[systemd-devel] Unable to insert a route to a non-default table
Hi everyone, I am trying to setup an app using transparent proxy and I need to insert the following route: ip route add local 0.0.0.0/0 dev lo table 100 After a few attempts, I noticed that it appears that systemd-networkd, on my router, cannot insert any route to any table other than the default one. I have reduced the issue to the following setup: [Match] Name=eth-wan [Route] Destination=192.168.125.1 Table=101 eth-wan is my router's WAN interface and has a subnet of 192.168.125.0/24. After reloading, restarting, and even rebooting, when I inspect table 101 via "ip route show table 101", I always get: Error: ipv4: FIB table does not exist. Dump terminated I noticed that the support of custom routing table was added way back in 2016: https://github.com/systemd/systemd/pull/3132 with an example of - [Match] Name=wlan0 [Route] Destination=10.76.1.254 Table=111 --- [root@maximus route-table]# ip route show table 111 [root@maximus route-table]# ip route show table 111 10.76.1.254 dev wlan0 proto static [root@maximus route-table]# This setup looks almost identical to mine, so I am not sure is this a bug, or is there something that might be wrong with my environment. Could anyone give me some advice on how to figure this out? I am running systemd 247.3-1 on ArchLinux with kernel 5.10.13: root@home-gateway /e/s/network# systemctl --version systemd 247 (247.3-1-arch) +PAM +AUDIT -SELINUX -IMA -APPARMOR +SMACK -SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +ZSTD +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid root@home-gateway /e/s/network [2]# uname -a Linux home-gateway 5.10.13-arch1-1 #1 SMP PREEMPT Wed, 03 Feb 2021 23:44:07 + x86_64 GNU/Linux Thanks! — Minsheng ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] How to turn off the ntp time synchronization in default when power on
HI timedatectl set-ntp false what is the diff between this and systemctl disable ntp Thanks > > should stop and disable it. > > > Kind regards, > > Paul > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/systemd-devel > -- Liu An ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl reboot/halt with non-privilege user
[user@host ~]$ systemctl poweroff >> >> AUTHENTICATING FOR org.freedesktop.login1.set-wall-message >> >> Authentication is required to set a wall message >> >> Authenticating as: root >> >> Password >> > UPDATED: some of folks just kindly remind me that polkit configuration will be the key, I've some quick tests over it | command |response | |systemctl reboot locally | reboot without prompt | |systemctl halt locally | halt with prompt | |systemctl reboot via ssh | reboot with prompt | so the case should not be worse than i think, at least you can't do it remotely. might consider it a small flaw when you use it as PC rather as server. also thank you for sharing such good resources :) -- Liu An ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl reboot/halt with non-privilege user
Hi, > > > Is it default behavior by design? I dont think a non-privileged user > > could reboot the system as he/she wishes. > > > > btw, I'm in an HPC related domain, if this behavior of systemctl is > > allowed, every single user could reboot the whole cluster as they wish, > > it's a disaster. > > https://bbs.archlinux.org/viewtopic.php?id=152565 > Thank you for the information. I'm not good at polkit, and will spend some time diving into the configuration -- Liu An ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemctl reboot/halt with non-privilege user
Hi, > It really depends on the policykit setup. > it is, I'm sure even i'm not good at polkit (or even i didn't know polkit, i still believe there is some config control over this) i'm saying of the default behavior after installation. > > e.g. if the user is in the wheel group, they may have additional > privileges by virtue of that. > > On my systems (centos 8 here) policykit will prompt for the root password: > > [user@host ~]$ systemctl poweroff > > AUTHENTICATING FOR org.freedesktop.login1.set-wall-message > > Authentication is required to set a wall message > > Authenticating as: root > > Password: > > while my systemctl halt prompt the 'same as system shutdowm' you mentioned did you try systemctl reboot (if you didn't adjust polkit config from the default one) It's really strange to have a non-privileged user reboot access by default, isn't. AN ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemctl reboot/halt with non-privilege user
Hi, folks, I used to type systemctl reboot with non-privileged users, and to my surprise, the system goes down for the reboot. I've tested in both debian and centos 7, they act the same, however, systemctl halt will prompt you to enter administrator password to continue. Is it default behavior by design? I dont think a non-privileged user could reboot the system as he/she wishes. btw, I'm in an HPC related domain, if this behavior of systemctl is allowed, every single user could reboot the whole cluster as they wish, it's a disaster. -- Liu An ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Systemd-analyze time not giving kernal bootup time.
