16toh(message-udp.source) != DHCP_PORT_SERVER || be16toh(message-udp.dest) != DHCP_PORT_CLIENT) return -EINVAL; -- 1.8.5.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] use memzero(foo, length); for all memset(foo, 0, length); calls
On Fri, Jan 31, 2014 at 6:51 AM, Greg KH gre...@linuxfoundation.org wrote: In trying to track down a stupid linker bug, I noticed a bunch of memset() calls that should be using memzero() to make it more obvious that the options are correct (i.e. 0 is not the length, but the data to set). So fix up all current calls to memset(foo, 0, length) to memzero(foo, length). Thanks! Applied. Cheers, Tom --- src/boot/boot-efi.c |2 +- src/bootchart/svg.c |2 +- src/bus-proxyd/bus-proxyd.c |2 +- src/journal/fsprg.c |4 ++-- src/journal/journal-file.c |4 ++-- src/libsystemd-daemon/sd-daemon.c |7 --- src/libsystemd/sd-bus/bus-kernel.c |4 ++-- src/libsystemd/sd-bus/bus-message.c | 12 ++-- src/libudev/libudev-device.c|2 +- src/libudev/libudev-list.c |2 +- src/libudev/libudev-monitor.c | 10 +- src/python-systemd/_journal.c |3 ++- src/readahead/readahead-collect.c |2 +- src/shared/hashmap.c|2 +- src/shared/util.c |4 ++-- src/test/test-libudev.c |4 ++-- src/udev/cdrom_id/cdrom_id.c|2 +- src/udev/scsi_id/scsi_serial.c | 16 src/udev/udev-builtin-input_id.c|2 +- src/udev/udev-ctrl.c|2 +- src/udev/udev-event.c |4 ++-- src/udev/udev-rules.c |6 +++--- src/udev/udevadm-monitor.c |4 ++-- src/udev/udevd.c| 16 24 files changed, 60 insertions(+), 58 deletions(-) --- a/src/boot/boot-efi.c +++ b/src/boot/boot-efi.c @@ -69,7 +69,7 @@ static int get_boot_entries(struct boot_info *info) { info-fw_entries = e; e = info-fw_entries[info-fw_entries_count]; -memset(e, 0, sizeof(struct boot_info_entry)); +memzero(e, sizeof(struct boot_info_entry)); e-order = -1; err = efi_get_boot_option(list[i], e-title, e-part_uuid, e-path); diff --git a/src/bootchart/svg.c b/src/bootchart/svg.c index 97c8237aaa26..7438e472fb29 100644 --- a/src/bootchart/svg.c +++ b/src/bootchart/svg.c @@ -1248,7 +1248,7 @@ static void svg_top_ten_pss(void) { void svg_do(const char *build) { struct ps_struct *ps; -memset(str, 0, sizeof(str)); +memzero(str, sizeof(str)); ps = ps_first; diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c index ab9b836ff073..5869d79c52e4 100644 --- a/src/bus-proxyd/bus-proxyd.c +++ b/src/bus-proxyd/bus-proxyd.c @@ -172,7 +172,7 @@ static int rename_service(sd_bus *a, sd_bus *b) { uid, name); if (m w) -memset(arg_command_line_buffer + w, 0, m - w); +memzero(arg_command_line_buffer + w, m - w); } log_debug(Running on behalf of PID PID_FMT (%s), UID UID_FMT (%s), %s, diff --git a/src/journal/fsprg.c b/src/journal/fsprg.c index dd9a24256147..5c8d6d6febf0 100644 --- a/src/journal/fsprg.c +++ b/src/journal/fsprg.c @@ -51,7 +51,7 @@ static void mpi_export(void *buf, size_t buflen, const gcry_mpi_t x) { assert(gcry_mpi_cmp_ui(x, 0) = 0); len = (gcry_mpi_get_nbits(x) + 7) / 8; assert(len = buflen); -memset(buf, 0, buflen); +memzero(buf, buflen); gcry_mpi_print(GCRYMPI_FMT_USG, buf + (buflen - len), len, nwritten, x); assert(nwritten == len); } @@ -306,7 +306,7 @@ void FSPRG_GenState0(void *state, const void *mpk, const void *seed, size_t seed memcpy(state, mpk, 2 + secpar / 8); mpi_export(state + 2 + 1 * secpar / 8, secpar / 8, x); -memset(state + 2 + 2 * secpar / 8, 0, 8); +memzero(state + 2 + 2 * secpar / 8, 8); gcry_mpi_release(n); gcry_mpi_release(x); diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c index b3747e37e4fb..3a081110b98a 100644 --- a/src/journal/journal-file.c +++ b/src/journal/journal-file.c @@ -560,7 +560,7 @@ static int journal_file_setup_data_hash_table(JournalFile *f) { if (r 0) return r; -memset(o-hash_table.items, 0, s); +memzero(o-hash_table.items, s); f-header-data_hash_table_offset = htole64(p + offsetof(Object, hash_table.items)); f-header-data_hash_table_size = htole64(s); @@ -586,7 +586,7 @@ static int journal_file_setup_field_hash_table(JournalFile *f) { if (r 0) return r; -memset(o-hash_table.items, 0, s); +memzero(o-hash_table.items, s); f-header-field_hash_table_offset = htole64(p + offsetof(Object, hash_table.items)); f-header-field_hash_table_size = htole64(s); diff --git
Re: [systemd-devel] [PATCH 0/6] Init-Reboot and some minor fixes
On Fri, Jan 31, 2014 at 10:31 AM, Patrik Flykt patrik.fl...@linux.intel.com wrote: This patch set implements DHCP Init-Reboot support for libsystemd-dhcp and fixes a few other minor things. Init-Reboot support is implemented by patch 03. If the previous IPv4 address is set before starting the DHCP procedure, the code now tries starting with Init-Reboot as described in RFC 2131. As this cuts off broadcasting Discovers and waiting for the first Offer to arrive, the address acquisition time is reduced by a significant amount. Should the Init-Reboot not complete successfully or a timeout occurs before the reply is received, the state machine is reset and a full DHCP exchange is done instead. To utilize Init-Reboot, systemd-networkd would need to persistently store the client IP address used last time. Patches 01 and 02 are trivial cleanups and patches 04 and 05 fix two minor details. Patch 06 has a bit more meat in it. It turns out that the 'secs' field is to be updated only with each sent DHCP Discover and not constantly for each message. The commit message contains a link to the discussion on the IETF DHC WG mailing list some years ago. Thanks Patrik! Cheers, Tom ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] classify the LPAR console as a terminal device
The /usr/lib/udev/rules.d/99-systemd.rules file does not tag the sclp_line* terminal device and, hence, systemd will not handle it. The result is no agetty run for the LPAR console meaning no local access to the system. see also https://bugzilla.redhat.com/show_bug.cgi?id=860158 --- rules/99-systemd.rules.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in index 0923de5..b72488c 100644 --- a/rules/99-systemd.rules.in +++ b/rules/99-systemd.rules.in @@ -7,7 +7,7 @@ ACTION==remove, GOTO=systemd_end -SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*, TAG+=systemd +SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*|sclp_line*, TAG+=systemd KERNEL==vport*, TAG+=systemd -- 1.8.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/30/2014 07:09 PM, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jan 30, 2014 at 04:29:14PM -0500, Dan Walsh wrote: If I want to run a container as a service, it would be nice if it used the service cgroup configuration Your patch will break the integration with machienctl, etc. Would instead assigning the slice with --slice be enough? Zbyszek My goal is if I run systemd-nspawn within a systemd unit file, perhaps as a plugin to docker, I want to allow the system administrator to just add MemoryLimit=500m To the unit file and have it effect the processes within the container. -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLrpMEACgkQrlYvE4MpobMe5wCfaRR70wrnY2bU+SgzCFLlSeSO CSEAn1t+TDnEkj0VeMp6HTSK/QoK2xO+ =SDyW -END PGP SIGNATURE- ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
On Fri, Jan 31, 2014 at 08:27:29AM -0500, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/30/2014 07:09 PM, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jan 30, 2014 at 04:29:14PM -0500, Dan Walsh wrote: If I want to run a container as a service, it would be nice if it used the service cgroup configuration Your patch will break the integration with machienctl, etc. Would instead assigning the slice with --slice be enough? Zbyszek My goal is if I run systemd-nspawn within a systemd unit file, perhaps as a plugin to docker, I want to allow the system administrator to just add MemoryLimit=500m You can set the limit on the service, or on the slice. On the service: # /etc/systemd/system/systemd-nspawn@container.d/limits.conf [Service] MemoryLimit=500M On the slice: # /etc/systemd/system/systemd-nspawn@container.d/slice.conf [Service] Slice=system-container.slice # /etc/systemd/system/system-container.slice # (note that the path here makes this slice part of /system not /machine [Slice] MemoryLimit=500M You can alternatively specify the slice with --slice argument to nspawn. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
On Fri, Jan 31, 2014 at 10:51:22AM -0500, Daniel J Walsh wrote: Currently docker uses lxc tools under the covers to launch the container, we want to add a plugin to use systemd-nspawn. docker - systemd-nspawn - container But we want the docker, systemd-nspawn and the container all affected by any Cgroup entries in the unit file. So I want the container to run as a service slice not a machine slice. And if you specify --slice=system-something.slice, doesn't this do the job? How would the docker command know what slice to assign it to? Why not just eliminate systemd-nspawn doing anything with slices if I pass the service flag or some other flag. It's not possible to disable slices, nspawn will always end up in some slice. The docker command already needs to know about systemd-nspawn to launch it. So it can just give the --slice option. If you want this to be part of the /system slice, than anything like --slice=system-container-id.slice will be fine. And the limits can be set on the slice as wanted. Note that the slice unit doesn't have to exist, it will be created when referenced. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
On Fri, Jan 31, 2014 at 10:00:12AM -0500, Daniel J Walsh wrote: My plan is not to have the user no they are running systemd-nspawn Imaging the user is creating a httpd container unit file using docker, described in this document. http://welldefinedbehaviour.wordpress.com/2014/01/30/adventures-with-containerization-fedora-docker-and-httpd/ [Unit] Description=example.com Container After=docker.service [Service] Type=simple ExecStart=/usr/bin/docker run -v /srv/example.com:/srv httpd-test1 Restart=on-failure Currently docker uses lxc tools under the covers to launch the container, we want to add a plugin to use systemd-nspawn. docker - systemd-nspawn - container But we want the docker, systemd-nspawn and the container all affected by any Cgroup entries in the unit file. So I want the container to run as a service slice not a machine slice. And if you specify --slice=system-something.slice, doesn't this do the job? Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] StartTransientService problems
I have finally managed to get StartTransientService to run a process for me but I'm encountering issues: we start a daemon that calls StartTransientService as required. The daemon does not run as root, it runs as onelan. We configure dbus to allow onelan to call all systemd Manager APIs. I want to set the User, Nice and Type of the service. I get the errors: DBusException: org.freedesktop.DBus.Error.PropertyReadOnly: Cannot set property User, or unknown property. DBusException: org.freedesktop.DBus.Error.PropertyReadOnly: Cannot set property Type, or unknown property. DBusException: org.freedesktop.DBus.Error.PropertyReadOnly: Cannot set property Nice, or unknown property. What do I need to do to allow these properties to be set? I also need to set the Environment. I can pass the environment in as a property but it does not show up the the process created or in systemctl status for the transient service. I do not see any messages in the systemd logging. And lastly what do I have to do to remove the transient service from systemd after the last process in the service exits? RemainAfterExit=no Barry ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/31/2014 10:45 AM, Zbigniew Jędrzejewski-Szmek wrote: On Fri, Jan 31, 2014 at 10:00:12AM -0500, Daniel J Walsh wrote: My plan is not to have the user no they are running systemd-nspawn Imaging the user is creating a httpd container unit file using docker, described in this document. http://welldefinedbehaviour.wordpress.com/2014/01/30/adventures-with-containerization-fedora-docker-and-httpd/ [Unit] Description=example.com Container After=docker.service [Service] Type=simple ExecStart=/usr/bin/docker run -v /srv/example.com:/srv httpd-test1 Restart=on-failure Currently docker uses lxc tools under the covers to launch the container, we want to add a plugin to use systemd-nspawn. docker - systemd-nspawn - container But we want the docker, systemd-nspawn and the container all affected by any Cgroup entries in the unit file. So I want the container to run as a service slice not a machine slice. And if you specify --slice=system-something.slice, doesn't this do the job? Zbyszek How would the docker command know what slice to assign it to? Why not just eliminate systemd-nspawn doing anything with slices if I pass the service flag or some other flag. -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLrxnoACgkQrlYvE4MpobO1mgCglDP9B5DadqucUEyxAgSeBVYf G3sAoIBuzpooNd5K+cBQ8ks22pxp6az5 =qw4r -END PGP SIGNATURE- ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Socket activation for Xorg
Hello All. Just a short heads-up. Xserver from Xorg has gained support for socket activation. http://cgit.freedesktop.org/xorg/xserver/commit/?id=b3d3ffd19937827bcbdb833a628f9b1814a6e189 http://cgit.freedesktop.org/xorg/lib/libxtrans/commit/?id=e1e6121a1638d43d9929589b4723da2b38cb6b44 http://cgit.freedesktop.org/xorg/lib/libxtrans/commit/?id=b895d45e225dd3d1bf9d598774d3ae4f29fcbc25 It took some time and a little effort. I'd like to thank Lennart who gave me some directions during last year's systemd hackfest in Brno and Hans de Goede who worked with the patches on the Xorg mailing list. Best regards, -- Łukasz Stelmach Samsung RD Institute Poland Samsung Electronics pgpjGZ_TzMNuy.pgp Description: PGP signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] s390/getty-generator: initialize essential system terminals/consoles
Dne 31.1.2014 17:08, Hendrik Brueckner napsal(a): Ensure to start getty programs on all essential system consoles on Linux on System z. Add these essential devices to the list of virtualization_consoles to always generate getty configurations. For the sake of completion, the list of essential consoles is: /dev/sclp_line0 - Operating system messages applet (LPAR) /dev/ttysclp0 - Integrated ASCII console applet (z/VM and LPAR) /dev/ttyS0 - Already handled by systemd (3215 console on z/VM) /dev/hvc0 - Already handled by systemd (IUCV HVC terminal on z/VM) Depending on the environment, z/VM or LPAR, only a subset of these terminals are available. See also RH BZ 860158[1] Cannot login via Operating System Console into RHEL7 instance installed on a LPAR. This bugzilla actually blocks the installation of Linux on System z instances in LPAR mode. [1] https://bugzilla.redhat.com/show_bug.cgi?id=860158 --- rules/99-systemd.rules.in |2 +- src/getty-generator/getty-generator.c |4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in index 0923de5..021359a 100644 --- a/rules/99-systemd.rules.in +++ b/rules/99-systemd.rules.in @@ -7,7 +7,7 @@ ACTION==remove, GOTO=systemd_end -SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*, TAG+=systemd +SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*|ttysclp*|sclp_line*, TAG+=systemd KERNEL==vport*, TAG+=systemd diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c index aeb6d71..f352a29 100644 --- a/src/getty-generator/getty-generator.c +++ b/src/getty-generator/getty-generator.c @@ -97,7 +97,9 @@ int main(int argc, char *argv[]) { static const char virtualization_consoles[] = hvc0\0 xvc0\0 -hvsi0\0; +hvsi0\0 +sclp_line0\0 +ttysclp0\0; _cleanup_free_ char *active = NULL; const char *j; Thanks! Applied. Lukas ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] s390/getty-generator: initialize essential system terminals/consoles
Ensure to start getty programs on all essential system consoles on Linux on System z. Add these essential devices to the list of virtualization_consoles to always generate getty configurations. For the sake of completion, the list of essential consoles is: /dev/sclp_line0 - Operating system messages applet (LPAR) /dev/ttysclp0 - Integrated ASCII console applet (z/VM and LPAR) /dev/ttyS0 - Already handled by systemd (3215 console on z/VM) /dev/hvc0 - Already handled by systemd (IUCV HVC terminal on z/VM) Depending on the environment, z/VM or LPAR, only a subset of these terminals are available. See also RH BZ 860158[1] Cannot login via Operating System Console into RHEL7 instance installed on a LPAR. This bugzilla actually blocks the installation of Linux on System z instances in LPAR mode. [1] https://bugzilla.redhat.com/show_bug.cgi?id=860158 --- rules/99-systemd.rules.in |2 +- src/getty-generator/getty-generator.c |4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in index 0923de5..021359a 100644 --- a/rules/99-systemd.rules.in +++ b/rules/99-systemd.rules.in @@ -7,7 +7,7 @@ ACTION==remove, GOTO=systemd_end -SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*, TAG+=systemd +SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*|ttysclp*|sclp_line*, TAG+=systemd KERNEL==vport*, TAG+=systemd diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c index aeb6d71..f352a29 100644 --- a/src/getty-generator/getty-generator.c +++ b/src/getty-generator/getty-generator.c @@ -97,7 +97,9 @@ int main(int argc, char *argv[]) { static const char virtualization_consoles[] = hvc0\0 xvc0\0 -hvsi0\0; +hvsi0\0 +sclp_line0\0 +ttysclp0\0; _cleanup_free_ char *active = NULL; const char *j; -- 1.7.5.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/31/2014 11:20 AM, Zbigniew Jędrzejewski-Szmek wrote: On Fri, Jan 31, 2014 at 10:51:22AM -0500, Daniel J Walsh wrote: Currently docker uses lxc tools under the covers to launch the container, we want to add a plugin to use systemd-nspawn. docker - systemd-nspawn - container But we want the docker, systemd-nspawn and the container all affected by any Cgroup entries in the unit file. So I want the container to run as a service slice not a machine slice. And if you specify --slice=system-something.slice, doesn't this do the job? How would the docker command know what slice to assign it to? Why not just eliminate systemd-nspawn doing anything with slices if I pass the service flag or some other flag. It's not possible to disable slices, nspawn will always end up in some slice. The docker command already needs to know about systemd-nspawn to launch it. So it can just give the --slice option. If you want this to be part of the /system slice, than anything like --slice=system-container-id.slice will be fine. And the limits can be set on the slice as wanted. Note that the slice unit doesn't have to exist, it will be created when referenced. Zbyszek I know it has to be in a slice, I just want it to stay in the same slice that the docker command is in. If I could run --slice=current that would be fine. If I create the httpd_container.service, it will create the service-httpd_container.slice and docker will run there. I want systemd-nspawn and more importantly the container processes to stay in httpd_containe.slice. I guess I could get docker to check which slice it is in, if that was possible, but I see no reason why we can not stop doing slice stuff in systemd-nspawn, if a user wants it to run within his current slice. -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLr0HsACgkQrlYvE4MpobMi+wCfY9LD7CzEOYVIrj79i1+i2T/p HVEAoL7jmMNXod6lOULx7AHkTbih9c5i =Vq2a -END PGP SIGNATURE- ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/1] Allow systemd to run without assigning container to machine.slice
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/31/2014 09:51 AM, Zbigniew Jędrzejewski-Szmek wrote: On Fri, Jan 31, 2014 at 08:27:29AM -0500, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/30/2014 07:09 PM, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jan 30, 2014 at 04:29:14PM -0500, Dan Walsh wrote: If I want to run a container as a service, it would be nice if it used the service cgroup configuration Your patch will break the integration with machienctl, etc. Would instead assigning the slice with --slice be enough? Zbyszek My goal is if I run systemd-nspawn within a systemd unit file, perhaps as a plugin to docker, I want to allow the system administrator to just add MemoryLimit=500m You can set the limit on the service, or on the slice. On the service: # /etc/systemd/system/systemd-nspawn@container.d/limits.conf [Service] MemoryLimit=500M On the slice: # /etc/systemd/system/systemd-nspawn@container.d/slice.conf [Service] Slice=system-container.slice # /etc/systemd/system/system-container.slice # (note that the path here makes this slice part of /system not /machine [Slice] MemoryLimit=500M You can alternatively specify the slice with --slice argument to nspawn. Zbyszek My plan is not to have the user no they are running systemd-nspawn Imaging the user is creating a httpd container unit file using docker, described in this document. http://welldefinedbehaviour.wordpress.com/2014/01/30/adventures-with-containerization-fedora-docker-and-httpd/ [Unit] Description=example.com Container After=docker.service [Service] Type=simple ExecStart=/usr/bin/docker run -v /srv/example.com:/srv httpd-test1 Restart=on-failure Currently docker uses lxc tools under the covers to launch the container, we want to add a plugin to use systemd-nspawn. docker - systemd-nspawn - container But we want the docker, systemd-nspawn and the container all affected by any Cgroup entries in the unit file. So I want the container to run as a service slice not a machine slice. The user will never execute systemd-nspawn in this case. -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLrunwACgkQrlYvE4MpobOacACeMMWBJZjJXiHKEhT+Dp8xB4tl viEAn0pMcKsQriVNSrpltlW2gtG+VhH3 =uJiv -END PGP SIGNATURE- ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] classify the LPAR console as a terminal device
On Fri, 31 Jan 2014 15:24:30 +0100 Dan Horák d...@danny.cz wrote: The /usr/lib/udev/rules.d/99-systemd.rules file does not tag the sclp_line* terminal device and, hence, systemd will not handle it. The result is no agetty run for the LPAR console meaning no local access to the system. scratch that, Hendrik's version is correct and already applied by Lukas Dan see also https://bugzilla.redhat.com/show_bug.cgi?id=860158 --- rules/99-systemd.rules.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in index 0923de5..b72488c 100644 --- a/rules/99-systemd.rules.in +++ b/rules/99-systemd.rules.in @@ -7,7 +7,7 @@ ACTION==remove, GOTO=systemd_end -SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*, TAG +=systemd +SUBSYSTEM==tty, KERNEL==tty[a-zA-Z]*|hvc*|xvc*|hvsi*| sclp_line*, TAG+=systemd KERNEL==vport*, TAG+=systemd -- 1.8.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] reboot splash screen
Hi, I'm trying to get systemd to display a splash screen on powerdown. I've tried using something similar to these recipes: http://cgit.freedesktop.org/plymouth/tree/systemd-units But, for some reason my service is not being activated (included below): root@q7imx6:~# more /lib/systemd/system/reboot-splash.service [Unit] Description=Test unit Before=systemd-reboot.service DefaultDependencies=no [Service] Environment=DISPLAY=:0 ExecStart=/usr/bin/lcd-test-qt /usr/share/pixmaps/poweroff-splash.png KillMode=none SendSIGKILL=no [Install] WantedBy=reboot.target (I've been testing with reboot command). Additionally, shutdown seems to be hanging at: [ OK ] Reached target Shutdown. Running systemd v206 Does systemd-reboot.service run at the start of a reboot? Appreciate any ideas on the best way to do this. The goal is to get the splash screen to display as quickly as possible after reboot command is issued. I may end up patching systemd to simply start the splash program if I can't figure out how to make it happen in a service. Thanks, Cliff -- = http://bec-systems.com ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] shared: include root when canonicalizing conf paths
The conf_files_list family accepts an alternate root path to prefix all directories in the list but path_strv_canonicalize_uniq doesn't use it. This results in the suspicious behavior of resolving directory symlinks based on the contents of / instead of the alternate root. This adds a prefix argument to path_strv_canonicalize which will now prepend the prefix, if given, to every path in the list. To avoid answering what a relative path means when called with a root prefix path_strv_canonicalize is now path_strv_canonicalize_absolute and only considers absolute paths. Fortunately all users of already call path_strv_canonicalize with a list of absolute paths. --- Note: I'm posting this mostly just to point out this odd behavior since I couldn't decide if this patch really is the best way to fix it or not. So feedback welcome :) src/shared/conf-files.c | 10 +++--- src/shared/path-lookup.c | 6 +++--- src/shared/path-util.c | 11 +++ src/shared/path-util.h | 4 ++-- src/shared/util.c| 2 +- 5 files changed, 16 insertions(+), 17 deletions(-) diff --git a/src/shared/conf-files.c b/src/shared/conf-files.c index c86bb03..5201782 100644 --- a/src/shared/conf-files.c +++ b/src/shared/conf-files.c @@ -37,12 +37,8 @@ #include hashmap.h #include conf-files.h -static int files_add(Hashmap *h, const char *root, const char *path, const char *suffix) { +static int files_add(Hashmap *h, const char *dirpath, const char *suffix) { _cleanup_closedir_ DIR *dir = NULL; -_cleanup_free_ char *dirpath = NULL; - -if (asprintf(dirpath, %s%s, root ? root : , path) 0) -return -ENOMEM; dir = opendir(dirpath); if (!dir) { @@ -104,7 +100,7 @@ static int conf_files_list_strv_internal(char ***strv, const char *suffix, const assert(suffix); /* This alters the dirs string array */ -if (!path_strv_canonicalize_uniq(dirs)) +if (!path_strv_canonicalize_absolute_uniq(dirs, root)) return -ENOMEM; fh = hashmap_new(string_hash_func, string_compare_func); @@ -112,7 +108,7 @@ static int conf_files_list_strv_internal(char ***strv, const char *suffix, const return -ENOMEM; STRV_FOREACH(p, dirs) { -r = files_add(fh, root, *p, suffix); +r = files_add(fh, *p, suffix); if (r == -ENOMEM) { hashmap_free_free(fh); return r; diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c index e2ca942..63af43c 100644 --- a/src/shared/path-lookup.c +++ b/src/shared/path-lookup.c @@ -275,7 +275,7 @@ int lookup_paths_init( } } -if (!path_strv_canonicalize(p-unit_path)) +if (!path_strv_canonicalize_absolute(p-unit_path, NULL)) return -ENOMEM; strv_uniq(p-unit_path); @@ -331,10 +331,10 @@ int lookup_paths_init( return -ENOMEM; } -if (!path_strv_canonicalize(p-sysvinit_path)) +if (!path_strv_canonicalize_absolute(p-sysvinit_path, NULL)) return -ENOMEM; -if (!path_strv_canonicalize(p-sysvrcnd_path)) +if (!path_strv_canonicalize_absolute(p-sysvrcnd_path, NULL)) return -ENOMEM; strv_uniq(p-sysvinit_path); diff --git a/src/shared/path-util.c b/src/shared/path-util.c index fc42a70..a0925e4 100644 --- a/src/shared/path-util.c +++ b/src/shared/path-util.c @@ -153,7 +153,7 @@ char **path_strv_make_absolute_cwd(char **l) { return l; } -char **path_strv_canonicalize(char **l) { +char **path_strv_canonicalize_absolute(char **l, const char *prefix) { char **s; unsigned k = 0; bool enomem = false; @@ -168,7 +168,10 @@ char **path_strv_canonicalize(char **l) { STRV_FOREACH(s, l) { char *t, *u; -t = path_make_absolute_cwd(*s); +if (!path_is_absolute(*s)) +continue; + +t = strjoin(prefix ? prefix : , *s, NULL); free(*s); *s = NULL; @@ -203,11 +206,11 @@ char **path_strv_canonicalize(char **l) { return l; } -char **path_strv_canonicalize_uniq(char **l) { +char **path_strv_canonicalize_absolute_uniq(char **l, const char *prefix) { if (strv_isempty(l)) return l; -if (!path_strv_canonicalize(l)) +if (!path_strv_canonicalize_absolute(l, prefix)) return NULL; return strv_uniq(l); diff --git a/src/shared/path-util.h b/src/shared/path-util.h index 178bed5..2b8ea02 100644 --- a/src/shared/path-util.h +++ b/src/shared/path-util.h @@ -46,8 +46,8 @@ char* path_startswith(const char *path, const char *prefix) _pure_; bool path_equal(const char *a, const char *b) _pure_; char**
Re: [systemd-devel] reboot splash screen
В Fri, 31 Jan 2014 18:11:10 -0500 Cliff Brake cliff.br...@gmail.com пишет: Hi, I'm trying to get systemd to display a splash screen on powerdown. I've tried using something similar to these recipes: http://cgit.freedesktop.org/plymouth/tree/systemd-units But, for some reason my service is not being activated (included below): root@q7imx6:~# more /lib/systemd/system/reboot-splash.service [Unit] Description=Test unit Before=systemd-reboot.service DefaultDependencies=no [Service] Environment=DISPLAY=:0 ExecStart=/usr/bin/lcd-test-qt /usr/share/pixmaps/poweroff-splash.png If your program need X, it is very unlikely to work as a service. Did you test if manually starting it does anything? KillMode=none SendSIGKILL=no [Install] WantedBy=reboot.target (I've been testing with reboot command). Did you enable it? [Install] section only tells which links should be created by systemctl enable, it does not cause unit to be pulled in. Additionally, shutdown seems to be hanging at: [ OK ] Reached target Shutdown. Running systemd v206 Does systemd-reboot.service run at the start of a reboot? No, it runs at the very end of reboot sequence. Appreciate any ideas on the best way to do this. The goal is to get the splash screen to display as quickly as possible after reboot command is issued. This is counterpart of how do I start service after everything else is started on bootup. As it stands now, there is no easy way to do it (and plymouth splash screen appears also far too late during reboot). To make splash screen appear before anything else on shutdown you literally need something that is ordered after everything else on startup. This probably involves new special unit boot-final.target which is ordered After every other unit. This gives defined point in time where both late boot and early shutdown services can run. I may end up patching systemd to simply start the splash program if I can't figure out how to make it happen in a service. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel