systemctl versus service

Thu, 17 Apr 2014 11:08:32 -0700

So for a number of versions, 'service' has been a front end to 'systemctl'. I have a service I am testing the Host Identity Protocol, and the HIPL implementation: http://infrahip.hiit.fi/ that is still built around 'service'. And they maintain binaries for a number of distros, including Centos that do not yet (if ever?) use 'systemctl'.
Now I amy not have all the terms right, but that is pretty close to the challenge. 


On my Fedora 20 system, the services come up real slow. In fact I get 
errors that they failed, even though they are working! Or at least they 
are testing out properly. For example, when I start the HIP firewall I get:


# service hipfw start

Starting hipfw (via systemctl): Job for hipfw.service failed. See 
'systemctl status hipfw.service' and 'journalctl -xn' for details.

[FAILED]


This takes a LONG time until the failed message appears. 'ps axu|grep 
hip' shows the service is running. but status shows:


hipfw.service - SYSV: HIPL firewall daemon
Loaded: loaded (/etc/rc.d/init.d/hipfw)

Active: failed (Result: timeout) since Thu 2014-04-17 12:51:05 EDT; 1h 
0min ago
Process: 2029 ExecStart=/etc/rc.d/init.d/hipfw start (code=exited, 
status=0/SUCCESS)

CGroup: /system.slice/hipfw.service
└─2031 /usr/sbin/hipfw -bklpF


Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(hipfw/helpers.c:97@system_print) $ ip6tables -I HIPFW-FORWARD -p 
139 -j DROP -> 0
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(hipfw/helpers.c:97@system_print) $ iptables -I INPUT -j 
HIPFW-INPUT -> 0
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(hipfw/helpers.c:97@system_print) $ iptables -I OUTPUT -j 
HIPFW-OUTPUT -> 0
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(hipfw/helpers.c:97@system_print) $ iptables -I FORWARD -j 
HIPFW-FORWARD -> 0
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(hipfw/helpers.c:97@system_print) $ ip6tables -I INPUT -j 
HIPFW-INPUT -> 0
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(hipfw/helpers.c:97@system_print) $ ip6tables -I OUTPUT -j 
HIPFW-OUTPUT -> 0
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(hipfw/helpers.c:97@system_print) $ ip6tables -I FORWARD -j 
HIPFW-FORWARD -> 0
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(libcore/message.c:319@sendto_hipd) Sending user message 16 to HIPD 
on socket 4
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(libcore/message.c:323@sendto_hipd) Sent 40 bytes
Apr 17 12:46:05 ee900.htt-consult.com hipfw[2031]: 
debug(libcore/message.c:400@send_recv_info_internal) Waiting to receive 
daemon info.
Apr 17 12:51:05 ee900.htt-consult.com systemd[1]: hipfw.service 
operation timed out. Terminating.
Apr 17 12:51:05 ee900.htt-consult.com systemd[1]: Failed to start SYSV: 
HIPL firewall daemon.
Apr 17 12:51:05 ee900.htt-consult.com systemd[1]: Unit hipfw.service 
entered failed state.



Well the HIPL developers are looking into supporting systemctl method, 
but for the present, I need the start not to take so long (and I am 
talking minutes here, not a few extra seconds until the failed message).



So is there some option I could use in 'systemctl start hipfw.service' 
that will cut down the start time, even if there are some warnings?


thanks


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org






















					Reply via email to