Gentoo Archives: gentoo-user

From: "Canek Peláez Valdés" <caneko@×××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] looking for a couple of systemd units
Date: Tue, 27 Aug 2013 15:57:42
Message-Id: CADPrc80PjoPK6BuJ0=3J0BqxzAHXXnn+y+evUomthSG2zZe6Gw@mail.gmail.com
In Reply to: Re: [gentoo-user] looking for a couple of systemd units by covici@ccs.covici.com
1 On Tue, Aug 27, 2013 at 10:39 AM, <covici@××××××××××.com> wrote:
2 > Canek Peláez Valdés <caneko@×××××.com> wrote:
3 >
4 >> On Tue, Aug 27, 2013 at 9:41 AM, <covici@××××××××××.com> wrote:
5 >> > Canek Peláez Valdés <caneko@×××××.com> wrote:
6 >> >
7 >> >> On Tue, Aug 27, 2013 at 2:46 AM, <covici@××××××××××.com> wrote:
8 >> >> > Canek Peláez Valdés <caneko@×××××.com> wrote:
9 >> >> >
10 >> >> >> On Tue, Aug 27, 2013 at 1:10 AM, <covici@××××××××××.com> wrote:
11 >> >> >> > Canek Peláez Valdés <caneko@×××××.com> wrote:
12 >> >> >> >
13 >> >> >> >> On Mon, Aug 26, 2013 at 11:06 PM, Canek Peláez Valdés <caneko@×××××.com> wrote:
14 >> >> >> >> > On Mon, Aug 26, 2013 at 10:52 PM, <covici@××××××××××.com> wrote:
15 >> >> >> >> >> Hi. I am looking for a couple of systemd units which I have not been
16 >> >> >> >> >> able to find -- one for mailman and one for innd which is a shell script
17 >> >> >> >> >> by itself.
18 >> >> >> >> >>
19 >> >> >> >> >> Thanks in advance for any suggestions.
20 >> >> >> >> >
21 >> >> >> >> > I use this one in production for mailman with Gentoo:
22 >> >> >> >> >
23 >> >> >> >> > ----------------------------------------------------------------
24 >> >> >> >> > [Unit]
25 >> >> >> >> > Description=Mailman mailing list service
26 >> >> >> >> > After=network.target
27 >> >> >> >> >
28 >> >> >> >> > [Service]
29 >> >> >> >> > Type=forking
30 >> >> >> >> > ExecStart=/usr/lib/mailman/bin/mailmanctl -s start
31 >> >> >> >> > ExecStop=/usr/lib/mailman/bin/mailmanctl stop
32 >> >> >> >> > User=mailman
33 >> >> >> >> > Group=mailman
34 >> >> >> >> >
35 >> >> >> >> > [Install]
36 >> >> >> >> > WantedBy=multi-user.target
37 >> >> >> >> > ----------------------------------------------------------------
38 >> >> >> >> >
39 >> >> >> >> > I don't have any for innd.
40 >> >> >> >>
41 >> >> >> >> If innd is the one from net-nntp/inn, then the following should work:
42 >> >> >> >>
43 >> >> >> >> ----------------------------------------------------------------
44 >> >> >> >> [Unit]
45 >> >> >> >> Description=The Internet News daemon
46 >> >> >> >> Documentation=man:innd(8)
47 >> >> >> >> ConditionPathExists=/var/run/news
48 >> >> >> >>
49 >> >> >> >> [Service]
50 >> >> >> >> Type=simple
51 >> >> >> >> ExecStart=/usr/lib/news/bin/rc.news
52 >> >> >> >> ExecStop=/usr/lib/news/bin/rc.news stop
53 >> >> >> >> User=news
54 >> >> >> >> Group=news
55 >> >> >> >>
56 >> >> >> >> [Install]
57 >> >> >> >> WantedBy=multi-user.target
58 >> >> >> >> ----------------------------------------------------------------
59 >> >> >> >>
60 >> >> >> >> If the binary rc.news forks itself (and there is no option to force it
61 >> >> >> >> to run in the foreground), use Type=forking. The former is preferred
62 >> >> >> >> over the latter. Also, to guarantee that the directory /var/run/news
63 >> >> >> >> always is present, add the following to a new file
64 >> >> >> >> /etc/tmpfiles.d/innd.conf:
65 >> >> >> >>
66 >> >> >> >> ----------------------------------------------------------------
67 >> >> >> >> d /var/run/news 0755 news news 10d -
68 >> >> >> >> ----------------------------------------------------------------
69 >> >> >> >>
70 >> >> >> >> You can replace 10d with - (hypen), so the directory is never cleaned
71 >> >> >> >> automatically. If you try this unit and it works as expected, please
72 >> >> >> >> let us know.
73 >> >> >> >>
74 >> >> >> >
75 >> >> >> > OK, thanks again. I have one question which this brings up -- and this
76 >> >> >> > applies to openrc as well -- I never have let it migrate /var/run to
77 >> >> >> > /run and /var/lock likewise because I have directories in those which
78 >> >> >> > are owned by various users, etc. and the packages themselves almost
79 >> >> >> > never create such -- is putting things in /etc/tmpfiles.d the correct
80 >> >> >> > way to fix this?
81 >> >> >>
82 >> >> >> tmpfiles.d is from systemd:
83 >> >> >>
84 >> >> >> http://www.freedesktop.org/software/systemd/man/tmpfiles.d.html
85 >> >> >>
86 >> >> >> However, I think OpenRC developers were thinking about supporting it.
87 >> >> >> I don't know if that actually happened.
88 >> >> >>
89 >> >> >> With systemd in Gentoo, /var/run is bind mounted from /run, and it's a
90 >> >> >> tmpfs dir, so everything there goes away after a reboot. The config
91 >> >> >> files in tmpfiles.d allows the creation (and automatic removal) of
92 >> >> >> directories and files there.
93 >> >> >>
94 >> >> >> I don't know if it's the "correct" way to fix anything; but it works.
95 >> >> >>
96 >> >> > Can I use the d action to change the permissions of an existing
97 >> >> > directory and if not, how can I do this?
98 >> >>
99 >> >> I don't think so. The contents of /run (and /var/run before it) are,
100 >> >> by definition, used only at run time. They are not intended to be
101 >> >> preserved, and they actually should be cleaned from time to time
102 >> >> (hence the age field in tmpfiles.d). Therefore tmpfiles.d only deals
103 >> >> with creation (and cleaning up) of files/directories, not "updating"
104 >> >> them, since they should not be even present when the system boots up.
105 >> >>
106 >> >> The files in /etc/tmpfiles.d are used by the systemd-tmpfiles-* units,
107 >> >> and (AFAIU) they only create files/directories at boot time, and then
108 >> >> only clean afterwards.
109 >> >>
110 >> >> My /run directory is really empty. When my systems boot up, systemd
111 >> >> mounts a tmpfs on it:
112 >> >>
113 >> >> # mount | grep "on /run"
114 >> >> tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
115 >> >>
116 >> >> Then the var-run.mount unit binds mount /run into /var/run. So no
117 >> >> file/directory there is actually written into any physical disk ever.
118 >> >
119 >> > But I need to change the permissions of /var/lock to 777, if I can't use
120 >> > tmpfiles.d how can I do this?
121 >>
122 >> chmod 777 /var/lock? I don't understand the question. What program do
123 >> you need that requires universal writing access for /var/lock? In my
124 >> systems, /var/lock is either bind mounted from /run/lock, or a soft
125 >> link to /run/lock, and /run/lock is root:root and 755.
126 >>
127 >
128 > I need regular users to put files in /var/lock and it is annoying to
129 > have to change the permissions and so I have it on a file system and
130 > never need to touch it.
131
132 OK; you need to mask var-lock.mount (systemctl mask var-lock.mount),
133 and then I think you only need to do chmod 777 /var/lock once. Just be
134 aware that this is not how it should work in systemd, it's not
135 supported, and any unnecessary world-writable directory is generally a
136 bad idea.
137
138 http://lists.freedesktop.org/archives/systemd-devel/2011-March/001823.html
139
140 So, in a few words, if it breaks you get to keep both pieces.
141
142 Regards.
143 --
144 Canek Peláez Valdés
145 Posgrado en Ciencia e Ingeniería de la Computación
146 Universidad Nacional Autónoma de México

Replies

Subject Author
Re: [gentoo-user] looking for a couple of systemd units covici@××××××××××.com