Looks like https://github.com/systemd/systemd/pull/9801 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Wanted service in status deactivating
Can someone give me some advice? Thanks. Shuang Liu -Original Message- Hi, What happens if a wanted service in status deactivating (stop)? For example, in the service A an ExecStop= is defined and takes 0.5s. Then what should happen if a service B is started and A is WantedBy B during the 0.5s. Concrete scenario is: A USB device has defined the udev rule SYSTEMD_WANTS=A.service and is bind to B.device. It works normally as expected: When connect the device, the A.service is started. When disconnect, the A.service is stopped. However, if quick disconnect/connect the device (<0.5s), A.service stay in stopped and will not be restarted. Probably when connecting, the service is in deactivating and the Wants will be hence ignored. Best regards Shuang Liu ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Wanted service in status deactivating
Hi, What should happen if a wanted service in status deactivating (stop)? For example, in the service A an ExecStop= is defined and takes 0.5s. Then what should happen if a service B is started and A is wantedby B during the 0.5s. Concrete scenario is: A USB device has defined the udev rule SYSTEMD_WANTS=A.service and is bind to B.device. It works normally as expected: When connect the device, the A.service is started. When disconnect, the A.service is stopped. However, if quick disconnect/connect the device (<0.5s), A.service stay in stopped and will not be restarted. Probably when connecting, the service is in deactivating and the Wants will be hence ignored. Best regards Shuang Liu ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Homepage systemd.conf 2015 unmaintained / abused?
The following looks strange: Sponsors systemd.conf 2015 is only possible by the financial support from sponsors. Our current sponsors include Madison Roofing and Eau Claire Attorney. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Fwd: Fwd: CPU time of journal
2016-12-20 15:06 GMT+01:00 Lennart Poettering: > > I figure we could avoid this call entirely, by passing in the > parameter we already got from the first invocaiton. Great, we can save a lot by this. > Well, with this you lose out on most of the metadata collection, > i.e. "systemctl status foobar.service" won't be able to filter by unit > anymore. However, if the metadata and filtering is not relevant to you > you can certainly live without it... I am not sure about the unit, seems we could still have _SYSTEMD_UNIT= from the unit_id variable we got. But, right, the most meta data are lost, which is definitely not desirable on Servers. > Ideally, the kernel would just attach the necessary data directly for > us to the log datagrams. That would fix a race and be much > cheaper. Unfortunately noone bothered so far to make this acceptible > to the kernel maintainers... > I am not sure I like this idea... The primary reason the journal > exists is so that we can implement "systemctl status" properly, after > all... > > mybe some hidden env var we check might be OK, but certainly not a > first-level configuration file option... Okay, I agree with you. A hidden option is enough for such kind of use cases. Thanks for your advice. We really appreciate your help. Regards, Шуангистан ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Behavior when both TimeoutSec and TimeoutStartSec or TimeoutStopSec are defined
Hi, I faced a question about the behavior when both TimeoutSec and TimeoutStartSec or TimeoutStopSec are defined in the same .service file. I could hardly find any hints in the man page and could only confirm the behavior by reading the code. Afterwards I found a discussion about this behavior in systemd-devel mail archives: http://lists.freedesktop.org/archives/systemd-devel/2012-August/006095.html I wonder whether this behavior should be described in the systemd.service man page. Thanks for your help. Best regards Shuang Liu Advanced Driver Information Technology GmbH Software Group II (ADITG/SW2) Robert-Bosch-Str. 200 31139 Hildesheim Germany Tel. +49 5121 49 6913 Fax +49 5121 49 6999 s...@de.adit-jv.com ADIT is a joint venture company of Robert Bosch GmbH/Robert Bosch Car Multimedia GmbH and DENSO Corporation Sitz: Hildesheim, Registergericht: Amtsgericht Hildesheim HRB 3438 Geschäftsführung: Wilhelm Grabow, Ken Yaguchi ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] reboot during booting up
On Fri, 2015-11-13 at 13:10 +0100, Lennart Poettering wrote: > On Fri, 13.11.15 17:41, Dangyi Liu (d...@redhat.com) wrote: > > > Hello. > > > > I'm from Fedora kdump team and we found that in the latest verson > > of > > systemd, it's no longer legal to call reboot during system booting > > up. > > It complains > > > > > Transaction contains conflicting jobs 'stop' and 'start' for > > > shutdown.target. > > > > I'm wondering whether it's possible to do so because I've checked > > almost all related services and added "DefaultDependencies=no" for > > them, but it never works. > > How do you issue the reboot call? By calling "/bin/reboot" in a shell script. > This should really work. Basically, there's a mode how you can > enqueue > jobs systemd shall execute, called "replace-irreversibly". Reboot > requests are generally enqueued this way. This mode ensures that when > later on contradicting jobs are enqueued that later transaction will > fail instead of the older reboot transaction... It seems the problem is that reboot contradicts some enqueued jobs, not later transaction contradicts reboot job. > Most likely when you run into this you already have some transaction > of this kind enqueued, but the question is why. "systemctl dump" > shows > you all queued jobs (and more) and the Irreversible flag for each. It tells me there's no operation 'dump' for systemctl.. > Lennart > ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] xorg uses 100% CPU after upgrading to 226
On Wed, Sep 23, 2015 at 2:57 PM Jin Liu <m.liu@gmail.com> wrote: > According to strace -p, xorg is spinning on a select(), which always > return the same fd #6, which seems related to the system dbus: > > > $ pgrep Xorg > 614 > $ strace -p 614 > Process 614 attached > select(256, [1 3 5 6 8 10 19 23 25 29 36 37 38 39 40 41], NULL, NULL, > {214, 537000}) = 1 (in [6], left {214, 536993}) > select(256, [1 3 5 6 8 10 19 23 25 29 36 37 38 39 40 41], NULL, NULL, > {214, 537000}) = 1 (in [6], left {214, 536995}) > select(256, [1 3 5 6 8 10 19 23 25 29 36 37 38 39 40 41], NULL, NULL, > {214, 537000}) = 1 (in [6], left {214, 536995}) > select(256, [1 3 5 6 8 10 19 23 25 29 36 37 38 39 40 41], NULL, NULL, > {214, 537000}) = 1 (in [6], left {214, 536995}) > select(256, [1 3 5 6 8 10 19 23 25 29 36 37 38 39 40 41], NULL, NULL, > {214, 537000}) = 1 (in [6], left {214, 536996}) > select(256, [1 3 5 6 8 10 19 23 25 29 36 37 38 39 40 41], NULL, NULL, > {214, 536000}) = 1 (in [6], left {214, 535996}) > select(256, [1 3 5 6 8 10 19 23 25 29 36 37 38 39 40 41], NULL, NULL, > {214, 536000}) = 1 (in [6], left {214, 535996}) > ^C > $ gdb -p 614 > GNU gdb (GDB) 7.10 > Copyright (C) 2015 Free Software Foundation, Inc. > License GPLv3+: GNU GPL version 3 or later < > http://gnu.org/licenses/gpl.html> > This is free software: you are free to change and redistribute it. > There is NO WARRANTY, to the extent permitted by law. Type "show copying" > and "show warranty" for details. > This GDB was configured as "x86_64-unknown-linux-gnu". > Type "show configuration" for configuration details. > For bug reporting instructions, please see: > <http://www.gnu.org/software/gdb/bugs/>. > Find the GDB manual and other documentation resources online at: > <http://www.gnu.org/software/gdb/documentation/>. > For help, type "help". > Type "apropos word" to search for commands related to "word". > Attaching to process 614 > Reading symbols from /usr/lib/xorg-server/Xorg...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libdbus-1.so.3...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libudev.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libgcrypt.so.20...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libdl.so.2...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libunwind.so.8...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libpciaccess.so.0...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libdrm.so.2...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libpixman-1.so.0...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libXfont.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libXau.so.6...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libsystemd.so.0...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libxshmfence.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libXdmcp.so.6...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libm.so.6...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libc.so.6...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libpthread.so.0...(no debugging symbols > found)...done. > [New LWP 980] > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/usr/lib/libthread_db.so.1". > Reading symbols from /usr/lib/librt.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libresolv.so.2...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libcap.so.2...(no debugging symbols > found)...done. > Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libgpg-error.so.0...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/liblzma.so.5...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libfreetype.so.6...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libz.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libfontenc.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/liblz4.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libattr.so.1...(no debugging symbols > found)...done. > Reading symbols from /usr/lib/libbz2.so.1.0...(no debugging symbols > found)...done. > Reading
Re: [systemd-devel] xorg uses 100% CPU after upgrading to 226
s found)...done. Reading symbols from /usr/lib/libexpat.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/libglapi.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libXext.so.6...(no debugging symbols found)...done. Reading symbols from /usr/lib/libXdamage.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/libXfixes.so.3...(no debugging symbols found)...done. Reading symbols from /usr/lib/libX11-xcb.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/libX11.so.6...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-glx.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-dri2.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-dri3.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-present.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-randr.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-xfixes.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-render.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-shape.so.0...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb-sync.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/libxcb.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/libXxf86vm.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/xorg/modules/drivers/intel_drv.so...(no debugging symbols found)...done. Reading symbols from /usr/lib/libdrm_intel.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/libstdc++.so.6...done. Reading symbols from /usr/lib/libgcc_s.so.1...done. Reading symbols from /usr/lib/xorg/modules/input/evdev_drv.so...(no debugging symbols found)...done. Reading symbols from /usr/lib/libmtdev.so.1...(no debugging symbols found)...done. Reading symbols from /usr/lib/libevdev.so.2...(no debugging symbols found)...done. Reading symbols from /usr/lib/xorg/modules/input/synaptics_drv.so...(no debugging symbols found)...done. Reading symbols from /usr/lib/xorg/modules/dri/i965_dri.so...(no debugging symbols found)...done. Reading symbols from /usr/lib/libdrm_nouveau.so.2...(no debugging symbols found)...done. Reading symbols from /usr/lib/libdrm_radeon.so.1...(no debugging symbols found)...done. 0x7f47ceec8e23 in select () from /usr/lib/libc.so.6 (gdb) bt #0 0x7f47ceec8e23 in select () from /usr/lib/libc.so.6 #1 0x0058f537 in WaitForSomething () #2 0x00438be1 in ?? () #3 0x0043cf0b in ?? () #4 0x7f47cee07610 in __libc_start_main () from /usr/lib/libc.so.6 #5 0x00427319 in _start () (gdb) quit A debugging session is active. Inferior 1 [process 614] will be detached. Quit anyway? (y or n) Y Detaching from program: /usr/lib/xorg-server/Xorg, process 614 $ ls -l /proc/614/fd/6 lrwx-- 1 jin users 64 9月 23 14:23 /proc/614/fd/6 -> socket:[15637] $ lsof +E -p 614 | grep 15637 dbus-daem 449 dbus 16u unix 0x8800d8c4e300 0t0 14185 /run/dbus/system_bus_socket type=STREAM ->INO=15637 614,Xorg,6u Xorg 614 jin6u unix 0x8800d8c4e680 0t0 15637 type=STREAM ->INO=14185 449,dbus-daem,16u BTW, I run xorg from a user session, not the usual root. My software versions: systemd / libsystemd 226 dbus / libdbus 1.10.0-3 xorg-server 1.17.2-4 On Wed, Sep 23, 2015 at 7:25 AM David Herrmann <dh.herrm...@gmail.com> wrote: > Hi > > On Tue, Sep 22, 2015 at 9:23 PM, Jin Liu <m.liu@gmail.com> wrote: > > After upgrading to 226, the Xorg process keeps using 100% CPU. Also, the > > "xrandr --dpi 168" command in my .xinitrc no longer works. > > > > My startx.service and .xinitrc: > > > > $ systemctl cat startx.service > > # /etc/systemd/system/startx.service > > [Unit] > > Description=Direct X login > > After=systemd-user-sessions.service > > Conflicts=getty@tty1.service > > > > [Service] > > User=jin > > TTYPath=/dev/tty1 > > PAMName=login > > Environment=DISPLAY=:0 > > ExecStart=/usr/bin/bash --login -c "cd; (/usr/lib/xorg-server/Xorg > -nolisten > > tcp vt1 &); source .xinitrc" > > > > [Install] > > WantedBy=graphical.target > > $ cat .xinitrc > > #!/bin/sh > > # > > # ~/.xinitrc > > # > > # Executed by startx (run your window manager from here) > > > > export DESKTOP_SESSION="plasma" > > > > if [ -d /etc/X11/xinit/xinitrc.d ]; then > > for f in /etc/X11/xinit/xinitrc.d/*; do > >[ -x "$f" ] && . "$f" > > done > > unset f > > fi > > > > xrandr --dp
[systemd-devel] xorg uses 100% CPU after upgrading to 226
After upgrading to 226, the Xorg process keeps using 100% CPU. Also, the "xrandr --dpi 168" command in my .xinitrc no longer works. My startx.service and .xinitrc: $ systemctl cat startx.service # /etc/systemd/system/startx.service [Unit] Description=Direct X login After=systemd-user-sessions.service Conflicts=getty@tty1.service [Service] User=jin TTYPath=/dev/tty1 PAMName=login Environment=DISPLAY=:0 ExecStart=/usr/bin/bash --login -c "cd; (/usr/lib/xorg-server/Xorg -nolisten tcp vt1 &); source .xinitrc" [Install] WantedBy=graphical.target $ cat .xinitrc #!/bin/sh # # ~/.xinitrc # # Executed by startx (run your window manager from here) export DESKTOP_SESSION="plasma" if [ -d /etc/X11/xinit/xinitrc.d ]; then for f in /etc/X11/xinit/xinitrc.d/*; do [ -x "$f" ] && . "$f" done unset f fi xrandr --dpi 168 exec /usr/bin/startkde $ BTW, if I move the "xrandr --dpi 168" line into /usr/bin/startkde, it works again (only DPI setting. Xorg still uses 100% CPU). What change in version 226 could cause the above problem, and how should I change the above files to fix it? Thanks. Regards, Jin Liu ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [ANNOUNCE] Git development moved to github
Hi, On 2/06/2015 8:27 PM, Dimitri John Ledkov wrote: On 1 June 2015 at 19:12, David Herrmann dh.herrm...@gmail.com wrote: Hi As of today we've disabled git-push to fd.o. The official development git repository is now at github [1]. The old repository will still be back-synced, but we had to disable push-access to avoid getting out-of-sync with github. [1] https://github.com/systemd-devs/systemd And where will be the stable repository / branches? I am also interested to know if the systemd-stable repository will continue to be maintained on either freedesktop or after being moved to GitHub. OpenEmbedded uses systemd 219 from systemd-stable repository which hasn't seen any activity in the last few months. Regards, Jonathan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Rebooting systemd-nspawn container results in shutdown
On 27 April 2015 at 00:55, Kai Krakow hurikha...@gmail.com wrote: I've successfully created a Gentoo container on top of a Gentoo host. I can start the container with machinectl, as I can with systemctl start Inside the container (logged in via SSH), I could issue a reboot command. But that just results in the container being shutdown. It never comes back unless I restart the machine with systemctl or machinectl. Perhaps related to https://bugs.freedesktop.org/show_bug.cgi?id=87428 ? Regards, Jonathan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] journal-remote: initialize writer hashmap before use
https://bugs.freedesktop.org/show_bug.cgi?id=83682 --- src/journal-remote/journal-remote.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c index f06c2cb..b1cc6fd 100644 --- a/src/journal-remote/journal-remote.c +++ b/src/journal-remote/journal-remote.c @@ -913,6 +913,10 @@ static int remoteserver_init(RemoteServer *s, return r; } +r = init_writer_hashmap(s); +if (r 0) +return r; + STRV_FOREACH(file, arg_files) { const char *output_name; @@ -942,10 +946,6 @@ static int remoteserver_init(RemoteServer *s, return -EINVAL; } -r = init_writer_hashmap(s); -if (r 0) -return r; - if (arg_split_mode == JOURNAL_WRITE_SPLIT_NONE) { /* In this case we know what the writer will be called, so we can create it and verify that we can -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Restarting from inside systemd-nspawn container results in deactivation
On 2/06/2014 8:51 PM, Djalal Harouni wrote: On Mon, Jun 02, 2014 at 11:47:39AM +1000, Jonathan Liu wrote: Hi, I am using systemd 212 on Arch Linux 64-bit with the following patch applied: http://cgit.freedesktop.org/systemd/systemd/commit/?id=d8e40d62ab871a87fde421c4b246bb45bc3cbe2d It would be easy for us if you could test the latest systemd 213 Ok, testing with systemd 213. I have systemd-nspawn@mycontainer service enabled and started for my container. If I SSH into the container and run the reboot command, the container reboots successfully and I can SSH into it again. However if I run systemctl status systemd-nspawn@mycontainer on the host, I notice the Active status changes from Active: active (running) to Active: deactivating (stop-sigterm). After about a minute and a half, systemd kills the container and my SSH connection is lost. And without the above patch ? (perhaps some cleaning races/left jobs...) Behaves the same without the above patch. Any ideas on how to proceed with fixing it so the container isn't killed when reboot is issued inside the container? If you are able to disable the service, try running it manually: # systemd-nspawn -bD /path/to/container Taken from: https://wiki.archlinux.org/index.php/Arch_systemd_container Then do a reboot/restart from the container and see! Works fine if I am running systemd-nspawn directly. It seems to be related to the service logic. If this works, then it may be related to the service logic, otherwise it's just the container config or systemd-nspawn... And please do past some container logs. Log attached. If time permits, I'll try to test it later. Thanks! Regards, Jonathan Jun 02 21:51:38 arch systemd[1]: Starting Container mycontainer... Jun 02 21:51:38 arch systemd-machined[6332]: New machine mycontainer. Jun 02 21:51:38 arch systemd-nspawn[7454]: systemd 213 running in system mode. (+PAM -AUDIT -SELINUX -IMA -SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ +SECCOMP -APPARMOR) Jun 02 21:51:38 arch systemd-nspawn[7454]: Detected virtualization 'systemd-nspawn'. Jun 02 21:51:38 arch systemd-nspawn[7454]: Detected architecture 'x86-64'. Jun 02 21:51:38 arch systemd-nspawn[7454]: Welcome to Arch Linux! Jun 02 21:51:38 arch systemd-nspawn[7454]: Cannot add dependency job for unit display-manager.service, ignoring: Unit display-manager.service failed to load: No such file or directory. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Reached target Remote File Systems. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Reached target Paths. Jun 02 21:51:38 arch systemd[1]: Started Container mycontainer. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Reached target Encrypted Volumes. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Reached target Swap. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Created slice Root Slice. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Listening on Delayed Shutdown Socket. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Listening on Device-mapper event daemon FIFOs. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Listening on /dev/initctl Compatibility Named Pipe. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Listening on LVM2 metadata daemon socket. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Created slice User and Session Slice. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Listening on Journal Socket. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Created slice System Slice. Jun 02 21:51:38 arch systemd-nspawn[7454]: Mounting POSIX Message Queue File System... Jun 02 21:51:38 arch systemd-nspawn[7454]: Mounting Configuration File System... Jun 02 21:51:38 arch systemd-nspawn[7454]: Mounting FUSE Control File System... Jun 02 21:51:38 arch systemd-nspawn[7454]: Mounting Huge Pages File System... Jun 02 21:51:38 arch systemd-nspawn[7454]: Mounting Debug File System... Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Created slice system-getty.slice. Jun 02 21:51:38 arch systemd-nspawn[7454]: Starting Create Static Device Nodes in /dev... Jun 02 21:51:38 arch systemd-nspawn[7454]: Starting Journal Service... Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Started Journal Service. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Reached target Slices. Jun 02 21:51:38 arch systemd-nspawn[7454]: Mounting Temporary Directory... Jun 02 21:51:38 arch systemd-nspawn[7454]: Starting Remount Root and Kernel File Systems... Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Mounted Debug File System. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Mounted FUSE Control File System. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Mounted POSIX Message Queue File System. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Mounted Configuration File System. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Started Create Static Device Nodes in /dev. Jun 02 21:51:38 arch systemd-nspawn[7454]: [ OK ] Mounted Huge Pages
[systemd-devel] Restarting from inside systemd-nspawn container results in deactivation
Hi, I am using systemd 212 on Arch Linux 64-bit with the following patch applied: http://cgit.freedesktop.org/systemd/systemd/commit/?id=d8e40d62ab871a87fde421c4b246bb45bc3cbe2d I have systemd-nspawn@mycontainer service enabled and started for my container. If I SSH into the container and run the reboot command, the container reboots successfully and I can SSH into it again. However if I run systemctl status systemd-nspawn@mycontainer on the host, I notice the Active status changes from Active: active (running) to Active: deactivating (stop-sigterm). After about a minute and a half, systemd kills the container and my SSH connection is lost. Any ideas on how to proceed with fixing it so the container isn't killed when reboot is issued inside the container? Regards, Jonathan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] units: use KillMode=process for systemd-nspawn@.service
On 28 May 2014 14:06, David Timothy Strauss da...@davidstrauss.net wrote: On Tue, May 27, 2014 at 10:55 PM, Jonathan Liu net...@gmail.com wrote: I suspect one downside is that if the container takes longer than the timeout to shutdown then it will go on a SIGKILL-ing spree... which could be a problem if a container process was in the middle of saving to disk while shutting down. Is it reasonable to have no timeout, though? The weight (in terms of state and shutdown time) of what runs in most containers isn't more substantial than what runs in most services. It's not hard to override the instance if it's necessary to have a longer timeout or no timeout. There is still a timeout with KillMode=process. Killing systemd-nspawn kills the container processes as well. I am just following the wiki at http://fedoraproject.org/wiki/Features/SystemdLightweightContainers Regards, Jonathan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] units: use KillMode=process for systemd-nspawn@.service
On 28/05/2014 10:32 PM, Zbigniew Jędrzejewski-Szmek wrote: On Wed, May 28, 2014 at 05:42:31PM +1000, Jonathan Liu wrote: On 28 May 2014 14:06, David Timothy Strauss da...@davidstrauss.net wrote: On Tue, May 27, 2014 at 10:55 PM, Jonathan Liu net...@gmail.com wrote: I suspect one downside is that if the container takes longer than the timeout to shutdown then it will go on a SIGKILL-ing spree... which could be a problem if a container process was in the middle of saving to disk while shutting down. Is it reasonable to have no timeout, though? The weight (in terms of state and shutdown time) of what runs in most containers isn't more substantial than what runs in most services. It's not hard to override the instance if it's necessary to have a longer timeout or no timeout. There is still a timeout with KillMode=process. It's not a question of timeouts, but of what is killed. With process, only the main process itself is killed. Normally this should be enough, because the init in the container will kill eveything else. But if it malfunctions, other processes from the container could be left around. So we don't want that. But the default is control-group, which does not seem right either in case of containers. IIUC, host's systemd will send SIGTERM to all processes in the container. We should probably be using mixed instead. Killing systemd-nspawn kills the container processes as well. I am just following the wiki at http://fedoraproject.org/wiki/Features/SystemdLightweightContainers mixed was added in 209, much later than this page was written. Zbyszek Okay, I will resubmit patch using KillMode=mixed. Regards, Jonathan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] units: use KillMode=mixed for systemd-nspawn@.service
This causes the container to shut down cleanly when the service is stopped. --- units/systemd-nsp...@.service.in | 1 + 1 file changed, 1 insertion(+) diff --git a/units/systemd-nsp...@.service.in b/units/systemd-nsp...@.service.in index ff36e90..e373628 100644 --- a/units/systemd-nsp...@.service.in +++ b/units/systemd-nsp...@.service.in @@ -11,6 +11,7 @@ Documentation=man:systemd-nspawn(1) [Service] ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest --directory=/var/lib/container/%i +KillMode=mixed Type=notify [Install] -- 1.9.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] units: use KillMode=process for systemd-nspawn@.service
This causes the container to shut down cleanly when the service is stopped. --- units/systemd-nsp...@.service.in | 1 + 1 file changed, 1 insertion(+) diff --git a/units/systemd-nsp...@.service.in b/units/systemd-nsp...@.service.in index ff36e90..6228345 100644 --- a/units/systemd-nsp...@.service.in +++ b/units/systemd-nsp...@.service.in @@ -11,6 +11,7 @@ Documentation=man:systemd-nspawn(1) [Service] ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=guest --directory=/var/lib/container/%i +KillMode=process Type=notify [Install] -- 1.9.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] units: use KillMode=process for systemd-nspawn@.service
On 28 May 2014 13:36, David Timothy Strauss da...@davidstrauss.net wrote: Is there a downside to using KillMode=mixed instead? I suspect one downside is that if the container takes longer than the timeout to shutdown then it will go on a SIGKILL-ing spree... which could be a problem if a container process was in the middle of saving to disk while shutting down. Regards, Jonathan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] units: add ConditionPathIsReadWrite for systemd-random-seed.service
On 11/04/2014 7:10 AM, Lennart Poettering wrote: On Thu, 10.04.14 14:00, Jonathan Liu (net...@gmail.com) wrote: --- units/systemd-random-seed.service.in | 1 + 1 file changed, 1 insertion(+) diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in index 1879b2f..cbe000c 100644 --- a/units/systemd-random-seed.service.in +++ b/units/systemd-random-seed.service.in @@ -13,6 +13,7 @@ RequiresMountsFor=@RANDOM_SEED@ Conflicts=shutdown.target After=systemd-readahead-collect.service systemd-readahead-replay.service systemd-remount-fs.service Before=sysinit.target shutdown.target +ConditionPathIsReadWrite=@RANDOM_SEED_DIR@ [Service] Type=oneshot What's the rationale here? I'd argue that the random seed service *should* fail if /var is not writable. So what's the logic behind wanting to conditionalize this? Lennart The service was failing when booting off a readonly root filesystem. It does seem better from a security perspective for the service to fail. If someone really wants to skip loading/saving the random seed they can remove it from sysinit.target.wants. Regards, Jonathan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] units: add ConditionPathIsReadWrite for systemd-random-seed.service
--- units/systemd-random-seed.service.in | 1 + 1 file changed, 1 insertion(+) diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in index 1879b2f..cbe000c 100644 --- a/units/systemd-random-seed.service.in +++ b/units/systemd-random-seed.service.in @@ -13,6 +13,7 @@ RequiresMountsFor=@RANDOM_SEED@ Conflicts=shutdown.target After=systemd-readahead-collect.service systemd-readahead-replay.service systemd-remount-fs.service Before=sysinit.target shutdown.target +ConditionPathIsReadWrite=@RANDOM_SEED_DIR@ [Service] Type=oneshot -- 1.9.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Problems from using systemd-40
Hi All: Now,I want to transplant systemd into tinycore system, I find a lots of problems by using systemd-40. 1. Failed to open /dev/kmsg for logging: No such file or directory. CONFIG_DEVTMPFS_MOUNT=y in my custom kernel 2. Logind service fail to start Starting Login service... Starting D-Bus System Message Bus... Both of them start in the same time, but Login service quickly return failure and don't block I can't fix what cause those problems. I hope someone give me some advice. Thank you firstly ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel