1 |
On Tue, Dec 25, 2012 at 7:56 AM, Joshua Murphy <poisonbl@×××××.com> wrote: |
2 |
> On Tue, Dec 25, 2012 at 3:01 AM, Canek Peláez Valdés <caneko@×××××.com> wrote: |
3 |
>> [ snip ] |
4 |
>> * Really simple service unit files: The service unit files are really |
5 |
>> small, really simple, really easy to understand/modify. Compare the 9 |
6 |
>> lines of sshd.service: |
7 |
>> |
8 |
>> $ cat /etc/systemd/system/sshd.service |
9 |
>> [Unit] |
10 |
>> Description=SSH Secure Shell Service |
11 |
>> After=syslog.target |
12 |
>> |
13 |
>> [Service] |
14 |
>> ExecStart=/usr/sbin/sshd -D |
15 |
>> |
16 |
>> [Install] |
17 |
>> WantedBy=multi-user.target |
18 |
>> |
19 |
>> with the 84 of /etc/init.d/sshd (80 without comments). |
20 |
>> |
21 |
> [snip] |
22 |
>> |
23 |
>> Hope it helps. |
24 |
>> |
25 |
>> Regards. |
26 |
>> -- |
27 |
>> Canek Peláez Valdés |
28 |
>> Posgrado en Ciencia e Ingeniería de la Computación |
29 |
>> Universidad Nacional Autónoma de México |
30 |
>> |
31 |
> |
32 |
> I've not yet made the leap, as the benefit of faster boot really |
33 |
> doesn't affect me between systems that're always on and laptops that |
34 |
> typically spend 75% of their time asleep, rather than ever getting |
35 |
> turned off, so I'm in no position to speak for or against the whole of |
36 |
> systemd's changes... but one issue I've had with the claimed benefits |
37 |
> is the reduction in size compared to startup scripts like |
38 |
> /etc/init.d/sshd ... based on that service declaration above, it's a |
39 |
> horribly unfair comparison. /etc/init.d/sshd is doing a lot more than |
40 |
> simply starting/stopping the service and dropping all of that |
41 |
> functionality, then claiming "these few lines serve the same purpose" |
42 |
> isn't an equal comparison. It would still be a (notable, at that) drop |
43 |
> in size if the shell script was redone to provide exactly the same set |
44 |
> of features, then compared, but that size difference wouldn't have the |
45 |
> same shock value as the comparison against 80+ lines. The argument |
46 |
> that those functions should be handled by the service rather than the |
47 |
> service handler is for another day, 'course. |
48 |
|
49 |
No, I think that's the interesting argument. Like you say |
50 |
"/etc/init.d/sshd is doing a lot more than simply starting/stopping |
51 |
the service"; why it should do that? That's the work of the package |
52 |
manager and/or the administrator. An init system should only |
53 |
start/stop/monitor the services; it should not be checking if the keys |
54 |
are generated or not, or if the config file is there or not. That |
55 |
should happen at install time, and if for some reason they got borked |
56 |
between the last reboot and this one, the system is probably fucked up |
57 |
anyway, and putting checks in the *init script* will not help at all. |
58 |
|
59 |
But *even* if you really want to have those checks, you can do it in |
60 |
systemd in a cleaner way: put the checks in an executable script, and |
61 |
call the script with ExecStartPre: |
62 |
|
63 |
[Unit] |
64 |
Description=SSH Secure Shell Service |
65 |
After=syslog.target |
66 |
|
67 |
[Service] |
68 |
ExecStartPre=/usr/local/bin/checksshd |
69 |
ExecStart=/usr/sbin/sshd -D |
70 |
|
71 |
[Install] |
72 |
WantedBy=multi-user.target |
73 |
|
74 |
There; the unit file is now 10 lines, it *still* doesn't use a |
75 |
Turing-complete language, you got your checks (which I believe they |
76 |
don't belong there, but whatever), and it will timeout if the |
77 |
checksshd goes into an infinite loop (30 seconds is the default |
78 |
timeout, I believe). |
79 |
|
80 |
That's how yo properly do more than start/stop/monitor services; the |
81 |
init system doesn't need to know about it, you clearly move the init |
82 |
system responsibility (start/stop/monitor services) from the service |
83 |
requirements (checking that the config files are there, or that you |
84 |
need to generate keys, which I repeat, I think they belong at install |
85 |
time), and it keeps the unit files nice and simple. |
86 |
|
87 |
Regards. |
88 |
-- |
89 |
Canek Peláez Valdés |
90 |
Posgrado en Ciencia e Ingeniería de la Computación |
91 |
Universidad Nacional Autónoma de México |