Re: [systemd-devel] forking PIDFile question

2018-02-21 Thread steve 
On Tuesday, 20 February 2018 07:30:06 GMT Andrei Borzenkov wrote:

> 
> It is expected to be written by your service binary. Ideally it should
> do it only after it has completed initialization and is ready to provide
> services.
> 
> > Am I right in thinking that LCDd is so old that it hasn't been written
> > with systemd in mind so does not support PIDFile?
> 
> PID files predate systemd.

Thanks for your comments.


Regards, Steve Goodey
Colchester, England
mailto://st...@goodey.org
Registered Linux User #372670 http://counter.li.org

Hello to Jason Isaacs
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] forking PIDFile question

2018-02-21 Thread steve 
On Tuesday, 20 February 2018 08:32:45 GMT Mantas Mikulėnas wrote:
> On Mon, Feb 19, 2018 at 11:29 PM,  wrote:
> > Hello,
> > 
> > 
> > 
> > Sorry if this question is a bit basic for a devel list, I tried asking it
> > in a ubuntu forum but didn't get any views, let alone replies.
> > 
> > 
> > 
> > I have a PC running Mythbuntu which has an LCD which I had a bit of a
> > struggle getting going under systemd. However using Type=forking it is now
> > working fine. However reading the man page for systemd.service is says
> > that
> > it is recommended to use PIDFile.
> 
> It might be recommended in some cases (the more complex the daemon is), but
> useless in your case.
> 
> Removing the line PIDFile=/run/LCDd.pid in LCDd.service and all is good.
> 
> > I have tried creating LCDd.pid in /run with root:root but get the same.
> > How is the pid file generated?
> 
> It is created by your daemon process.
> 
> If your daemon does not support creating pidfiles, just don't use the
> PIDFile= option in the first place...
> 
> > Am I right in thinking that LCDd is so old that it hasn't been written
> > with systemd in mind so does not support PIDFile?
> 
> No; it's almost the opposite. Pidfiles have been in use for several decades
> with sysvinit (they were one of the primary methods of service
> identification), but became practically optional with systemd's
> cgroup-based tracking.

Thanks for your comments.


Regards, Steve Goodey
Colchester, England
mailto://st...@goodey.org
Registered Linux User #372670 http://counter.li.org

Hello to Jason Isaacs
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] forking PIDFile question

2018-02-21 Thread steve 
On Wednesday, 21 February 2018 06:31:23 GMT Jonathan de Boyne Pollard wrote:
> st...@goodey.org:
> > [Service]
> > 
> > Type=forking
> 
> Your program has an -f option to stop it from vainly trying to
> re-daemonize itself.  Use it; and do not use Type=forking in the first
> place.
> 
> *
> http://jdebp.eu./FGA/unix-daemon-design-mistakes-to-avoid.html#DoNotBackgrou
> ndise
> 
> The supplied systemd service unit that comes packaged by Ubuntu/Debian
> does this.  You can ignore its use of -s 1 , as systemd will log the
> program's standard output and -s 0 will do quite well.
> 
> *
> https://sources.debian.org/src/lcdproc/0.5.9-2/debian/lcdproc.LCDd.service/
> 
> st...@goodey.org:
> > [server]
> > 
> > User=nobody
> 
> Also, do not abuse nobody for dæmons.  Use a dedicated unprivileged user
> account, such as (for example) lcdproc.  Name the unprivileged user
> account in the service unit in a User= setting, and using filesystem
> ACLs or otherwise grant it nothing except the permission to open
> /dev/ttyUSB0 for writing and to open the configuration file for reading.
> 
> * http://jdebp.eu./FGA/dont-abuse-nobody-for-daemons.html
> 
> Currently, you are running your program as the superuser with a
> configuration file owned by an unprivileged user.  This is a backdoor
> into your system, as anyone who compromises that unprivileged user
> account (which is the one that you run your WWW browser as, and that you
> use to run software build systems and other programs downloaded from
> other people that you do not know, ne?) can rewrite the configuration
> file and thereby persuade a superuser-privileged process to open an
> arbitrary file and write stuff (which it does before it attempts to
> detect whether it is running as the superuser).
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Thanks very much Jonathan for your help and in looking through the conf files 
and pointing 
out my mistakes. I have altered them as per your instructions and all is now 
running fine.

Thanks to all who replied and my apologies if my little problem has cluttered 
up your list :-)


Regards, Steve Goodey
Colchester, England
mailto://st...@goodey.org
Registered Linux User #372670 http://counter.li.org

Hello to Jason Isaacs
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] forking PIDFile question

2018-02-20 Thread Jonathan de Boyne Pollard 

st...@goodey.org:

[Service]

Type=forking



Your program has an -f option to stop it from vainly trying to 
re-daemonize itself.  Use it; and do not use Type=forking in the first 
place.


* 
http://jdebp.eu./FGA/unix-daemon-design-mistakes-to-avoid.html#DoNotBackgroundise


The supplied systemd service unit that comes packaged by Ubuntu/Debian 
does this.  You can ignore its use of -s 1 , as systemd will log the 
program's standard output and -s 0 will do quite well.


* 
https://sources.debian.org/src/lcdproc/0.5.9-2/debian/lcdproc.LCDd.service/


st...@goodey.org:


[server]

User=nobody


Also, do not abuse nobody for dæmons.  Use a dedicated unprivileged user 
account, such as (for example) lcdproc.  Name the unprivileged user 
account in the service unit in a User= setting, and using filesystem 
ACLs or otherwise grant it nothing except the permission to open 
/dev/ttyUSB0 for writing and to open the configuration file for reading.


* http://jdebp.eu./FGA/dont-abuse-nobody-for-daemons.html

Currently, you are running your program as the superuser with a 
configuration file owned by an unprivileged user.  This is a backdoor 
into your system, as anyone who compromises that unprivileged user 
account (which is the one that you run your WWW browser as, and that you 
use to run software build systems and other programs downloaded from 
other people that you do not know, ne?) can rewrite the configuration 
file and thereby persuade a superuser-privileged process to open an 
arbitrary file and write stuff (which it does before it attempts to 
detect whether it is running as the superuser).

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] forking PIDFile question

2018-02-19 Thread Mantas Mikulėnas 
On Mon, Feb 19, 2018 at 11:29 PM,  wrote:

> Hello,
>
>
>
> Sorry if this question is a bit basic for a devel list, I tried asking it
> in a ubuntu forum but didn't get any views, let alone replies.
>
>
>
> I have a PC running Mythbuntu which has an LCD which I had a bit of a
> struggle getting going under systemd. However using Type=forking it is now
> working fine. However reading the man page for systemd.service is says that
> it is recommended to use PIDFile.
>

It might be recommended in some cases (the more complex the daemon is), but
useless in your case.

Removing the line PIDFile=/run/LCDd.pid in LCDd.service and all is good.
>
> I have tried creating LCDd.pid in /run with root:root but get the same.
> How is the pid file generated?
>

It is created by your daemon process.

If your daemon does not support creating pidfiles, just don't use the
PIDFile= option in the first place...


> Am I right in thinking that LCDd is so old that it hasn't been written
> with systemd in mind so does not support PIDFile?
>

No; it's almost the opposite. Pidfiles have been in use for several decades
with sysvinit (they were one of the primary methods of service
identification), but became practically optional with systemd's
cgroup-based tracking.

-- 
Mantas Mikulėnas
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] forking PIDFile question

2018-02-19 Thread Andrei Borzenkov 
20.02.2018 00:29, st...@goodey.org пишет:
> Hello,
> 
> Sorry if this question is a bit basic for a devel list, I tried asking it in 
> a ubuntu forum but 
> didn't get any views, let alone replies.
> 
> I have a PC running Mythbuntu which has an LCD which I had a bit of a 
> struggle getting 
> going under systemd. However using Type=forking it is now working fine. 
> However 
> reading the man page for systemd.service is says that it is recommended to 
> use PIDFile. I 
> have tried adding PIDFile=/run/LCDd.pid but this causes an error message:-
> 
> LCDd.service - LCDd
>Loaded: loaded (/etc/systemd/system/LCDd.service; enabled; vendor preset: 
> enabled)
>Active: activating (start) since Tue 2018-02-13 09:49:03 GMT; 1min 8s ago
>   Process: 2485 ExecStart=/usr/sbin/LCDd -c /home/steve/lcd/LCDd.conf 
> (code=exited, 
> status=0/SUCCESS)
>CGroup: /system.slice/LCDd.service
>└─2487 /usr/sbin/LCDd -c /home/steve/lcd/LCDd.conf
> 
> Feb 13 09:49:03 mythbuntu systemd[1]: Starting LCDd...
> Feb 13 09:49:03 mythbuntu systemd[1]: LCDd.service: PID file /run/LCDd.pid 
> not readable 
> (yet?) after start: No such file or directory
> steve@mythbuntu:~$
> 
> Removing the line PIDFile=/run/LCDd.pid in LCDd.service and all is good.
> I have tried creating LCDd.pid in /run with root:root but get the same. How 
> is the pid file 
> generated? 

It is expected to be written by your service binary. Ideally it should
do it only after it has completed initialization and is ready to provide
services.

> Am I right in thinking that LCDd is so old that it hasn't been written with 
> systemd 
> in mind so does not support PIDFile?
> 

PID files predate systemd.

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] forking PIDFile question

2018-02-19 Thread steve 
Hello,

Sorry if this question is a bit basic for a devel list, I tried asking it in a 
ubuntu forum but 
didn't get any views, let alone replies.

I have a PC running Mythbuntu which has an LCD which I had a bit of a struggle 
getting 
going under systemd. However using Type=forking it is now working fine. However 
reading the man page for systemd.service is says that it is recommended to use 
PIDFile. I 
have tried adding PIDFile=/run/LCDd.pid but this causes an error message:-

LCDd.service - LCDd
   Loaded: loaded (/etc/systemd/system/LCDd.service; enabled; vendor preset: 
enabled)
   Active: activating (start) since Tue 2018-02-13 09:49:03 GMT; 1min 8s ago
  Process: 2485 ExecStart=/usr/sbin/LCDd -c /home/steve/lcd/LCDd.conf 
(code=exited, 
status=0/SUCCESS)
   CGroup: /system.slice/LCDd.service
   └─2487 /usr/sbin/LCDd -c /home/steve/lcd/LCDd.conf

Feb 13 09:49:03 mythbuntu systemd[1]: Starting LCDd...
Feb 13 09:49:03 mythbuntu systemd[1]: LCDd.service: PID file /run/LCDd.pid not 
readable 
(yet?) after start: No such file or directory
steve@mythbuntu:~$

Removing the line PIDFile=/run/LCDd.pid in LCDd.service and all is good.
I have tried creating LCDd.pid in /run with root:root but get the same. How is 
the pid file 
generated? Am I right in thinking that LCDd is so old that it hasn't been 
written with systemd 
in mind so does not support PIDFile?



LCDd.service
[Unit]
Description=LCDd
After=multi-user.target

[Service]
Type=forking
PIDFile=/run/LCDd.pid
ExecStart=/usr/sbin/LCDd -c /home/steve/lcd/LCDd.conf
TimeoutStopSec=1s
Restart=on-failure
RestartSec=5
StartLimitInterval=30
StartLimitBurst=5

[Install]
WantedBy=multi-user.target


LCDd.conf
## This file was written by cme command.
## You can run 'cme edit lcdproc' to modify this file.
## You may also modify the content of this file with your favorite editor.


[server]
DriverPath=/home/steve/lcd/
Driver=vlsys_m428
NextScreenKey=Right
PrevScreenKey=Left
ReportToSyslog=yes
ToggleRotateKey=Enter
ServerScreen=no

Bind=127.0.0.1
Port=13666
User=nobody
Hello="Mythbuntu"
WaitTime=5

[menu]
DownKey=Down
EnterKey=Enter
MenuKey=Escape
UpKey=Up

[vlsys_m428]
Device=/dev/ttyUSB0

LCDd.conf (END) 

-- 
Regards, Steve Goodey
Colchester, England
mailto://st...@goodey.org
Registered Linux User #372670 http://counter.li.org
[1]
Hello to Jason Isaacs


[1] 372670.png
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel