I am logging in on a PC using SSH and need to access some peripherals
which are attached to seat0.
loginctl shows that my session is not attached to any seat:
SESSION UID USER SEAT TTY
50 1000 septatrix pts/0
The devices are added to the seat using udev rules
and I explicitly want
Hi,
currently I am building a minimalistic Linux image using mkosi which
should be installed on bare-metal hardware.
For the installation I am trying to create a USB-stick installer which
simply installs the resulting image on the hardware.
First and foremost:
Does someone maybe know of an existi
Hi, At least for simple cases you can use systemd-cat which allows
setting different priorities for stdout and stderr. It even explicitly
states that doing so will lose the ordering guarantees which are only
possible when attaching stdout and stderr to the same fd (as Lennart
said).
Greetings
Nils
Westerhof wrote:
>
> Aargh, forgot again that gmail works differently when replying. :'-{
>
> Op di 29 aug 2023 om 21:07 schreef Cecil Westerhof :
>>
>> Op di 29 aug 2023 om 19:47 schreef Nils Kattenbeck :
>>>
>>> Hi, At least for simple cases y
Hello, I am currently trying to build a linux image with discoverable
partitions in an A/B+etc+var scheme. I know that /usr and /var have a
corresponding partition UUID for automatically mounting them as per
DPS. However, I am not sure how to mount the /etc partition? Do I have
to specify it as the
On Mon, Sep 11, 2023, 10:54 Lennart Poettering
wrote:
> On So, 10.09.23 00:33, Nils Kattenbeck (nilskem...@gmail.com) wrote:
>
> > Hello, I am currently trying to build a linux image with discoverable
> > partitions in an A/B+etc+var scheme.
>
> The discoverable partiti
On Mon, Sep 11, 2023 at 11:49 AM Lennart Poettering
wrote:
>
> On Mo, 11.09.23 11:39, Nils Kattenbeck (nilskem...@gmail.com) wrote:
>
> > On Mon, Sep 11, 2023, 10:54 Lennart Poettering
> > wrote:
> >
> > > The discoverable partition scheme has no concept of /
Hi,
/usr/lib/systemd/ is indeed the place for internal binaries with
> unstable interfaces. But it's also the place where we put binaries
> that we don't typically expect users to call, because they are
> generally called via some well define .service unit or so only.
>
> systemd-cryptsetup is one
>
> > Why was the decision taken to put these into /usr/lib/systemd instead of
> > /usr/libexec/systemd/?
>
> That's a Fedoraism. Why would one put something there?
>
> /usr/lib/ is where private arch-dependent package stuff goes. What's
> the rationale for /usr/libexec/ though?
>
I am not aware o
Hello,
I am not sure how to get systemd-growfs-root.service to work with
automount. The partitions are configured via systemd-repart (and the
image created using mkosi). While the partitions are correctly grown
upon boot, the contained filesystem is not grown to match the
partition even though Gro
Hi,
On Tue, Oct 24, 2023 at 1:33 PM Lennart Poettering
wrote:
>
> On Mo, 23.10.23 02:00, Nils Kattenbeck (nilskem...@gmail.com) wrote:
>
> > Hello,
> >
> > I am not sure how to get systemd-growfs-root.service to work with
> > automount. The partitions are confi
10.23 23:48, Nils Kattenbeck (nilskem...@gmail.com) wrote:
>
> > > On Mo, 23.10.23 02:00, Nils Kattenbeck (nilskem...@gmail.com) wrote:
> > >
> > > > Hello,
> > > >
> > > > I am not sure how to get systemd-growfs-root.service to work with
>
> > ro/rw is a bit weird. Usually in our configuration model the settings
> > on the kernel cmdline args take precedence over config in
> > /etc/. But ro/rw is different for historical reasons: it only
> > specifies the initial ro/rw state of the disks, expecting that
> > /etc/fstab later changes t
On Wed, Oct 25, 2023, 13:29 Nils Kattenbeck wrote:
> Hi Lennart,
>
> thanks for the information. I finally found out the true cause,
> however, and it's just stupidity on my part.
> While Debian (my mkosi base) does ship systemd-growfs and the man
> pages for all the ser
On Sat, Oct 28, 2023 at 5:40 PM Nils Kattenbeck wrote:
>
> On Wed, Oct 25, 2023, 13:29 Nils Kattenbeck wrote:
>>
>> Hi Lennart,
>>
>> thanks for the information. I finally found out the true cause,
>> however, and it's just stupidity on my part.
>>
Hello,
I know that preset-all is run by the manager at startup if it is the
first boot. However, this does not seem to be run for user units (i.e.
systemctl --global preset-all).
Based on my findings the presetting is run very early and hooking in a
new service file with WantedBy/Before does not se
G'day,
I was looking into using sysupdate but did not find any information
about which archive formats are supported for "url-file". The man page
simply states that files are decompressed without specifying it any
further and uses .xz files in the examples.
Are other formats like .zstd also support
On Tue, Nov 21, 2023 at 6:04 PM Adrian Vovk wrote:
>
> Hello,
>
> I think relevant code for sysupdate / systemd-pull is here:
> https://github.com/systemd/systemd/blob/main/src/import/import-compress.c
Ah I was unaware that systemd-pull does indeed seem to decompress file
streams. Thanks for the
I decided to create a bug for this:
https://github.com/systemd/systemd/issues/30206
On Mon, Nov 20, 2023 at 1:39 AM Nils Kattenbeck wrote:
>
> Hello,
> I know that preset-all is run by the manager at startup if it is the
> first boot. However, this does not seem to be run for use
Hi, while I have been following this thread passively for now I also
wanted to chime in.
> (The main reason why sd-stub doesn't actually support erofs-initrds,
> is that sd-stub also generates initrd cpios on the fly, to pass
> credentials and system extension images to the kernel, and you can't
>
On Tue, Dec 12, 2023 at 10:02 PM Lennart Poettering
wrote:
>
> If you have 7 cpio initrds then the kernel will allocate a tmpfs and
> unpack them all into it, one after the other, on top of each other,
> and then jumps into the result.
>
> if you have an erofs and 7 cpio initds, what are you going
On Wed, Dec 13, 2023 at 10:03 AM Lennart Poettering
wrote:
>
> On Di, 12.12.23 23:01, Nils Kattenbeck (nilskem...@gmail.com) wrote:
>
> > > sysexts are erofs or squashfs file systems with verity backing. Only
> > > the sectors you access are decompressed.
> >
Hey everyone,
does sysupdate currently support any way to slowly roll out updates
where the server providing the files can be in control? This would be
used to slowly make a new version available and have it at e.g. 1%
adoption for a day to monitor regressions before increasing the
coverage. I was
Hello,
we are currently using sd-sysupdate to roll out updates and we're wondering
if there is any possibility to limit updates to consider at most one next
major version. This would allow us to write the software to handle only
data migrations from the previous major version instead of any versio
Forwarding to mailing list for future reference. (Also I want to reference
this mail in an upcoming mail).
On Mon, Jan 1, 2024, 14:31 Nils Kattenbeck wrote:
> Hi Adrian
>
> You can change the URL you check for updates to include the current
>> version number, then upload ea
, Nils
On Wed, Dec 20, 2023, 19:04 Nils Kattenbeck wrote:
> Hey everyone,
>
> does sysupdate currently support any way to slowly roll out updates
> where the server providing the files can be in control? This would be
> used to slowly make a new version available and have it at e.g. 1%
> I'd be fine with adding MaxVersion=. Happy to review a patch, merge
> something like this (at least file an RFE issue)
Should that be inclusive or exclusive? Naming it MaxVersion would
imply it to be inclusive though an exclusive bound would likely be
more useful most of the time. One could then
> > does sysupdate currently support any way to slowly roll out updates
> > where the server providing the files can be in control? [...]
>
> This is currently not available, no.
>
> The idea so far was always that the server is dumb, and the client
> picks the release it wants.
I feel like it wou
Continuing in https://github.com/systemd/systemd/issues/30695
On Tue, Jan 2, 2024 at 2:06 PM Lennart Poettering
wrote:
>
> On Di, 02.01.24 13:49, Nils Kattenbeck (nilskem...@gmail.com) wrote:
>
> > > I'd be fine with adding MaxVersion=. Happy to review a patch, merge
&g
Hello,
I have now created an issue in the systemd repository where this can
be tracked further as this seems to be something which would fit into
sd-sysupdate itself: https://github.com/systemd/systemd/issues/30855
Kind regards, Nils
Hello,
I have come across the issue for rootless sd-nspawn and - while
formulating a comment thereunder - read a bit more in a few man pages
(systemd and podman related).
While doing so the question arose whether there are any technical,
under the hood differences between nspawn and systemd.exec's
> > They are turning up as failed units, so they are being run,
> > even if I don't have any TPM module. Also, I have a notifier in
> > my waybar telling me of failed services and I don't want to see
> > them there.
>
> Can you provide logs about this? The goal is definitely to make these
> NOPs on
> Interepreting arbitrary regexes configured by unpriv code in priv code
> comes at some risk,. becose afair constructing them can come at O(2^n)
> time, i.e. a rogue regex could make use consume unbounded time on
> processing journal messages.
>
> Hence, I wouldn't hold your breath. Unless someone
> > Interepreting arbitrary regexes configured by unpriv code in priv code
> > comes at some risk,. becose afair constructing them can come at O(2^n)
> > time, i.e. a rogue regex could make use consume unbounded time on
> > processing journal messages.
>
> Which regex engine is used? glibc’s engin
Hi everyone,
I am working on a kiosk-type device which is supposed to start a
weston instance upon boot.
Our images were previously based on Debian 12 and Fedora 38, now we
are working on unifying them. Between the two old image variants the
systemd units were mostly identical, however, on Fedora
On Fri, Feb 16, 2024 at 9:45 AM Lennart Poettering
wrote:
>
> On Do, 15.02.24 22:16, Nils Kattenbeck (nilskem...@gmail.com) wrote:
>
> > Hi everyone,
> >
> > I am working on a kiosk-type device which is supposed to start a
> > weston instance upon boot.
> &
Hi, I am not sure if setting the compile time defaults is possible but in
general distributions should ship their configuration in /usr/... and end
users should make their adjustments in /etc/...
On Tue, Mar 5, 2024, 12:30 Max Gautier wrote:
> Hi,
>
> journald.conf (as well as other components)
Hello,
I am writing a simple oneshot service which should read access from
the journal and systemctl status. To restrict the service I was trying
to enable DynamicUser (and added '
SupplementaryGroups=systemd-journal'). However, the service is unable
to access unit status information and errors wi
On Thu, Mar 28, 2024 at 3:08 PM Luca Boccassi wrote:
>
> Works just fine here in Debian with 252:
Hm, weird. With logging enabled I get the following output:
$ sudo systemd-run -t --collect -p DynamicUser=true -E
SYSTEMD_LOG_LEVEL=debug systemctl --failed
Running as unit: run-u1497.service
Press
On Fri, Mar 29, 2024 at 7:04 AM Mantas Mikulėnas wrote:
>
> It's probably a difference between dbus-daemon and dbus-broker, I suspect.
Hi, that was indeed the problem. Installing dbus-broker on one of the
machines did in fact fix this. Any idea why that might be? I do not
know the differences bet
Hello everyone,
I am having trouble with getting CopyBlocks= to work with a verify enabled
usr partition. The documentations says that it should automatically work
automatically but it does not describe which properties have to be set for
which partition, i.e. repart.d file.
So far I have tried se
upport this use case.
>
> Cheers,
>
> Daan
>
> On Fri, 29 Mar 2024 at 19:55, Nils Kattenbeck wrote:
> >
> > Hello everyone,
> >
> > I am having trouble with getting CopyBlocks= to work with a verify enabled
> > usr partition. The documentations sa
This was not properly implemented until the current version:
https://github.com/systemd/systemd/pull/30030
On Sun, May 5, 2024 at 10:15 PM Paul Menzel
wrote:
>
> Dear systemd folks,
>
>
> On Ubuntu 22.04 with *systemd-repart* 249.11-0ubuntu3.12, the root
> partition in a qcow2 image, resized with
> Am I supposed to create file for PrimaryRootfs also, even
> if it does already exist, so that repart understand SecondaryRootfs has
> to be created? What, exactly, am I doing incorrectly, because I'm sure
> it is me not using the tool properly here, and no actual bug...
Yes, repartd tries to mat
> The kernel needs to be built with some non-default kconfigs, so if
> it's a custom build or distro check that those are all enabled, they
> are listed here:
>
> https://github.com/systemd/systemd/blob/main/README#L131
Just for posterity, here is the permalink:
https://github.com/systemd/systemd/
rt=/usr/bin/rsnapshot %I
>
>
> Am 2024-07-12 18:59, schrieb Nils Kattenbeck:
>
> The After/Before need to be set in the .service files, not the .timer files
>
> On Fri, Jul 12, 2024, 13:26 wrote:
>
> Actually this was my idea, too.
>
> However, could you precise wh
other.
On Mon, Jul 15, 2024, 18:22 Barry wrote:
>
>
> > On 15 Jul 2024, at 13:59, Nils Kattenbeck wrote:
> >
> > It might make more sense to create three services. Otherwise you can add
> overrides for some of them (e.g. /etc/.../rsnapshot@weekly.service) with
> only
I mostly use --on-unit-active for that but if you want to use absolute
times for that you would need to calculate the difference yourself or use
some shell arithmetic (apart from small differences like how clock
adjustments are handled)
Cheers, Nils
On Thu, Aug 29, 2024, 11:15 Lennart Poettering
You can use
SuccessAction=exit
FailureAction=exit
SuccessActionExitStatus=123
inside of a unit or invoke "systemctl exit 123" manually
On Tue, Sep 17, 2024, 10:00 沙包妖梦 wrote:
> I'm using "systemd --system" as PID1 inside podman container.
> I need a way to make RestartPreventExitStatus of hos
Are you aware that tools like mkosi already generate initrds which run
systemd? And systemd already has the logic to let services survive the
pivot_root (though that is discouraged and you should better use fdstore to
pass existing state to a new instance of the service).
Cheers, Nils
On Mon, Sep
On Tue, Nov 19, 2024 at 1:00 AM Lennart Poettering
wrote:
>
> On Do, 14.11.24 14:25, Phillip Susi (ph...@thesusis.net) wrote:
>
> > Lennart Poettering writes:
> >
> > > the BLKFLSBUF ioctl() works fine on block device fds open for read only.
> >
> > Oh, I might have to change that to use a read o
You should probably just use an ExecStart= (not with the stop you are
currently using), have it WantedBy=shutdown.target, and Before= any service
which you depend on to still be available
On Sat, Dec 7, 2024, 00:30 David Elie-Dit-Cosaque
wrote:
> Hi All,
>
> I am trying to create a systemd servi
Hi,
do you set Accept=yes in your socket unit?
I think ask-password.c and hostnamed.c might be some pretty barebones
services to which you may compare your code - the former uses
Accept=yes and the latter does not.
If you do not use Accept=yes but terminate as soon as the only
connection leaves i
Hi,
based on my understanding sysexts are geared towards scenarios where either
other services need to consume your files or you are able to consume files
by the OS, e.g. system libraries. You can for example build these using
mkosi which uses your normal distribution packages.
Portable services
Hi,
systemd itself already uses them in those sections without problems so they
should definitely work:
systemd-zram-setup@.service:After=dev-%i.device
systemd-journald@.service:Requires=systemd-journald@%i.socket
systemd-journald-varlink@%i.socket
systemd-journald@.service:After=systemd-journald@
Hi, https://github.com/systemd/systemd/issues/14190 might also be off
interest for you
On Thu, Jan 9, 2025, 18:15 Mantas Mikulėnas wrote:
> On Thu, Jan 9, 2025 at 4:46 PM Umut Tezduyar Lindskog <
> umut.tezdu...@axis.com> wrote:
>
>> Hi,
>>
>>
>>
>> I build a minimum image with mkosi with just s
For services/sockets your best bet might be to simply bind them to 0.0.0.0
such that they still work after the address change.
My solution for the DNS record is to use iproute2 tools which provide a
monitor command (in the sample below filtered for IPv6 changes):
#!/usr/bin/sh
touch "$CACHE_DIREC
Hi,
systemd definitely already has all the stuff in place to do this on it's
own.
The stuff creating the root partition would be sd-repart which just needs a
corresponding partition description.
A good example of how this can be used is particleOS
https://github.com/systemd/particleos
which is an
Hi Marc,
it has been a while since working with generators but I think the correct
solution is to ensure that the system-presets are configured such that you
generated units are enabled by default. Debian for example has a fallback
which applies a default preset of disabled for all units unless
sp
The systemd APIs to receive the socket check that the PID matches that of
the original process and otherwise returns. I assume you are running into
this. This is a deliberate decision as otherwise things might go awry if
multiple processes assume they can use the same socket. Ideally you would
also
Hi, that seems like a bug. I would expect them to lookup the same paths, i.e.
/etc/sysupdate.d/*.transfer
/run/sysupdate.d/*.transfer
/usr/local/lib/sysupdate.d/*.transfer
/usr/lib/sysupdate.d/*.transfer
as written on the man page. Maybe open a report on Gi
Hi,
$INVOCATION_ID is quite a reliable source for this.
I do not what if there are other behavior changes apart from forking you
want to do but it is usually better to do those at a finer resolution than
just a big check for systemd. First and foremost there are also other
service managers which m
run0 is not a drop-in replacement for sudo in every case. It works
inherently different but therein lies its strength (but also its
weaknesses). For allowing only specific commands you will need to look
into setting up polkit rules because that is what run0 uses in the
back to check if running the
Hi,
the most idiomatic approach is likely to use the new concurrency limits for
slices which will be release with the upcoming v258:
https://www.freedesktop.org/software/systemd/man/devel/systemd.slice.html#ConcurrencyHardMax=
Otherwise if the set of templated units is fixed and the order is arbi
>
> That being said, I currently don't make much sense from this future
> documentation. Would I need to refer to all my service units in my
> .slice file or can a service assign itself to a slice from its own unit?
>
You can specify a slice using the Slice= property under [Service] and IIRC
templ
65 matches
Mail list logo
