1 |
On Tue, Aug 27, 2013 at 10:39 AM, <covici@××××××××××.com> wrote: |
2 |
> Canek Peláez Valdés <caneko@×××××.com> wrote: |
3 |
> |
4 |
>> On Tue, Aug 27, 2013 at 9:41 AM, <covici@××××××××××.com> wrote: |
5 |
>> > Canek Peláez Valdés <caneko@×××××.com> wrote: |
6 |
>> > |
7 |
>> >> On Tue, Aug 27, 2013 at 2:46 AM, <covici@××××××××××.com> wrote: |
8 |
>> >> > Canek Peláez Valdés <caneko@×××××.com> wrote: |
9 |
>> >> > |
10 |
>> >> >> On Tue, Aug 27, 2013 at 1:10 AM, <covici@××××××××××.com> wrote: |
11 |
>> >> >> > Canek Peláez Valdés <caneko@×××××.com> wrote: |
12 |
>> >> >> > |
13 |
>> >> >> >> On Mon, Aug 26, 2013 at 11:06 PM, Canek Peláez Valdés <caneko@×××××.com> wrote: |
14 |
>> >> >> >> > On Mon, Aug 26, 2013 at 10:52 PM, <covici@××××××××××.com> wrote: |
15 |
>> >> >> >> >> Hi. I am looking for a couple of systemd units which I have not been |
16 |
>> >> >> >> >> able to find -- one for mailman and one for innd which is a shell script |
17 |
>> >> >> >> >> by itself. |
18 |
>> >> >> >> >> |
19 |
>> >> >> >> >> Thanks in advance for any suggestions. |
20 |
>> >> >> >> > |
21 |
>> >> >> >> > I use this one in production for mailman with Gentoo: |
22 |
>> >> >> >> > |
23 |
>> >> >> >> > ---------------------------------------------------------------- |
24 |
>> >> >> >> > [Unit] |
25 |
>> >> >> >> > Description=Mailman mailing list service |
26 |
>> >> >> >> > After=network.target |
27 |
>> >> >> >> > |
28 |
>> >> >> >> > [Service] |
29 |
>> >> >> >> > Type=forking |
30 |
>> >> >> >> > ExecStart=/usr/lib/mailman/bin/mailmanctl -s start |
31 |
>> >> >> >> > ExecStop=/usr/lib/mailman/bin/mailmanctl stop |
32 |
>> >> >> >> > User=mailman |
33 |
>> >> >> >> > Group=mailman |
34 |
>> >> >> >> > |
35 |
>> >> >> >> > [Install] |
36 |
>> >> >> >> > WantedBy=multi-user.target |
37 |
>> >> >> >> > ---------------------------------------------------------------- |
38 |
>> >> >> >> > |
39 |
>> >> >> >> > I don't have any for innd. |
40 |
>> >> >> >> |
41 |
>> >> >> >> If innd is the one from net-nntp/inn, then the following should work: |
42 |
>> >> >> >> |
43 |
>> >> >> >> ---------------------------------------------------------------- |
44 |
>> >> >> >> [Unit] |
45 |
>> >> >> >> Description=The Internet News daemon |
46 |
>> >> >> >> Documentation=man:innd(8) |
47 |
>> >> >> >> ConditionPathExists=/var/run/news |
48 |
>> >> >> >> |
49 |
>> >> >> >> [Service] |
50 |
>> >> >> >> Type=simple |
51 |
>> >> >> >> ExecStart=/usr/lib/news/bin/rc.news |
52 |
>> >> >> >> ExecStop=/usr/lib/news/bin/rc.news stop |
53 |
>> >> >> >> User=news |
54 |
>> >> >> >> Group=news |
55 |
>> >> >> >> |
56 |
>> >> >> >> [Install] |
57 |
>> >> >> >> WantedBy=multi-user.target |
58 |
>> >> >> >> ---------------------------------------------------------------- |
59 |
>> >> >> >> |
60 |
>> >> >> >> If the binary rc.news forks itself (and there is no option to force it |
61 |
>> >> >> >> to run in the foreground), use Type=forking. The former is preferred |
62 |
>> >> >> >> over the latter. Also, to guarantee that the directory /var/run/news |
63 |
>> >> >> >> always is present, add the following to a new file |
64 |
>> >> >> >> /etc/tmpfiles.d/innd.conf: |
65 |
>> >> >> >> |
66 |
>> >> >> >> ---------------------------------------------------------------- |
67 |
>> >> >> >> d /var/run/news 0755 news news 10d - |
68 |
>> >> >> >> ---------------------------------------------------------------- |
69 |
>> >> >> >> |
70 |
>> >> >> >> You can replace 10d with - (hypen), so the directory is never cleaned |
71 |
>> >> >> >> automatically. If you try this unit and it works as expected, please |
72 |
>> >> >> >> let us know. |
73 |
>> >> >> >> |
74 |
>> >> >> > |
75 |
>> >> >> > OK, thanks again. I have one question which this brings up -- and this |
76 |
>> >> >> > applies to openrc as well -- I never have let it migrate /var/run to |
77 |
>> >> >> > /run and /var/lock likewise because I have directories in those which |
78 |
>> >> >> > are owned by various users, etc. and the packages themselves almost |
79 |
>> >> >> > never create such -- is putting things in /etc/tmpfiles.d the correct |
80 |
>> >> >> > way to fix this? |
81 |
>> >> >> |
82 |
>> >> >> tmpfiles.d is from systemd: |
83 |
>> >> >> |
84 |
>> >> >> http://www.freedesktop.org/software/systemd/man/tmpfiles.d.html |
85 |
>> >> >> |
86 |
>> >> >> However, I think OpenRC developers were thinking about supporting it. |
87 |
>> >> >> I don't know if that actually happened. |
88 |
>> >> >> |
89 |
>> >> >> With systemd in Gentoo, /var/run is bind mounted from /run, and it's a |
90 |
>> >> >> tmpfs dir, so everything there goes away after a reboot. The config |
91 |
>> >> >> files in tmpfiles.d allows the creation (and automatic removal) of |
92 |
>> >> >> directories and files there. |
93 |
>> >> >> |
94 |
>> >> >> I don't know if it's the "correct" way to fix anything; but it works. |
95 |
>> >> >> |
96 |
>> >> > Can I use the d action to change the permissions of an existing |
97 |
>> >> > directory and if not, how can I do this? |
98 |
>> >> |
99 |
>> >> I don't think so. The contents of /run (and /var/run before it) are, |
100 |
>> >> by definition, used only at run time. They are not intended to be |
101 |
>> >> preserved, and they actually should be cleaned from time to time |
102 |
>> >> (hence the age field in tmpfiles.d). Therefore tmpfiles.d only deals |
103 |
>> >> with creation (and cleaning up) of files/directories, not "updating" |
104 |
>> >> them, since they should not be even present when the system boots up. |
105 |
>> >> |
106 |
>> >> The files in /etc/tmpfiles.d are used by the systemd-tmpfiles-* units, |
107 |
>> >> and (AFAIU) they only create files/directories at boot time, and then |
108 |
>> >> only clean afterwards. |
109 |
>> >> |
110 |
>> >> My /run directory is really empty. When my systems boot up, systemd |
111 |
>> >> mounts a tmpfs on it: |
112 |
>> >> |
113 |
>> >> # mount | grep "on /run" |
114 |
>> >> tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755) |
115 |
>> >> |
116 |
>> >> Then the var-run.mount unit binds mount /run into /var/run. So no |
117 |
>> >> file/directory there is actually written into any physical disk ever. |
118 |
>> > |
119 |
>> > But I need to change the permissions of /var/lock to 777, if I can't use |
120 |
>> > tmpfiles.d how can I do this? |
121 |
>> |
122 |
>> chmod 777 /var/lock? I don't understand the question. What program do |
123 |
>> you need that requires universal writing access for /var/lock? In my |
124 |
>> systems, /var/lock is either bind mounted from /run/lock, or a soft |
125 |
>> link to /run/lock, and /run/lock is root:root and 755. |
126 |
>> |
127 |
> |
128 |
> I need regular users to put files in /var/lock and it is annoying to |
129 |
> have to change the permissions and so I have it on a file system and |
130 |
> never need to touch it. |
131 |
|
132 |
OK; you need to mask var-lock.mount (systemctl mask var-lock.mount), |
133 |
and then I think you only need to do chmod 777 /var/lock once. Just be |
134 |
aware that this is not how it should work in systemd, it's not |
135 |
supported, and any unnecessary world-writable directory is generally a |
136 |
bad idea. |
137 |
|
138 |
http://lists.freedesktop.org/archives/systemd-devel/2011-March/001823.html |
139 |
|
140 |
So, in a few words, if it breaks you get to keep both pieces. |
141 |
|
142 |
Regards. |
143 |
-- |
144 |
Canek Peláez Valdés |
145 |
Posgrado en Ciencia e Ingeniería de la Computación |
146 |
Universidad Nacional Autónoma de México |