[systemd-devel] 回复: 回复: Is it possible to send a string to the journal of one specific systemd unit

2021-10-22 Thread DHAIY DHAIY 
python works fine!
Thanks a lot, Mantas.

BR.

发件人: Mantas Mikulėnas 
发送时间: 2021年10月23日 6:42
收件人: DHAIY DHAIY 
抄送: systemd-devel@lists.freedesktop.org 
主题: Re: [systemd-devel] 回复: Is it possible to send a string to the journal of 
one specific systemd unit

This option was added with util-linux v2.25 in 2014. If you're using an older 
version or the Busybox `logger` instead, well, it won't have that.

The alternative is to write your own C tool that uses libsystemd and calls 
sd_journal_send()
 with the correct fields (libsystemd is definitely going to be present), or a 
Python tool that uses systemd.journal.send(). (Or maybe call libsystemd through 
python ctypes or whatever other FFI mechanism is available.)



On Fri, Oct 22, 2021 at 4:32 PM DHAIY DHAIY 
mailto:dh...@msn.com>> wrote:
Thanks a lot Mantas.
But in my sytem, logger does not have "--journal".
Are you aware of other tools from bash which can be used?

BR

发件人: Mantas Mikulėnas mailto:graw...@gmail.com>>
发送时间: 2021年10月22日 18:45
收件人: DHAIY DHAIY mailto:dh...@msn.com>>
抄送: 
systemd-devel@lists.freedesktop.org 
mailto:systemd-devel@lists.freedesktop.org>>
主题: Re: [systemd-devel] 回复: Is it possible to send a string to the journal of 
one specific systemd unit

If you have root privileges (i.e. UID 0), then yes, you can send a journal 
message with the "OBJECT_SYSTEMD_UNIT=myservice.service" field and journalctl 
will automatically look for that.

In C, specify the field when calling sd_journal_sendv(); in bash you can use 
`logger --journal`:

(echo "OBJECT_SYSTEMD_UNIT=sshd.service";
 echo "MESSAGE=Hello world!") | sudo logger --journal

On Fri, Oct 22, 2021 at 11:43 AM DHAIY DHAIY 
mailto:dh...@msn.com>> wrote:

Saying we have a systemd unit named "myservice".

we can use journalctl -u myservice to inspect the logs generated by myservice.


But is there a way to insert one string from command-line into myservice's 
journal so that it can be seen by journalctl -u myservice later?


发件人: DHAIY DHAIY
发送时间: 2021年10月22日 16:40
收件人: 
systemd-devel@lists.freedesktop.org 
mailto:systemd-devel@lists.freedesktop.org>>
主题: Is it possible to send a string to the journal of one specific systemd unit


Saying we have a systemd unit named "myservice".

we can use journalctl -u myservice to inspect the logs generated by myservice.


But is there a way to insert one string from command-line into myservice's 
journal so that it can be seen by journalctl -u myservice later?



--
Mantas Mikulėnas


--
Mantas Mikulėnas

Re: [systemd-devel] 回复: Is it possible to send a string to the journal of one specific systemd unit

2021-10-22 Thread Mantas Mikulėnas 
This option was added with util-linux v2.25 in 2014. If you're using an
older version or the Busybox `logger` instead, well, it won't have that.

The alternative is to write your own C tool that uses libsystemd and calls
sd_journal_send
()
with the correct fields (libsystemd is definitely going to be present), or
a Python tool that uses systemd.journal.send(). (Or maybe call libsystemd
through python ctypes or whatever other FFI mechanism is available.)



On Fri, Oct 22, 2021 at 4:32 PM DHAIY DHAIY  wrote:

> Thanks a lot Mantas.
> But in my sytem, logger does not have "--journal".
> Are you aware of other tools from bash which can be used?
>
> BR
> --
> *发件人:* Mantas Mikulėnas 
> *发送时间:* 2021年10月22日 18:45
> *收件人:* DHAIY DHAIY 
> *抄送:* systemd-devel@lists.freedesktop.org <
> systemd-devel@lists.freedesktop.org>
> *主题:* Re: [systemd-devel] 回复: Is it possible to send a string to the
> journal of one specific systemd unit
>
> If you have root privileges (i.e. UID 0), then yes, you can send a journal
> message with the "OBJECT_SYSTEMD_UNIT=myservice.service" field and
> journalctl will automatically look for that.
>
> In C, specify the field when calling sd_journal_sendv(); in bash you can
> use `logger --journal`:
>
> (echo "OBJECT_SYSTEMD_UNIT=sshd.service";
>  echo "MESSAGE=Hello world!") | sudo logger --journal
>
> On Fri, Oct 22, 2021 at 11:43 AM DHAIY DHAIY  wrote:
>
> Saying we have a systemd unit named "myservice".
>
> we can use *journalctl -u myservice* to inspect the logs generated by
> myservice.
>
>
> But is there a way to insert one string from command-line into myservice's
> journal so that it can be seen by *journalctl -u myservice* later?
>
> --
> *发件人:* DHAIY DHAIY
> *发送时间:* 2021年10月22日 16:40
> *收件人:* systemd-devel@lists.freedesktop.org <
> systemd-devel@lists.freedesktop.org>
> *主题:* Is it possible to send a string to the journal of one specific
> systemd unit
>
>
> Saying we have a systemd unit named "myservice".
>
> we can use *journalctl -u myservice* to inspect the logs generated by
> myservice.
>
>
> But is there a way to insert one string from command-line into myservice's
> journal so that it can be seen by *journalctl -u myservice* later?
>
>
>
> --
> Mantas Mikulėnas
>


-- 
Mantas Mikulėnas

[systemd-devel] Networking in a systemd-nspawn container

2021-10-22 Thread Tobias Hunger 
Hello Systemd Mailing List!

I have a laptop and run a couple of systemd-nspawn containers on that
machine. This works great, except that name resolution insode the
containers fails whenever the network on the outside changes.

This is not too surprising: At setup time the resolver information is
copied into the containers and never updated. That is sup-optimal for
my laptop that I keep moving between networks.

I have been wondering: Would it be possible to forward the containers
resolver to the host machine resolver somehow?

Could e.g. systemd-nspawn optionally make the hosts resolver available
in the containers network namespace? Maybe by setting up some port
forwarding or by putting a socket into the container somewhere?

Any ideas? I can do some of the work with a bit of guidance.

Best Regards,
Tobias

Re: [systemd-devel] loose thoughts around portable services

2021-10-22 Thread Lennart Poettering 
On Mi, 20.10.21 16:01, Umut Tezduyar Lindskog (u...@tezduyar.com) wrote:

> > That said: systemd's nss-systemd NSS module can nowadays (v249) read
> > user definitions from drop-in JSON fragments in
> > /run/host/userdb/. This is is used by nspawn's --bind-user= feature to
> > make a host user easily available in a container, with group info,
> > password and so on. My plan was to also make use of this in the unit
> > executor, i.e. so that whenever RootDirectory=/RootImage= are used the
> > service manager places such minimal user info for the selected user
> > there, so that the user is perfectly resolvable inside the service
> > too. This is particularly relevant for DynamicUser=1 services. I
> > haven't come around actually implementing that though. Given
> > nss-systemd is enabled in most bigger distro's nssswitch.conf file
> > these days I think this is a really nice approach to propagate user
> > databases like that.
> >
>
> Why don't we also make the varlink user API available to most of the
> profiles? This way sandboxed service doesn't need any of the nss conf and
> libraries if they don't want to. Most profiles allow dbus communication. I
> guess in a similar thought, most system services should be able to do a
> user lookup in a modern way.

I sympathize with the idea, but I am not entirely sure this is
desirable to do this 1:1, as this means we'd leak a ton of stuff that
might only make sense on the host into something that is supposed to
be an isolated container. i.e. home dir info and things like
that. shell paths and so on.

Maybe we can find a middle ground on this though. i.e. we could make
systemd-userdb.service listen on a new varlink service socket that
provides the host's database to sandboxed environments in a restricted
form, i.e. with basically all records dumbed down to just contain
uid/gid/name info and nothing else.

We'd then update the portabled profiles that do not use PrivateUsers=
to bind mount that one socket, so that they get the full db,
dynamically.

I kinda like the idea.

> We could implement our own profiles without needing nesting but we believe
> it is beneficial to collaborate on profiles upstream and have common
> additions to upstream profiles with nesting other profiles. If we get to it
> before other people, we would really like to contribute and send a patch on
> this.

A patch adding .d/ style drop-ins for profiles would make a ton of
sense. Happy to take that.

Lennart

--
Lennart Poettering, Berlin

[systemd-devel] 回复: 回复: Is it possible to send a string to the journal of one specific systemd unit

2021-10-22 Thread DHAIY DHAIY 
Thanks a lot Mantas.
But in my sytem, logger does not have "--journal".
Are you aware of other tools from bash which can be used?

BR

发件人: Mantas Mikulėnas 
发送时间: 2021年10月22日 18:45
收件人: DHAIY DHAIY 
抄送: systemd-devel@lists.freedesktop.org 
主题: Re: [systemd-devel] 回复: Is it possible to send a string to the journal of 
one specific systemd unit

If you have root privileges (i.e. UID 0), then yes, you can send a journal 
message with the "OBJECT_SYSTEMD_UNIT=myservice.service" field and journalctl 
will automatically look for that.

In C, specify the field when calling sd_journal_sendv(); in bash you can use 
`logger --journal`:

(echo "OBJECT_SYSTEMD_UNIT=sshd.service";
 echo "MESSAGE=Hello world!") | sudo logger --journal

On Fri, Oct 22, 2021 at 11:43 AM DHAIY DHAIY 
mailto:dh...@msn.com>> wrote:

Saying we have a systemd unit named "myservice".

we can use journalctl -u myservice to inspect the logs generated by myservice.


But is there a way to insert one string from command-line into myservice's 
journal so that it can be seen by journalctl -u myservice later?


发件人: DHAIY DHAIY
发送时间: 2021年10月22日 16:40
收件人: 
systemd-devel@lists.freedesktop.org 
mailto:systemd-devel@lists.freedesktop.org>>
主题: Is it possible to send a string to the journal of one specific systemd unit


Saying we have a systemd unit named "myservice".

we can use journalctl -u myservice to inspect the logs generated by myservice.


But is there a way to insert one string from command-line into myservice's 
journal so that it can be seen by journalctl -u myservice later?



--
Mantas Mikulėnas

Re: [systemd-devel] A questions about modules-load service in systemd

2021-10-22 Thread Lennart Poettering 
On Fr, 22.10.21 10:31, Joakim Zhang (qiangqing.zh...@nxp.com) wrote:

>
> Hi systemd experts,
>
> I saw you guys did much contributions in modules-load part recently, I have a 
> questions, some insight you input would be appreciated, thanks in advance.
>
> Do you know how to load all modules in a single task? In other
> words, load all modules within a single task as I want they process
> sequentially.

Are you sure you mean "systemd-modules-load"? Most module loading
happens via udev, not systemd-modules-load. That service is only
required for a few select modules that do not support auto-loading.

udev loads all modules as the hw they are for shows up. And no there's
no way to make that sequential.

Why do you need this? For debugging purposes? To work around a broken driver?

> If I understand correctly, systemd-modules-load service now will
> fork many tasks to process different kernel modules parallelly.

It doesn't do that actually. But udev when it loads kernel modules
does things from a bunch of worker processes all in parallel.

Lennart

--
Lennart Poettering, Berlin

[systemd-devel] systemctl start seems to hang with no status

2021-10-22 Thread Ulrich Windl 
Hi!

After a change in configuration ,updates and a reboot, I saw thgis  probel in
SLES12 SP5 (systemd-228-157.30.1.x86_64):
ntpd.service failed during boot. For some reason /etc/ntp.conf was missing (my
fault).
After restoring /etc/ntp.conf and trying a start, start never seems to finish
and I see no logs that something is even attempted.

Some logs:
Oct 22 12:55:46 v07 start-ntpd[1431]: Time server configuration file,
/etc/ntp.conf does not exist.
Oct 22 12:55:46 v07 systemd[1]: ntpd.service: Control process exited,
code=exited status=6
Oct 22 12:55:46 v07 systemd[1]: Failed to start NTP Server Daemon.
Oct 22 12:55:46 v07 systemd[1]: Dependency failed for Wait for ntpd to
synchronize system clock.
Oct 22 12:55:46 v07 systemd[1]: ntp-wait.service: Job ntp-wait.service/start
failed with result 'dependency'.
Oct 22 12:55:46 v07 systemd[1]: ntpd.service: Unit entered failed state.
Oct 22 12:55:46 v07 systemd[1]: ntpd.service: Failed with result 'exit-code'.
Oct 22 12:55:46 v07 systemd[1]: Reached target System Time Synchronized.

Interestingly I wouldn't expect "Reached target System Time Synchronized.".

Status when "systemctl start ntpd" was running for some time already:
v07:~ # systemctl status ntpd.service
● ntpd.service - NTP Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor
preset: disabled)
  Drop-In: /run/systemd/generator/ntpd.service.d
   └─50-insserv.conf-$time.conf
   Active: activating (auto-restart) (Result: exit-code) since Fri 2021-10-22
12:55:46 CEST; 7min ago
 Docs: man:ntpd(1)
Tasks: 0 (limit: 512)

Oct 22 12:55:46 v07 systemd[1]: ntpd.service: Control process exited, ...=6
Oct 22 12:55:46 v07 systemd[1]: Failed to start NTP Server Daemon.
Oct 22 12:55:46 v07 systemd[1]: ntpd.service: Unit entered failed state.
Oct 22 12:55:46 v07 systemd[1]: ntpd.service: Failed with result 'exit...'.
Hint: Some lines were ellipsized, use -l to show in full.

After significant time:
Oct 22 13:06:47 v07 systemd[1]: ntpd.service: Service RestartSec=11min
expired, scheduling restart.
Oct 22 13:06:47 v07 systemd[1]: Stopped NTP Server Daemon.
Oct 22 13:06:47 v07 systemd[1]: Starting NTP Server Daemon...
Oct 22 13:06:47 v07 ntpd[3998]: ntpd 4.2.8p15@1.3728-o Mon Jun 21 18:17:38 UTC
2021 (1): Starting
Oct 22 13:06:47 v07 ntpd[3998]: Command line: /usr/sbin/ntpd -p
/var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf
Oct 22 13:06:47 v07 ntpd[3998]:

Oct 22 13:06:47 v07 ntpd[3998]: ntp-4 is maintained by Network Time
Foundation,
Oct 22 13:06:47 v07 ntpd[3998]: Inc. (NTF), a non-profit 501(c)(3)
public-benefit
...
Oct 22 13:06:47 v07 systemd[1]: Started NTP Server Daemon.

I don't understand: Was the missing ntp.conf file blocking the service for 11
minutes?

v07:~ # systemctl status ntp-wait.service
● ntp-wait.service - Wait for ntpd to synchronize system clock
   Loaded: loaded (/usr/lib/systemd/system/ntp-wait.service; enabled; vendor
preset: disabled)
   Active: inactive (dead)

Oct 22 12:55:46 v07 systemd[1]: Dependency failed for Wait for ntpd to
synchronize system clock.
Oct 22 12:55:46 v07 systemd[1]: ntp-wait.service: Job ntp-wait.service/start
failed with result 'dependency'.

Regards,
Ulrich

Re: [systemd-devel] 回复: Is it possible to send a string to the journal of one specific systemd unit

2021-10-22 Thread Mantas Mikulėnas 
If you have root privileges (i.e. UID 0), then yes, you can send a journal
message with the "OBJECT_SYSTEMD_UNIT=myservice.service" field and
journalctl will automatically look for that.

In C, specify the field when calling sd_journal_sendv(); in bash you can
use `logger --journal`:

(echo "OBJECT_SYSTEMD_UNIT=sshd.service";
 echo "MESSAGE=Hello world!") | sudo logger --journal

On Fri, Oct 22, 2021 at 11:43 AM DHAIY DHAIY  wrote:

> Saying we have a systemd unit named "myservice".
>
> we can use *journalctl -u myservice* to inspect the logs generated by
> myservice.
>
>
> But is there a way to insert one string from command-line into myservice's
> journal so that it can be seen by *journalctl -u myservice* later?
>
> --
> *发件人:* DHAIY DHAIY
> *发送时间:* 2021年10月22日 16:40
> *收件人:* systemd-devel@lists.freedesktop.org <
> systemd-devel@lists.freedesktop.org>
> *主题:* Is it possible to send a string to the journal of one specific
> systemd unit
>
>
> Saying we have a systemd unit named "myservice".
>
> we can use *journalctl -u myservice* to inspect the logs generated by
> myservice.
>
>
> But is there a way to insert one string from command-line into myservice's
> journal so that it can be seen by *journalctl -u myservice* later?
>
>

-- 
Mantas Mikulėnas

Re: [systemd-devel] Failed to set up mount namespacing: /run/systemd/unit-root/run/named

2021-10-22 Thread Josef Moellers 
On 22.10.21 09:08, Josef Moellers wrote:
> Hi,
> I'm working on bind/named and I'm currently trying to find out why
> starting of named fails.
> When I run "systemctl start named", I get these lines in the journal:
> Oct 22 09:02:05 sles15-sp4 systemd[2012]: Failed to determine whether
> /run/systemd/unit-root/run/named is already a mount point:
> No such file or directory

It was due to the fact that "/run/named" did not exist but had been
mentioned in ReadWritePaths= in the service unit file! The appropriate
entry in the tmpfiles config file had somehow got lost. Creating that
directory on the VM let me start the service. I have now added the entry
to the tmpfiles config file and am waiting for the package build to
complete.

Josef

> Oct 22 09:02:05 sles15-sp4 systemd[2012]: named.service: Failed to set
> up mount namespacing: /run/systemd/unit-root/run/named:
> No such file or directory
> Oct 22 09:02:05 sles15-sp4 systemd[2012]: named.service: Failed at step
> NAMESPACE spawning /usr/lib/bind/named.prep: No such
> file or directory
> 
> and "systemctl status named" reports:
> Process: 2012 ExecStartPre=/usr/lib/bind/named.prep (code=exited,
> status=226/NAMESPACE)
> 
> The /usr/lib/bind/named.prep has not been started.
> 
> Our systemd colleague is currently occupied elsewhere, so I am resorting
> to this ML. I guess I'm just missing something in the SPEC file and
> would appreciate any pointers to where to look.
> 
> Thanks and ... stay healthy!
> 
> Josef
> 


-- 
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany

(HRB 36809, AG Nürnberg)
Geschäftsführer: Felix Imendörffer

[systemd-devel] 回复: Is it possible to send a string to the journal of one specific systemd unit

2021-10-22 Thread DHAIY DHAIY 
Saying we have a systemd unit named "myservice".

we can use journalctl -u myservice to inspect the logs generated by myservice.


But is there a way to insert one string from command-line into myservice's 
journal so that it can be seen by journalctl -u myservice later?


发件人: DHAIY DHAIY
发送时间: 2021年10月22日 16:40
收件人: systemd-devel@lists.freedesktop.org 
主题: Is it possible to send a string to the journal of one specific systemd unit


Saying we have a systemd unit named "myservice".

we can use journalctl -u myservice to inspect the logs generated by myservice.


But is there a way to insert one string from command-line into myservice's 
journal so that it can be seen by journalctl -u myservice later?

[systemd-devel] Failed to set up mount namespacing: /run/systemd/unit-root/run/named

2021-10-22 Thread Josef Moellers 
Hi,
I'm working on bind/named and I'm currently trying to find out why
starting of named fails.
When I run "systemctl start named", I get these lines in the journal:
Oct 22 09:02:05 sles15-sp4 systemd[2012]: Failed to determine whether
/run/systemd/unit-root/run/named is already a mount point:
No such file or directory
Oct 22 09:02:05 sles15-sp4 systemd[2012]: named.service: Failed to set
up mount namespacing: /run/systemd/unit-root/run/named:
No such file or directory
Oct 22 09:02:05 sles15-sp4 systemd[2012]: named.service: Failed at step
NAMESPACE spawning /usr/lib/bind/named.prep: No such
file or directory

and "systemctl status named" reports:
Process: 2012 ExecStartPre=/usr/lib/bind/named.prep (code=exited,
status=226/NAMESPACE)

The /usr/lib/bind/named.prep has not been started.

Our systemd colleague is currently occupied elsewhere, so I am resorting
to this ML. I guess I'm just missing something in the SPEC file and
would appreciate any pointers to where to look.

Thanks and ... stay healthy!

Josef
-- 
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany

(HRB 36809, AG Nürnberg)
Geschäftsführer: Felix Imendörffer