Skip to content

core: Allow preserving contents of RuntimeDirectory over process restart #6328

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
poettering merged 2 commits into from
Jul 17, 2017
Merged

core: Allow preserving contents of RuntimeDirectory over process restart #6328

poettering merged 2 commits into from
Jul 17, 2017

Conversation

@yuwata
Copy link
Member

@yuwata yuwata commented Jul 11, 2017
edited
Loading

This introduces RuntimeDirectoryPreserve= option which takes a boolean argument or restart.

Closes #6087.

boucman
boucman reviewed Jul 11, 2017
View reviewed changes
man/systemd.exec.xml Outdated
<varlistentry>
<term><varname>RuntimeDirectoryPreserve=</varname></term>

<listitem><para>Takes one of <option>never</option>, <option>restart</option>, or <option>always</option>.
Copy link
Contributor

@boucman boucman Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it "no" or "never" or both ?

Copy link
Member Author

@yuwata yuwata Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only never. Current implimentation does not allow boolean.

Copy link
Member

@poettering poettering Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this needs to be fixed here though, as you do suggest using "no" in the current version

boucman
boucman reviewed Jul 11, 2017
View reviewed changes
man/systemd.exec.xml Outdated
are always removed when the service stops. If set to <option>restart</option> the directories are preserved
when the service is both automatically and manually restarted. Here, the automatic restart means the operation
specified in <varname>Restart=</varname>, and manual restart means the one triggered by
<command>systemctl restart foo.service</command>.
Copy link
Contributor

@boucman boucman Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IIUC always means the directory is never removed, except on reboot (it's a tmpfs after all)

it might be worth saying that explicitely...

Copy link
Member Author

@yuwata yuwata Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, I forgot to mention it. Thanks.

poettering
poettering requested changes Jul 11, 2017
View reviewed changes
Copy link
Member

@poettering poettering left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks excellent already, just minor fixes, and please add the support for "systemd-run -p …" as described, thanks!

src/core/dbus-execute.c

return 1;

} else if (streq(name, "RuntimeDirectoryPreserve")) {
Copy link
Member

@poettering poettering Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, could you also add the counterparts for this to src/shared/bus-unit-util.c's bus_append_unit_property_assignment()? We should really make sure that all new options come with that right-away (we are still missing some prop hookups for older props, and we should fix that too, but let's get this right right-away for the new ones).

Adding this means the new functionality can be tested easily using:

systemd-run -t -p RuntimeDirectory=foo -p RuntimeDirectoryPreserve=always /bin/sh

src/core/dbus-execute.c Outdated
if (mode != UNIT_CHECK) {
c->runtime_directory_mode = m;

unit_write_drop_in_private_format(u, mode, name, "RuntimeDirectoryMode=%u", m);
Copy link
Member

@poettering poettering Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be output with %040o rather than %u, after all creation modes are usually written in octal style.

man/systemd.exec.xml Outdated
<varname>$XDG_RUNTIME_DIR</varname> (for user services) when
the unit is started, and removed when the unit is stopped. The
the unit is started, and removed when the unit is stopped.
It is possible to preserve the direcotries if
Copy link
Member

@poettering poettering Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

direcotries → directories

man/systemd.exec.xml Outdated
<varlistentry>
<term><varname>RuntimeDirectoryPreserve=</varname></term>

<listitem><para>Takes one of <option>never</option>, <option>restart</option>, or <option>always</option>.
Copy link
Member

@poettering poettering Jul 11, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this needs to be fixed here though, as you do suggest using "no" in the current version

@poettering poettering added pid1 reviewed/needs-rework 🔨 PR has been reviewed and needs another round of reworks labels Jul 11, 2017
@yuwata yuwata force-pushed the runtime-preserve branch from acdbcde to cff52d4 Compare July 13, 2017 02:03
@yuwata
Copy link
Member Author

yuwata commented Jul 13, 2017
edited
Loading

@boucman @poettering Thank you for your comments. I've force-pushed the updated version. In the updated commits, I use a boolean argument rather than never and always.
Moreover, I've added several commits based on this functionality. If you feel they should be proposed in another PR, I will tentatively drop them.

@yuwata yuwata force-pushed the runtime-preserve branch from cff52d4 to f870d18 Compare July 13, 2017 07:24
@fsateler
Copy link
Member

fsateler commented Jul 13, 2017

resolved fails to start:

Jul 13 07:47:30 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Trying to enqueue job systemd-resolved.service/start/replace
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Merged into installed job systemd-resolved.service/start as 1800
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Enqueued job systemd-resolved.service/start as 1800
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[7007]: systemd-resolved.service: Executing: /lib/systemd/systemd-resolved
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd-resolved[7007]: Fail to get current capabilities: Invalid argument
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Got notification message from PID 7007 (STOPPING=1, STATUS=Shutting down...)
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Child 7007 belongs to systemd-resolved.service
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Main process exited, code=exited, status=1/FAILURE
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Changed start -> failed
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: systemd-resolved.service: Job systemd-resolved.service/start finished, result=failed
Jul 13 07:47:31 autopkgtest-lxc-hckeil systemd[1]: Failed to start Network Name Resolution.

@yuwata
Copy link
Member Author

yuwata commented Jul 13, 2017

@fsateler Thank you for testing my code. I have a question. In your testing environment, only resolved fails? networkd and timesyncd works well?

@fsateler
Copy link
Member

fsateler commented Jul 13, 2017

@yuwata I did not test it myself, I'm just copying a snippet from he failed s390x autopkgtest. But it appears only resolved is failing

@yuwata
Copy link
Member Author

yuwata commented Jul 13, 2017

@fsateler OK. I will read the log in detail. Recently in many PR the network related test have been failed on xenial-s390x. So I did not check the s390x log. Thanks.

@yuwata yuwata force-pushed the runtime-preserve branch 3 times, most recently from b758b74 to 7030367 Compare July 15, 2017 15:28
@yuwata
Copy link
Member Author

yuwata commented Jul 15, 2017

It seems that dropping privileges from networkd, resolved, and tymesyncd require more work. So, I will propose it in another PR. Now, the commits just add RuntimeDirectoryPreserve= and make RuntumeDirectory= support subdirectories.

poettering
poettering requested changes Jul 17, 2017
View reviewed changes
Copy link
Member

@poettering poettering left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks excellent already, just one minor issue left

src/core/load-fragment.c Outdated
}

if (!filename_is_valid(k)) {
if (!path_is_safe(k)) {
Copy link
Member

@poettering poettering Jul 17, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, I think we should not permit absolute paths here, just to avoid confusion

Copy link
Member Author

@yuwata yuwata Jul 17, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've add path_is_absolute() here in the revised version.

src/shared/bus-unit-util.c Outdated

r = sd_bus_message_append(m, "v", "u", mode);


Copy link
Member

@poettering poettering Jul 17, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

spurious newline

Copy link
Member Author

@yuwata yuwata Jul 17, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@yuwata
core: allow preserving contents of RuntimeDirectory= over process res…
53f47df 
…tart

This introduces RuntimeDirectoryPreserve= option which takes a boolean
argument or 'restart'.

Closes systemd#6087.
@yuwata yuwata force-pushed the runtime-preserve branch from 7030367 to 41a0fb7 Compare July 17, 2017 07:23
@yuwata yuwata force-pushed the runtime-preserve branch from 41a0fb7 to 23a7448 Compare July 17, 2017 07:31
@yuwata
Copy link
Member Author

yuwata commented Jul 17, 2017

@poettering Thank you for your review. Updated.
In the updated version, first create their parents with mode 0755, and create the lowest subdirectories with the mode specified in RuntimeDirectoryMode=.

@poettering
Copy link
Member

poettering commented Jul 17, 2017

thanks! lgtm!

@poettering poettering added good-to-merge/waiting-for-ci 👍 PR is good to merge, but CI hasn't passed at time of review. Please merge if you see CI has passed and removed reviewed/needs-rework 🔨 PR has been reviewed and needs another round of reworks labels Jul 17, 2017
@poettering poettering merged commit 7398320 into systemd:master Jul 17, 2017
@yuwata yuwata mentioned this pull request Jul 17, 2017
Merged
@evverx
Copy link
Contributor

evverx commented Jul 17, 2017

I've just filed #6391 about not calling chown when root is not assigned to User explicitly.

@yuwata yuwata mentioned this pull request Jul 18, 2017
Closed
@yuwata yuwata deleted the runtime-preserve branch November 12, 2017 05:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@poettering poettering poettering approved these changes

+1 more reviewer

@boucman boucman boucman left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

good-to-merge/waiting-for-ci 👍 PR is good to merge, but CI hasn't passed at time of review. Please merge if you see CI has passed pid1

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@yuwata @fsateler @poettering @evverx @boucman