Re: [systemd-devel] Howto unshare when user session starts.

[Stef Bon]

Thank you for your answer. Sorry for my late reaction. I've been ill
for some weeks.

You say that starting a new namespace might have problems with
multithreaded programs (and which program isn't??). Can you explain
why and where the problem occurs? Maybe a link with some context. Much
appreciated.

S. Bon

Re: [systemd-devel] Howto unshare when user session starts.

[Stef Bon]

Hi,

I know that I can use a session file, and I know I can use a pamfile
(I've written one myself) but what I want to know is how can I use
systemd for that? Systemd handles the system, sessions and containers,
so is it for example possible to set some parameters and make the pam
module of systemd do this?

Stef

[systemd-devel] Howto unshare when user session starts.

[Stef Bon]

Hi,

maybe this is a question simple to answer.

I want the user sessions to start in a {mount,user} namespace. How can
I do this? I know there is the command systemd-nspawn. But to use this
I have to adjust the first command to start a session. Or is it
possible by setting parameters in logind?

Stef
the Netherlands

[systemd-devel] Possible to build a dnssd client with systemd.

[Stef Bon]

Hi,

I'm using the client library of avahi, and I want to build my own
dnssd client. I'm using epoll in my eventloop, and never (tried
several times) to make avahi work with my eventloop. Tried several
times, following examples found in the documentation.

Is this possible with systemd?

S. Bon

Re: [systemd-devel] Howto find sshfp records?

[Stef Bon]

Hi,

I cannot find a header file where DNS_TYPE_SSHFP is defined,
only in the source tree of systemd.
There should be a header file in /usr/include. Where can I find it?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Howto find sshfp records?

[Stef Bon]

Op zo 22 jul. 2018 om 21:49 schreef Mantas Mikulėnas :

> How can I make it to find sshfp records?
>>
>
> From the same page, "Use ResolveRecord() in order to resolve arbitrary
> resource records. The call will return the binary RRset data. This calls is
> useful to acquire resource records for which no high-level calls such as
> ResolveHostname(), ResolveAddress() and ResolveService() exist. In
> particular RRs such as MX, SSHFP, TLSA, CERT, OPENPGPKEY or IPSECKEY may be
> requested via this API."
>

Yes I know there is a second example there, but can you give an example how
to use this ?

Thanks in advance
Stef

>
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Howto find sshfp records?

[Stef Bon]

Hi,

I'm writing a ssh client, and I want it to be able to do a dns lookup of
sshfp records.
The ipv4 address is known, as wel as the hostname.
I've found the code about resolving:

https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients/

How can I make it to find sshfp records?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Suggestion for a system fs change notify service.

[Stef Bon]

Hi,

I've written a lot of fuse filesystems, and am interested in making fs
change notify service.

fschange notify (=fsnotify for Linux) does not work for fuse
filesystems. The reason for that is that
with fuse the backend/server is not informed a fsnotify watch is set
on an inode. For local filesystems this is not a problem, with
filesystems shared with other systems (network filesystems like fuse
and cifs and nfs ea) a change initiated by another system/user is not
detected.

The sollution I've been thinking of is a local service which handles
all the fs notify requests for userspace applications (like gamin/fam
did some time ago).  When the underlying filsystem is a local fs, this
will result in the default inotify and fanotify (for Linux).

When the fs is a fuse fs, the fsnotify service sends a message to the
fuse fs to inform a watch has been set (with a certain mask). There
fore it's required that the fuse connects to the fsnotify daemon
socket when when starting (for example /run/systemd/fsnotify/sock).

The reason I choose for a connection between the fuse fs and the
fsnotify daemon through a socket is that not all information which is
interesting to the application or better the user cannot go through
the kernel. For example details about who created a file.
(user@somehost.somedomain at when on which host) are not handled by
the kernel/fsnotify subsystem. In the past I've created patches for
the fsnotify subsystem and fuse which fsnotify for fuse work. With
these patches the message is sent to the userspace fuse daemon when a
watch has been set (and also when removed or changed). This worked,
but is not the best sollution in my opinion for fschange notify.

My idea is that a low level systemd-fsnotify which offers a socket to
fuse filesystems to handle the setting of watches is the best
sollution. And of course the processing of events when something is
reported by the fuse fs: this can be local or on the backend. The fuse
fs is responsible to use protocol specific calls to set a watch on the
backend server and process anything from the server and report back to
the fsnotify service.
It's then possible to provide applications extra information.

Filsesystems like cifs and nfs are a problem. I think that they can
also contact the "systemd-fsnotify" daemon through a fd (like with
autofs) but I;ve not spent a lot of time to this issue.

Maybe in future this service can also provide info about locking too.

What do you think?

Stef Bon
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] hash context not closed.

[Stef Bon]

hi,

maybe good to know that libgcrypt provides a function which offers "all in one":

 void gcry_md_hash_buffer (int algo, void *digest, const void *buffer,
size_t length)

digest can be an array created earlier using the function gcry_md_get_algo_dlen.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] hash context not closed.

[Stef Bon]

Same error here:
(gcry_md_open without gcry_md_close)
line 901 in src/resolve/resolved-dns-sec.c
while in the same file at 1227 it's done the good way.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] hash context not closed.

[Stef Bon]

The testing of the new code requires me too much (meson is required..
and I don't want to replace my existing systemd) and I do not expect
to add more patches is near future.

I've got a patch:

diff --git a/src/basic/gcrypt-util.c b/src/basic/gcrypt-util.c
index 1bfb77672..c7c07e3b7 100644
--- a/src/basic/gcrypt-util.c
+++ b/src/basic/gcrypt-util.c
@@ -46,6 +46,7 @@ int string_hashsum(const char *s, size_t len, int
md_algorithm, char **out) {
 size_t hash_size;
 void *hash;
 char *enc;
+int res=-EIO;

 initialize_libgcrypt(false);

@@ -59,14 +60,24 @@ int string_hashsum(const char *s, size_t len, int
md_algorithm, char **out) {
 gcry_md_write(md, s, len);

 hash = gcry_md_read(md, 0);
+
 if (!hash)
-return -EIO;
+goto closemd;

+res = -ENOMEM;
 enc = hexmem(hash, hash_size);
-if (!enc)
-return -ENOMEM;

-*out = enc;
-return 0;
+if (enc) {
+
+*out = enc;
+res = 0;
+
+}
+
+closemd:
+
+gcry_md_close(md);
+
+return res;
 }
 #endif

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] hash context not closed.

[Stef Bon]

2018-02-03 20:27 GMT+01:00  :

>
> Nice catch, that indeed looks like a leak.  Would you like to prep a
> PR fixing it?
>

PR? I do not know what you mean. A pull request?
I can write a patch.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] hash context not closed.

[Stef Bon]

2018-02-03 19:26 GMT+01:00 Stef Bon <stef...@gmail.com>:
> Hi,

Oh and this in in file src/basic/gcrypt-util.c.

>
> Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] hash context not closed.

[Stef Bon]

Hi,

when I look at the function string_hashsum it looks like the context
is not closed when done.

After a succesfull gcry_md_open the hash context md should be closed
when leaving this function. That does not happen.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Suggestion for a lowlevel fsnotify change daemon.

[Stef Bon]

Hi all,

for some time I have been looking at the issue why fsnotify does not work
with network filesystems and FUSE (with a shared backend).

I've found out that changes initiated on the localhost, on the filesystem
are supported by the fs change subsystems on Linux, and events initiated at
the backend (from another host with network fs)  are not detected. This is
because the filesystem are not aware a watch has been set on an inode,
and thus cannot act on it.
(if they act if they are aware is another question).

I've tried to tackle this in the kernel. I've made this working with a FUSE:
- when a watch is set on a FUSE fs, a message is forwarded to the userspace
daemon containing the inode and the mask. I had to add a opcode
FUSE_FSNOTIFY.
- the fuse fs has to react in it, by setting a watch on the backend. I
wrote a simple overlay fs, and setting a watch on the backend is simple
- I had to add some calls to the fuse library to push changes to the VFS
where there is no direct related call from the VFS. (files are added and/or
files are changed)
- the FUSE kernel module in VFS has to trigger fsnotify call when events
are pushed to the VFS by the userspace daemon.

This worked but is I think not the best way to deal with it.

My suggestion it to write a fs notify change service which does all the
watching for clients, like there are already services for desktops right
now.

This service should also work with a console app like mc, but also with
desktop environments like Gnome and KDE.

It should also be able to forward a watch to a filesystem like FUSE and
cifs and nfs, so that they know a watch has been set.
They can act then on it, by forwarding the watch to the backend. SMB does
upport this, NFS4 also, and you can make FUSE also support it(depending the
protocol).
When the fs receives an event, it can send it back to the fs notify change
service, which informs the client(s). This way the filesystem also stays up
to date.

To forward a watch and to read to incoming fsevents, a
socket/filedescriptor is required. A FUSE fs can easily connect to it at
startup, the in kernel filesystems need some extra. Via mountoptions parse
the fd to the kernel?

Is this something what can be added to systemd? Please let me know what you
think of it.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Suggestion for a lowlevel fsnotify change daemon.

[Stef Bon]

2015-07-28 19:20 GMT+02:00 Simon McVittie simon.mcvit...@collabora.co.uk:

 On 28/07/15 17:28, Mantas Mikulėnas wrote:
  At first look, this seems very similar to FAM (which even supported
  NFSv3, using custom notifications over SunRPC).
 
  Later I remember GNOME replaced it with Gamin and finally with
  local-only inotify inside glib/gvfs.


No, what I propose is a fs notify change daemon which is able to forward a
watch to individual filesystems,
and can listen to events coming from these filesystems from the backend.

Gamin can't do that. It's not maintained anymore and difficult to
understand.




What GLib actually uses is an abstraction with multiple backends,
 including inotify (the default on Linux) and FAM; so in principle it
 could have a backend for some new thing, or even use inotify for normal
 local filesystems and the new backend for other mounts.


I'm afraid I do not understand you here.

 - the FUSE kernel module in VFS has to trigger fsnotify call when

  events are pushed to the VFS by the userspace daemon.

 If you're adding a monitoring/notification call to FUSE, would it be out
 of the question for the user-space API to it to be exactly use
 inotify? (Or fanotify, or whatever is believed to be the right
 user-space API for file monitoring these days.)


I've written that I've tried this, and also that I stopped this idea, cause
it's not the way to go.
But for your understanding, the underlying subsystem is fsnotify, and it
does handle inotify and/or fanotify, whatever is used.
So userspace should use the fsnotify api.



  It should also be able to forward a watch to a filesystem like
  FUSE and cifs and nfs, so that they know a watch has been set.
  They can act then on it, by forwarding the watch to the backend. SMB
  does upport this, NFS4 also, and you can make FUSE also support
  it(depending the protocol).

 If the in-kernel implementation of NFS or CIFS isn't enhanced to support
 monitoring, this can't work.


At this moment this can't work, but for CIFS in the past it worked (with
dnotiify). See:

See line 6459 in cifssmb.c in /fs/cifs in the kernel. It is disabled for
now.
But support in SMB (SMB servers do support it).

I know that the NFS4 protocol also supports it.

You must understand that the protocols do support it, but it does not work
with Linux, cause
nobody has tried it yet, and fsnotify does not let the individual
filesystems know that there is a watch set.

There are network filesystems/protocols like webdav which do not support
the setting of a watch and getting
fsevents from the backend. Webdav is build upon HTTP, and the current
version does not support the pushing of events
from the server to the client. We have to wait for version 2 of the HTTP
protocol, as the main developer of the webdav proto
told me Joe Orton.


 If the in-kernel implementation of NFS or CIFS *is* enhanced to support
 monitoring, is there any reason for the kernel not to present the
 resulting information to user-space via inotify? In other words, is
 there a reason why a user-space service is necessary?


Like I mentioned in the first post and here again, the filesystems like
FUSE, NFS and CIFS (and other)
are not contacted by fsnotify about a watch. This is by design.

So if the kernel does not do this (and beleive me there are good reasons
for), you have to do this in userspace.

Stef Bon




 (I realise that one possible reason for a user-space service is so that
 it can aggregate all the periodic polling, on filesystems that don't
 have anything better you can do - that's why FAM had a daemon, if I
 remember correctly.)


Yes that's one reason.  But there are more reasons to do this in userspace,
see above.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] User sessions, session buses, user buses

[Stef Bon]

2015-01-30 9:30 GMT+01:00 Simon McVittie simon.mcvit...@collabora.co.uk:
 In principle, a PAM module or something could ensure that we have a
 dbus-daemon per login session, even tty/ssh/cron login sessions
 (which all go through PAM). In practice, nobody has ever cared enough to
 implement this, so we're left with D-Bus autolaunch, which can't
 actually work for tty sessions and had bad side-effects from its
 attempts to do so, so I disabled it 3 years ago in favour of
 recommending that users requiring a D-Bus session should start their own
 and manage its lifetime themselves e.g. with dbus-run-session(1).


Hi all,

I've never understood why the session bus is started through dbus-launch.
Leave it to the login manager (not PAM), or provide the socket and
activate the session bus only when
some app is connecting to it, which can be a graphical session, but
may be also a console.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Hoe is het met je?

[Stef Bon]

Hi,

hoe is het met je?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

2013/2/11 Lennart Poettering lenn...@poettering.net:
 On Mon, 11.02.13 12:59, Stef Bon (stef...@gmail.com) wrote:


 And since you say it's simple by just make the call, can you just
 describe what to do to make a plugable device like the UD-160-A/M turn
 into a dockingstation?

 loginctl attach seat0 sysfs


Aha ! That I missed!! This makes sense. I thought a device as a
docking station is hanlded seperate, with the tags for the seat set
like seat1 ot seat2.
Just attach to seat0.

 Huh?? If this maillist is only what Lennart agrees with  I stop here
 direct.

 Well, I wrote the multi-seat support, I guess you have to arrange
 yourself with the fact that I have a say in it.


Of course. I only reacted this way while I was only gave a situation
as example, and not a suggestion to create a different policy, and got
annoyed.


 Nope, we don't do that anymore. You want these things to just work. Of
 course currently this will only work for those who want to use the
 device for multi-seat purposes... But getting this work automatically
 for most people, and allowing all others to reconfigure is better than
 making a bad user experience for everybody.

Yes.


 If the user chooses a docking station, the tags like ID_FOR_SEAT and
 ID_AUTOSEAT have to be removed (cause it's not a seat!) and replaced
 by something like ID_DOCK or something simular.

 This is not very handy isn't it?

 Please read up again on the basic concepts of multi seat, and keep in
 mind that the docking station logic just means attaching more devices to
 seat0 instead of creating a new seat. Thus, with the loginctl line
 above you can do what you are asking for...

I understand that with loginctl attach you can assign a device to
seat0, making it a docking device (other programs should pick this up
of course), this creates a permanent rule. I will experiment with it.
I've got three of these plugable devices.

Earlier I've given an example about handling the first device as a
docking station, and every next as extra seat. This is not a suggested
default, but a situation as example., and how the system can handle
this situation compared too what you want.

Thanks a lot  for clearing this,

Stef



 Of course, doing this via the command line is not user-frienldy, but
 maybe this will one day get fixed and somebody writes a proper UI for
 it...

Well maybe me.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

2013/2/8 Lennart Poettering lenn...@poettering.net:
 On Fri, 08.02.13 12:27, Stef Bon (stef...@gmail.com) wrote:


  No, udev contains the information which devices together make up a
  seat. Hence, it is also udev where it is stored whether something is
  used in docking station style or in new seat style.

 Can you please tell me where?

 Bus calls such as AttachDevice() (and hence loginctl attach-device
 too, which is just a wrapper around that bus call) drop in udev rules
 files for this in /etc/udev/rules.d.

Look this is getting us nowhere.

You do not seem to understand my point.

How does this rule look like? I'm asking because I cannot immagine one.

Earlier in this thread I've described the scenario of the first
plugable device being a docking station, and every next plugable
device an extra seat.

This logic can't be done with simple rules like in udev. Plugable
devices do not have unique id like partitions on block devices have,
so the rules can only be very generic. Every plugable device is a seat
or a docking station. There can't be something like I've described
above, the first a docking station, and every next an extra seat.
Isn't it?

In my opinion the setting of the tags seat in udev is not the best
place. They should be grouped in udev, and the group of devices is
made an extra seat or docking station by GDM or any other service like
logind, that I do not know.

A gui/message on the screen of the admin that a group of devices is
detected and asking to the user what to do is in my opinion also very
nice.


Stef Bon
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

2013/2/11 Colin Guthrie gm...@colin.guthr.ie:
 'Twas brillig, and Stef Bon at 11/02/13 08:45 did gyre and gimble:

 Look this is getting us nowhere.

 You do not seem to understand my point.

 How does this rule look like? I'm asking because I cannot immagine one.

 But calling those methods will generate and write the rule for you. In
 order to imagine the rule, just make the call and see what results from it.

 In actual fact, what does it really matter what the rule looks like. You
 shouldn't really worry about the rules directly as the API should be
 sufficient for you without caring what they look like.


Huh?? I do care since I think the way these plugable devices are not
handled optimal, especially from the point if view from the user.

And since you say it's simple by just make the call, can you just
describe what to do to make a plugable device like the UD-160-A/M turn
into a dockingstation?

 I'm not sure Lennart agreed that the first one should be a docking
 stating and every other an extra seat. I mean the devices are varied.
 Some are marketed as docking stations, others as seats and it's likely
 best to treat them like that regardless of how many you plug in. After
 the initial defaults, then the udev rules should be able to override that.


Huh?? If this maillist is only what Lennart agrees with  I stop here direct.
I've given the example about a specific situation a user wants to use
a plugable device like UD-160-A/M as a docking station (thus as
UD-160-A) in stead of an extra seat (thus as UD-160-M). If the user
wants to do that the handling of these devices should be flexible
enough to make that work. And in my opinion this is not the case right
now.

This example was just an example, and not intended as general policy.

And about serial numbers? I cannot find these. Sorry.


 I think udev is the right place personally. Having some separate system
 to do this seems incorrect and counter intuitive to me.

As I see it is that right now there is no way to change the defaults
set by udev (see above). What udev of course has to do is group these
devices, and not from the start point devices as being a seat. See
above: how to set another role than an extra seat for a device?

In my opinion, when a device like the UD-160-M/A is detected, and an
admin user is logged in, that user should get a screen with a choice
what to do with that device. Depending on what he/she chooses, the
tags are set.

Right now this is all handled by udev. You cannot make udev  start a
gui, and wait for outcome.

If the user chooses a docking station, the tags like ID_FOR_SEAT and
ID_AUTOSEAT have to be removed (cause it's not a seat!) and replaced
by something like ID_DOCK or something simular.

This is not very handy isn't it?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

2013/2/8 Lennart Poettering lenn...@poettering.net:
 On Wed, 06.02.13 14:24, Stef Bon (stef...@gmail.com) wrote:

 Ok, when logind sends out a message (after seat added or removed) it's
 up to the services like gdm(?) what to do with it: use it as docking
 station or to start a new session (eg a real seat) ( when it comes to
 adding).

 No, udev contains the information which devices together make up a
 seat. Hence, it is also udev where it is stored whether something is
 used in docking station style or in new seat style.

Can you please tell me where?

As I see it in udev only tags (=properties) are set to create groups
of devices.
Now this is a bit double (=confusing) since by udev also the name seat
for these groups is used, while a group of devices is not neccesarly a
new seat. It can be also a docking station, or maybe has no special
function if the user wants that.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

Hi,

Thanks

what should the gui toolkit be? Gtk3? I prefer that over qt, which is not
my favorite.

And is there a location to store the project? I can of course get one at
github or something like that, but maybe there is a better one?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

Hi,

I'm experimenting with the plugable ud-160-A as seat extender. I'm
borrowing it from Hans de Goede.

Now it works very good, only with new monitors using the newest EDID
technique it blocks. Hans has already posted a patch.

But with an older monitor it works great!!

Now I would like contribute on the gui. I know it is very nice to have! I
do not have recent experience creating guis, but for my on project I have
to create a simple gui filebrowser as well.

Is there already some working on that?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

Lennart wrote here:


http://0pointer.de/blog/projects/multi-seat.html

(Later on we'll probably have a graphical setup utility for additional
seats, but that's not a pressing issue we believe, as the plug-n-play
multi-seat support with the Plugable devices is so awesomely nice.)

Fourth alinea.

A seat manager would be very nice. Something to admin the session
and/or users for the extra seat(s).
Also possible is to create a seat when not using plug and play tools
like those from plugable.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Someone working on gui for multiseat?

[Stef Bon]

Hi,

First I'm talking about ud-160-A.

Second the patch:

https://bugzilla.redhat.com/show_bug.cgi?id=894299

It's a patch for the displaylink driver.

Third:

have you tried to connect the monitor using the vga adapter?
That should work.

Stef

And please do not mail to a lot of people. That does not work. You mention:
p.s.
If I have omitted anyone from the list, I apologize in advance :)

Are you serious?
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Offtopic question.

[Stef Bon]

Hi,

I've read about the possible bugs.
About the combination between mmap and mandatory locks:
of course the mapping of memory is causing troubles when a mandatory lock
is set. The mapped region should or forward the lock to the new memory
location (where remapped) or the mmap should be denied, unless the locking
allows it (when the mandatory lock is read, allow read access, if a write
lock, deny all others, also mmap). The first is causing too much overhead,
so the second is in my opinion the best option.

Second, when a write is allowed, and a read lock is set (which is possible
according to

http://kernel.org/doc/Documentation/filesystems/mandatory-locking.txt

then the implementation is not right.

Like other operations which require exclusive access to a region of a file,
like writes do, denying other writes to the same region at the same moment,
I guess this locking should also behave like that. If this isn't the case
(where theoretically it is possible that writes are done when a read lock
is set) then there is something wrong.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Offtopic question.

[Stef Bon]

Well, I'm working on notifyfs, a fuse fs which is a cache for gui clients
and a filesystem event notifier. It uses inotify on linux to notify clients
about changes. I want to be complete and add information about locks as
well (new, changed and removed).
On the localhost this requires monitoring the locks file.

But what do you mean by it's broken. I know it's not mandatory, so clients
can ignore it. But is it totally useless??

I'm planning to add lockinfo also for network filesystems like cifs and
nfs, by monitoring the remote host.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Offtopic question.

[Stef Bon]

Yes, thanks a lot. I've read it, understood, maybe this whole locking thing
should be replaced with a better approach. First you mention in the first
blog entry:

Mandatory locking is available too. It's based on the POSIX locking API
but not portable in itself. It's dangerous business and should generally be
avoided in cleanly written software.


Now, what do you mean? I think that mandatory locking is actually better. A
lock by definition is a way to prevent other processes/threads to use a
specific range in a file. What's the use of it when it's not mandatory?
I've read the paper:

http://kernel.org/doc/Documentation/filesystems/mandatory-locking.txt

which is clear to me.


Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Offtopic question.

[Stef Bon]

2013/1/3 Kay Sievers k...@vrfy.org


 FWIW, adding poll() support would look like something like this:

 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=66d7dd518ae413a383ab2c6c263cc30617329842

 Kay


Thanks a lot. I will try to write a patch with it, although the way linux
handles locking is troublesome.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Offtopic question.

[Stef Bon]

Hi,

sorry for the offtopic question here, but I do not know a better place for
it.

I'm building a lockmonitor. I thought that would be just as easy as with
the /proc/self/mountinfo file.

But that is not the case. It's not pollable, like the mountinfo fle is.
I've looked into the code of the kernel, (fs/locks.c versus
fs/proc_namespace.c) and there it's abvious. The file_operations with the
locks file misses the .poll operation.

Now first howto implement this? Someone a hint?

The mountinfo poll function is related to changes in namespace, but for the
locks that is different I guess. That changes when a lock has been set or
released.

And by the way, isn't this locks file not namespace specific?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Offtopic question.

[Stef Bon]

You are sure?? I mean the locks file, not the mounts file.
I think you haven't understood my post very good.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Offtopic question.

[Stef Bon]

No problem. Just a misunderstading or how you want to call it.

Stef


2013/1/2 Dave Reisner d...@falconindy.com


 On Jan 2, 2013 5:41 PM, Stef Bon stef...@gmail.com wrote:
 
  You are sure?? I mean the locks file, not the mounts file.
  I think you haven't understood my post very good.

 Not a lack of understanding, just misread it. My bad.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] sd_get_uids gives a sorted list?

[Stef Bon]

Hi,

I'm implementing the sd_get_uids function in my app. It basically
reads the directory /run/systemd/users.
I do not know, is this list already sorted?? this is the same question
as is the readdir function sort sensitive?

If not, I have to add a sort function.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] sd_get_uids gives a sorted list?

[Stef Bon]

2012/7/26 Kay Sievers k...@vrfy.org:
 On Thu, Jul 26, 2012 at 2:16 PM, Stef Bon stef...@gmail.com wrote:
 I'm implementing the sd_get_uids function in my app. It basically
 reads the directory /run/systemd/users.
 I do not know, is this list already sorted?? this is the same question
 as is the readdir function sort sensitive?

 readdir() in many cases returns stuff in reverse order of creation,
 the order is not defined, and it is never sorted.

 Kay

Thanks,

I've added the sort function. It is easy, uids is a simple array with
length known.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Howto detect a session start (and end) with systemd?

[Stef Bon]

Ok,

forget last message. I've found test-login.c, which gives all answers.

Stef

2012/6/30 Stef Bon stef...@gmail.com:
 Yes,

 thank you. It looks like a can use that. It just provides what I need.

 The monitor sd_login_monitor can provide a fd. What happens with this
 fd? Is there data readable?

 Stef

 2012/6/27 David Herrmann dh.herrm...@googlemail.com:
 Hi Stef

 On Mon, Jun 25, 2012 at 11:27 AM, Stef Bon stef...@gmail.com wrote:
 Hi,

 I'm working on a construction which creates workspaces for a user
 when he/she logs in.

 These workspaces are directories with vritual directories managed by a
 FUSE fs, with access to mountable resources like harddisks, usb
 sticks, cdroms but also network services like smb shares.

 In practice this will mean for example the creation of the maps

 Devices

 and

 Network

 in the homedir of the user, and access to local block devices is able
 when accessing Devices, and a browseable network map is created in
 Network. The first type of workspace works, but still in alpha, more
 testing is required, and currently working on the network map enabling
 the detection of smb workgroups, servers and shares on the fly.

 Mounting is done by the automounter, using for example mount.cifs for
 the smb shares, and contents is redirected to the location where the
 resource is available in the workspace by the FUSE fs.

 This construction does not depend on any gui or desktop environment,
 like KDE or Gnome, and works on filesystem level. Anyone - also when
 loging in from text console - can use this.

 Now this works already very good. I've one program (fuse-workspace)
 which watches the sessions starts and ends. I've made this work by
 adding the pam module pam_script to the relevant pam files, and make
 that module run scripts which maintain a usersessions file.
 Fuse-workspace watches that file for changes.
 This works, and I'm keeping this for a always working fallback, but
 I would like to know how to do this with systemd, since this is doing
 that also, and doing things double is never a good thing on systems
 with systemd installed.

 For example: is watching the directory /run/systemd/sessions by
 inotify a good idea? (inotify is already used).

 You can use the sd-login library. It does basically the same as you
 suggested. It watches the right directories for changes and notifies
 you. However, it also has some handy helpers to list all sessions so
 you can refresh your session-list every time the directory changes.
 See sd-login.h for more information.

 Regards
 David
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Howto detect a session start (and end) with systemd?

[Stef Bon]

Hi,

I'm working on a construction which creates workspaces for a user
when he/she logs in.

These workspaces are directories with vritual directories managed by a
FUSE fs, with access to mountable resources like harddisks, usb
sticks, cdroms but also network services like smb shares.

In practice this will mean for example the creation of the maps

Devices

and

Network

in the homedir of the user, and access to local block devices is able
when accessing Devices, and a browseable network map is created in
Network. The first type of workspace works, but still in alpha, more
testing is required, and currently working on the network map enabling
the detection of smb workgroups, servers and shares on the fly.

Mounting is done by the automounter, using for example mount.cifs for
the smb shares, and contents is redirected to the location where the
resource is available in the workspace by the FUSE fs.

This construction does not depend on any gui or desktop environment,
like KDE or Gnome, and works on filesystem level. Anyone - also when
loging in from text console - can use this.

Now this works already very good. I've one program (fuse-workspace)
which watches the sessions starts and ends. I've made this work by
adding the pam module pam_script to the relevant pam files, and make
that module run scripts which maintain a usersessions file.
Fuse-workspace watches that file for changes.
This works, and I'm keeping this for a always working fallback, but
I would like to know how to do this with systemd, since this is doing
that also, and doing things double is never a good thing on systems
with systemd installed.

For example: is watching the directory /run/systemd/sessions by
inotify a good idea? (inotify is already used).

Or do I have to write a dbus connection?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Ubuntu, Upstart, and systemd

[Stef Bon]

 Such kind of infrastructure already exists - see os-autoinst [1]. Atm
 it's used primary by openQA [2] of openSUSE project to test our Factory,
 but main page claims a support for other distributions as well.


Hi,

You go into the numbner oi tests available, and how to improve , maybe
Shuttleworth means something else. It's better to try to start a
contact him (and the team he refers to) than go into one subject he
mentions, to check what he means.

I can imagine something of what he describes, but I cannot speak for him.

Stef Bon
the Netherlands
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Unit configuration for FUSE file system

[Stef Bon]

2012/4/29 Nikolaus Rath nikol...@rath.org:
 Hello,

 I am struggling to come up with the correct way to define a unit
 configuration for a FUSE based network file system.

 Generally, the file system needs to be mounted and unmounted with its
 own programs (rather than with mount and umount). The main reason for
 the custom umount command, however, is that it uses some /proc based
 hacks to block until the mount process has actually exited (this may
 take quite some time even after the mountpoint has been freed, because
 cached data is may still be transferred over the network).

 Things I am confused about:

 Is there a way to express this in a .mount unit, or do I need to declare
 this as a more general .service?

Hi,

the way I see it is that FUSE filesystems are not just like any other
mount, more a program which happens to be a filesystem.

So I think it's the best choice to handle it like a normal program,
and make use of a pidfile, which systemd can watch (or make use of a
dbus service, but that's probably not the case).

Your program should remove the pid file when finished, and should
react on  signal (this is configurable) to finish, and should take of
unmounting itself.
Bottom line is that systemd does not take care of the (u)mounting, but
stopping and starting of the program. The FUSE fs should take care of
the (u)mounting. This means probably a wrapper.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] About autofs: no handling of expire??

[Stef Bon]

2012/5/2 Lennart Poettering lenn...@poettering.net:
 (autofs_ptype_expire_direct). Is this on purpose?
 I see a timeout set, so I guess it was the intention to handle the
 expire.

 We currently don't do expiration, since this wasn't intended as a full
 autofs implementation, but just a way to parallelize and delay load
 things at boot.

 That said, we could support expire easily I guess, and so I have now
 added this to the TODO list.

Well you do not have to. I'm just asking.

 It works, so here probably happens something strange: while using the
 field packet.hdr, actually the field packet.v5_packet.hdr is used. Is
 this correct?

 In Autofs5 all packets have the same format which exposes
 pid. i.e. autofs_packet_xxx_yyy_t are all typedef'ed to the same packet
 struct. Hence accessing this this way is safe.

Well yes every autofs packet starts with a header. If it's a autofsv5
pakket, it also starts with a header. Probably because it's the first
struct in the union AND the first field part of autofs_v5_packet, it
works.

I'm just checking the code and see I understand it to write my own
autofs implementation using FUSE. The FUSE fs will somehow be what now
is the browseable map with indirect maps with the automounter, and
somehow  I have to find a way to make a specific directory a direct
autofs mountpoint.

Thanks,

Stef Bon
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Unit configuration for FUSE file system

[Stef Bon]

2012/5/2 Nikolaus Rath nikol...@rath.org:
 On 05/02/2012 03:53 PM, Lennart Poettering wrote:
 On Sat, 28.04.12 20:41, Nikolaus Rath (nikol...@rath.org) wrote:
 automatically, without any manual kludges. We won't support any other
 hacks in systemd. Sorry.


 Ah, ok. Mounting with /bin/mount -t myfusefs works just fine, so I
 should be good on that side. What I'm worried about is unmounting. The
 file system can be unmounted with umount /mntpoint, but when this
 command returns, the mount helper that was started by /bin/mount is
 still running and doing important things. Will systemd notice this and
 act accordingly (e.g., wait for this process to terminate before
 stopping the network)?


Hi,

because your fs is not terminated (as I understand it) when umounted
(as I read it some caching) the umount action is not the thing systemd
should react on.

That's why I advise to use a pidfile systemd can watch. When ready,
remove the pidfile. I do not know this is possible in the systemd
mount context, but as far as I know with the service files.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] About autofs: no handling of expire??

[Stef Bon]

Hi,

I've been looking into the code how systemd handles the automounting.

I've got two issues:

a. I've found the handling of the missing packet
(autofs_ptype_missing_direct), which triggers the
mounting. But I did not found the handling of the expire packet
(autofs_ptype_expire_direct). Is this on purpose?
I see a timeout set, so I guess it was the intention to handle the expire.

b. the packet read from the pipe is of type union
autofs_v5_packet_union which looks like:

union autofs_v5_packet_union {
struct autofs_packet_hdr hdr;
struct autofs_v5_packet v5_packet;
autofs_packet_missing_indirect_t missing_indirect;
autofs_packet_expire_indirect_t expire_indirect;
autofs_packet_missing_direct_t missing_direct;
autofs_packet_expire_direct_t expire_direct;
};

where autofs_v5_packet is:

struct autofs_v5_packet {
struct autofs_packet_hdr hdr;
autofs_wqt_t wait_queue_token;
__u32 dev;
__u64 ino;
__u32 uid;
__u32 gid;
__u32 pid;
__u32 tgid;
__u32 len;
char name[NAME_MAX+1];
};

now in the code of automount_fd_event, the selection is based upon
packet.hdr.type, and futher the fields
packet.v5_packet.pid are used. Now this while packet is an union: it's
used as hdr OR as autofs_v5_packet, not both at the same time.
It works, so here probably happens something strange: while using the
field packet.hdr, actually the field packet.v5_packet.hdr is used. Is
this correct?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] RFC: User sessions in systemd: `systemd --user` - code and experiences

[Stef Bon]

2012/4/13 Kok, Auke-jan H auke-jan.h@intel.com:
 All,

 As some of you might know, I've been working on integrating systemd in
 Tizen. While currently the Tizen OS is still using sysvinit, we hope
 to merge systemd in the near future and even expand the use of systemd
 throughout the system beyond what systemd currently brings. I will be
 presenting a talk at the Tizen Conference in May in San Francisco on
 this topic as well.

Very very good analysis and work!

Thumbs up!

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Status multiseat?

[Stef Bon]

Hi,

I'm informing the status of multiseat.

I've read here:

http://fedoraproject.org/wiki/Features/ckremoval

that there is worked on automatic detection of multiseat.

Some notes:

. automatic is only possible for local seats

. maximum local seats is the minimum of terminals and keyboards (=N)

. part of N is X seat, where a mouse (or any other pointing device)
is available and maybe required is a framebuffer with some
capabilities.

. manual configuration overrides automatic detection. I've got two
terminals in dual monitor (onescreen over two terminals) setup.

. remote seat detection is never automatic, but happens on the fly
when someone logs in.

Is analysis ok?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] New pam module to start a session.

[Stef Bon]

No I didn't. I will post it on the pam maillist, see what they think of it.

Stef

2011/10/14 Daniel J Walsh dwa...@redhat.com:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 On 10/14/2011 04:34 AM, Stef Bon wrote:
 Hi,

 I've rewritten an existing pam module pam_script. What it does:

 . runs a script . unshare the mount namespace (if configured,
 default yes)

 if the directory to chroot to is specfied it does also:

 . mount all the required directories like bin, lib, usr etcetera. .
 chroot to this directory

 See:

 git clone git://gitorious.org/pam_script/pam_script.git pam_script
 cd pam_script


 Please some comments. Especially the starting of a session, is
 this enough? If you look to the code you'll see that I've copied
 from nspawn.c the check is_os_tree and mount_all functions, and
 adjusted them a bit(is this ok?)

 In nspawn a lot more is done but I'm not that familiar with these
 low level operations. So please comment on this.

 Stef ___ systemd-devel
 mailing list systemd-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/systemd-devel

 Did you look at extending pam_namespace?
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.11 (GNU/Linux)
 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

 iEYEARECAAYFAk6YL2IACgkQrlYvE4MpobPL9gCeJ4/aKVMKiGoAjD+K5cD7paZR
 xocAoJfTC3bYV/0Irzkp34eIwqClDCc4
 =yZh7
 -END PGP SIGNATURE-

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Question about nspawn.c

[Stef Bon]

Please let me explain why I think this is strange to me:

in line 713 there is a call to clone, so here the cloned child process
has it's own namespace.

in line 759 all the submount like proc, dev and sys are done on the
directory to change to.

in line 775 the mount is done were talking about, using arg_directory

A bind mount I can understand, but a move?? Moving the root to
arg_directory will overwrite the just
created mounts done in line 759?
These mounts are created in this namespace...

Stef

2011/8/24 Lennart Poettering lenn...@poettering.net:
 On Wed, 24.08.11 11:41, Stef Bon (stef...@gmail.com) wrote:


 I see, but why the MS_MOVE?

 In the namespace we are not interested anymore in the original mount. We
 want to move it to our root dir.

 As I already tried to explain, a move is a little bit strange, you do
 not want to move the root.

 Actually I do. Remember this is in the private namespace!

 Does the combination MS_BIND | MS_MOVE first do a bind, and moves that
 bind to the desired location?? If this is the case, it makes more
 sense.

 Thinking about it I figure MS_MOVE might actually suffice. Not sure.

 Lennart

 --
 Lennart Poettering - Red Hat, Inc.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Question about nspawn.c

[Stef Bon]

2011/8/24 Lennart Poettering lenn...@poettering.net:
 On Wed, 24.08.11 14:38, Stef Bon (stef...@gmail.com) wrote:


 Please let me explain why I think this is strange to me:

 in line 713 there is a call to clone, so here the cloned child process
 has it's own namespace.

 in line 759 all the submount like proc, dev and sys are done on the
 directory to change to.

 in line 775 the mount is done were talking about, using arg_directory

 A bind mount I can understand, but a move?? Moving the root to
 arg_directory will overwrite the just
 created mounts done in line 759?

 No, it's the other way round. We move arg_directory to /, so that it
 becomes our new root directory of the namespace.

Ah!
That explains it. I did not see that.
Thanks a lot!

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Question about nspawn.c

[Stef Bon]

Hi,

I'm looking for developing a pam module which creates a new namespace
and a chroot.
It's doing at the same time what pam_script, pam_chroot and
pam_namespace do, but then in one module.

I'm using nspawn.c to look how it does a chroot, mounting the
different important system directories.

I'm using the unshare systemcall, instead of clone.

I've got a question about a commadn in nspawn.c, at line 775:


mount(arg_directory, /, bind, MS_BIND | MS_MOVE, NULL)

(systemd 3.3)

Why the combination MS_BIND | MS_MOVE here??
A move is a little bit confucing, since a move of the root, while the
subirectories are already mounted.
It looks more a bit to make the new namespace consistent or something like that.

Can someone explain this?

Thanks in advance.

Stef Bon
the Netherlands

btw I know what a bind mount is, but the combination MS_BIND | MS_MOVE
in this context is the issue.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] namespace: session dependant mtab

[Stef Bon]

2011/8/3 Kay Sievers kay.siev...@vrfy.org:
 On Wed, Aug 3, 2011 at 16:07, Stef Bon stef...@gmail.com wrote:

 Isn't it a good idea to provide every different namespace a own mtab,
 containing only the mounts visible for that namespace?

 You mean /etc/mtab? Systemd requires that to be symlink to
 /proc/mounts, which is always namespace dependent.
Hi,

Yes I mean a symlink to /proc/mounts.

OK! I did not know that.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Howto run script at begin and end of session: sessionsupport?

[Stef Bon]

2011/7/15 Lennart Poettering lenn...@poettering.net:
 On Fri, 15.07.11 08:24, Stef Bon (stef...@gmail.com) wrote:


 /etc/ConsoleKit/run-session.d

 We currently don't support this in systemd, and right now I see no good
 usecase that might convince us to add that.

 Can you elaborate what you are planning to do with it? If you have a
 good usecase we might add this.


Well what I want to do is to create a layer around the normal
filesystem, using a FUSE fs. Maybe you've read earlier about this,
I've send a proposal about this to the meeting in Berlin
Guadec/Akademy.

The FUSE fs and several make the system for the user look like:

/Computer
/Home
/Internet Services
/Home
/Network
/Mounts
/Shared
/System


To make this work several scripts are run at the begin of a session
(and to clean when session stops)

Roughly it comes to:

1. determine settings
2. if settings say so:
2a. setup environment in /var/lib/workspace/%USER/chroot by mounting
FUSE fs fuse-workspace and remounting the normal system to it.
2b do a chroot using pam_chroot

Now I see that the chroot is deprecated, namespaces are better. I'm
not familiar with it, and reading about it now.

But what I want is to run some scripts when a session starts (and when
it ends) to run a determine settings and create a namespace.

I've looked to pam_namespace, but I need more.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [ANNOUNCE] systemd v30

[Stef Bon]

Hi,

what I've read is great, about session support and multiseat. In my
opinion the managment of seats and sessions always could be much
better, and your work looks good.

Futher it's smart to assign a usb hub to a certain seat and let all
devices connected be part of the same seat. In practice this is how it
goes, just plugin a usb hub and connect all the devices (keyboard,
mouse..) for the new seat to it.

I haven't had time to do much about me writing about systemd in
CBLFS/BLFS. I'm busy for a presentation I will give this in Antwerp:

http://we.voidwarranties.be/index.php/VoidCon2011

and been very busy for, as well as writing a new fuse fs basefs, which
is a FUSE test fs to decode audio files on the fly.

If you need a FUSE fs for your construction, I would like to do that,
it's sort of my area.
And for a construction I'm working on, a FUSE layer around the normal
Linux system, something like GoboLinux I need a scheduler. Now I'm
using at, which some enhancements, see:

http://linux.bononline.nl/wiki/index.php/At_extension_scripts

This does what is needed for my construction, and has features like
scripts/program's which can reschedule themselves. Like a rotatelog
files script, and it's running every day once. This is ok, but then
somehow there appears much more logging, causing the logsize get much
much bigger, the script decides it has to run much more frequent, say
twice a day.
This dynamic behaviour I haven't seen before.

At this moment this is complicated, using cron/fcron. With the at
extension script this is easy. I'm thinking about writing a new prog,
using polkit and the newest techniques like epoll, inotify and
timerfd. Something also interesting for systemd?

Stef

2011/7/14 Lennart Poettering lenn...@poettering.net:
 On Thu, 14.07.11 00:20, Lennart Poettering (lenn...@poettering.net) wrote:

 - Similar, there's another one for time changes. Docs in the wiki on
   this iface will be available shortly.

 It is now:

 http://www.freedesktop.org/wiki/Software/systemd/timedated

 - Multi-seat support is pretty comprehensively available now. X11 and
   gdm have not been ported to it yet. Documentation about the multi-seat
   logic will show up in the wiki shortly, too.

 And here it is:

 http://www.freedesktop.org/wiki/Software/systemd/multiseat

 Questions? Comments?

 Lennart

 --
 Lennart Poettering - Red Hat, Inc.
 ___
 systemd-devel mailing list
 systemd-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/systemd-devel

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Error: inappropriate ioctl stty standard input

[Stef Bon]

2011/6/28 Stef Bon stef...@gmail.com:
 2011/6/27 Lennart Poettering lenn...@poettering.net:
 On Sat, 25.06.11 21:57, Stef Bon (stef...@gmail.com) wrote:

 Hi,

 I've been able to make my shiny new LFS system boot using systemd, but
 still with errors. When the tty's are activated,
 Iget the message:

  stty: standard input: Inappropriate ioctl for device

 This usually indicates that your standard input in this shell is not
 actually a tty, but some other kind of fd. By doing readlink
 /proc/self/fd/0 you might be able to find out what your stdin is
 connected to.

 Well,
 Ive been playing around with the kernel, I guess I had not selected
 the right options.

 I'm able to login after 6 seconds, in my Shutle Barebone, on a normal
 SATA harddisk.

 BUt still, after all the logmessages, there does not seem to happen
 anything, but when I do a newline, there appears the login. When I do
 something else, like a character and then enter, the password prompt
 appears.

 So the login is present, but not visible. I already see that the login
 appears, but that is overwritten by messages about bringing up tty and
 the network, which is a rc.d script.

 I thought it wat the getty prorgram, I've already swiched to mingetty,
 which by default clears the screen, but that did not help. I've also
 been playing around with logtarget=syslog, or console or null, it does
 not change.

I added the option

quiet

to the kernel commandline, and now it's fine. But now all the messages
dissapeared.

I still would like to see messages, about the network being activated etc..

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [HEADSUP] We no longer spawn 6 gettys by default

[Stef Bon]

Hi,

I think it's ok to only activate the getty programs on demand. Maybe
use only mingetty??
Who works on the serial line these days? mingetty is faster

I would like to add the following:

I had some trouble with logmessages on my screen while the login is
there already.
This has probably something to do with the asynchronous behaviour of
the system startup
systemd does.

Now to make these messages go away not polluting my login screen, I added the

quiet

option  on the kernel commandline. This worked, and the login is there
in about 3seconds!

BUt I still would like to see the logmessages somewhere, like the
network coming up, and what ip assigned etc.

Isn't it a nice thing to have one tty assigned to be a logconsole,
ie no login there, but logmessages?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [HEADSUP] We no longer spawn 6 gettys by default

[Stef Bon]

Ok, I did not expect this. Ok, stupid idea, forget it.

But what about the log console, redirecting log to one of the
virtual consoles, reachable via alt-fx?

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Error: inappropriate ioctl stty standard input

[Stef Bon]

Hi,

I've been able to make my shiny new LFS system boot using systemd, but
still with errors. When the tty's are activated,
Iget the message:

 stty: standard input: Inappropriate ioctl for device

When I'm logged in, I see the various tty files have root:tty rights,
but not tty1 - tty6, they have root:root, unless tty1 and tty, which
are owned root:tty again.

Something is wrong here, but I cannot see what.

Thanks in afdvance,

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Trying to build on a new LFS system.

[Stef Bon]

2011/6/20 Marius Tolzmann tolzm...@molgen.mpg.de:
 Hi there..

 we are also using a self-maintained LFS based gnu/linux here.

 we switched to systemd in Nov 2010 and it worked fine from the start..

What version are you using?

And what version of kernel? Did you have to tune your kernel?? (for
example devfs..)

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Trying to build on a new LFS system.

[Stef Bon]

Hi,

I'm trying to build systemd on a shiny new LFS system. I roughly followed the
instructions here:

http://www.linuxfromscratch.org/lfs/view/development/index.html

Since this is a very minimal system, you have to add extra software:

gperf
libcap
attr
expat
libxml2
dbus

No PAM, no gtk, no tcpwrap, I even try to ignore sysV init scripts. If
this works a will add this as an alternative
to SysV init scripts. Or is SysV init a requirement?
Right now the output of configure is:

systemd 29

Distribution:other
SysV compatibility:  yes
SysV init scripts:   /etc/init.d
SysV rc?.d directories:  /etc/rc.d
Gtk: no
libcryptsetup:   no
tcpwrap: no
PAM: no
AUDIT:   no
SELinux: no
binfmt:  yes
prefix:  /usr/local
root dir:
udev rules dir:  /lib/udev/rules.d
pam modules dir: /lib/./security
dbus policy dir: /etc/dbus-1/system.d
dbus session dir:/usr/share/dbus-1/services
dbus system dir: /usr/share/dbus-1/services/../system-services
dbus interfaces dir: /usr/share/dbus-1/services/../interfaces


(prefix /usr/local has to be changed...)

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Trying to build on a new LFS system.

[Stef Bon]

2011/6/20 Marius Tolzmann tolzm...@molgen.mpg.de:
 Hi there..

 we are also using a self-maintained LFS based gnu/linux here.

 we switched to systemd in Nov 2010 and it worked fine from the start..

 since we started a new LFS we decided not to integrate any support for
 sysv anymore by compiling systemd with

        --with-distro=other
        --with-sysvinit-path=
        --with-sysvrcd-path=
        --with-rootdir=

 from the first day..

 it may be a good idea not to include any sysv initscripts anymore in LFS
 to really get a clean system..

Good to know it works for you. I had simular options like you.

I get my system booting, but it hangs after

Started recreate volatile files and directories

after a minute or so i get messages about being timed out:

systemd[1]: Job getty@tty2.service/start failed with result 'dependency'
and some more about swap

I've looked buy going into chroot again the various files in
tmpfiles.d, and they do nothing spectacular, creating files, removing
old ones...

But about your suggestion, I guess it's the best not to exclude
things, but give users a choice, with good comments about the
differences and consequences. So offer them both (or more) in the
LFS (or Clfs) book.

If I'm ready with this, I will write the guide for LFS/CLFS.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] Howro install from source?

[Stef Bon]

Hi,

I would like to try systemd on my machine. As someone who installs
everything from source, I would
like to do that also for systemd. I cannot find a guide anywhere to do
this, as I expect a package as systemd
requires more than just

./configure
make
make install

some addition configuration is required I guess.

If there isn't ssuch a guide please some tips. Maybe I'll write the
guide then myself


Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Howro install from source?

[Stef Bon]

Thanks,

this is a good source of info.

Stef
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Designing a scheduler interface

[Stef Bon]

Well, your email suprises me, really.
Yes I read some sort of apologies, but he is expecting someone is
dissapointed he's not reacting. If that's not arrogant, I'm a marsian.

I will raise a fund to support all of those who are dissapointed by
him not reacting... Yek

Much better would be just: I cannot react right now, but this issue
has my interest. I expect to react later..
In communication it's very important to treat each other with respect.
As soccertrainer (and maybe soon teacher mathematics) I really think
that's important when working together.

Stef Bon

2011/4/19 Michal Schmidt mschm...@redhat.com:
 On 04/18/2011 11:04 PM, Stef Bon wrote:

 2011/1/17 Lennart Poetteringmz...@0pointer.de:

 possible is via xattr support in procfs and cgroupfs.

 Anyway, as mentioned, I am not really ready to discuss this now. Sorry
 of that might sound disappointing.


 Why do think anyone is disappointed, by you not reacting? Do you
 really think that

 Since the original message called for some cooperation with systemd and
 systemd-devel was CC'd, it was only logical to assume that a response from
 the systemd developer was expected.

 I'snt it a bit arrogant to think this?

 In my opinion people are can be disappointed by the way we are treated
 by another, not by what we do or don't.

 I've been called arrogant before, but you are really king here!

 Hale king Lennart!

 Lennart's response consisted of 4 informative paragraphs and a closing
 apology for not being yet more helpful.
 In what universe is this considered arrogant?

 Michal

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Designing a scheduler interface

[Stef Bon]

2011/1/17 Lennart Poettering mz...@0pointer.de:
 possible is via xattr support in procfs and cgroupfs.

 Anyway, as mentioned, I am not really ready to discuss this now. Sorry
 of that might sound disappointing.


Why do think anyone is disappointed, by you not reacting? Do you
really think that

I'snt it a bit arrogant to think this?

In my opinion people are can be disappointed by the way we are treated
by another, not by what we do or don't.

I've been called arrogant before, but you are really king here!

Hale king Lennart!


Stef Bon
the Netherlands



 Lennart

 --
 Lennart Poettering - Red Hat, Inc.
 ___
 xdg mailing list
 x...@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/xdg

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel