port Whonix's init.d scripts to systemd
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Patrick
	Jan 22 2015, 10:24 PM

Description

(To find them...)

find . -type f | grep init.d

Comments on roughly guessed difficulty.

~~easy: ./packages/whonixcheck/etc/init.d/whonixcheck~~
~~easy: ./packages/ksm/etc/init.d/ksm~~ (patches welcome) -> https://packages.debian.org/sid/ksmtuned
~~hard: ./packages/sdwdate/etc/init.d/sdwdate~~
~~hard: timesync~~
~~medium: ./packages/swap-file-creator/etc/init.d/swap-file-creator~~
~~easy: ./packages/msgcollector/etc/init.d/msgcollector~~
~~medium: ./packages/vbox-disable-timesync/etc/init.d/vbox-disable-timesync (not ported to systemd, but made compatible, see below)~~
medium: ./anon-ws-disable-stacked-tor/etc/init.d/tor.anondist -> T303
~~easy: ./packages/timesanitycheck/etc/init.d/timesanitycheck~~
~~harder: ./packages/whonix-initializer/etc/init.d/whonix-initializer (done)~~
~~easy: ./packages/bootclockrandomization/etc/init.d/bootclockrandomization~~
unknown: https://github.com/troubadoour/control-port-filter-python in Whonix 10. (See also: https://git-tails.immerda.ch/tails/tree/config/chroot_local-includes/lib/systemd/system/tor-controlport-filter.service?h=feature/jessie): T274
~~hard: rads: T57~~

Forum thread:
https://www.whonix.org/forum/index.php/topic,707

Details

Impact: High

Related Objects

Mentioned In: T315: disable rads, whonix-initializer and swap-file-creator systemd unit files in qubes-whonix
T309: consider deleting old Whonix 10`ish /etc/init.d scripts during upgrade to Whonix 11
Mentioned Here: T303: anon-ws-disable-stacked-tor/blob/master/etc/init.d/tor.anondist vs systemd, insserv already provided issue
T274: control-port-filter-proxy sd_notify support
T57: implement rads (ram adjusted desktop starter) systemd unit

Event Timeline

Patrick created this task.Jan 22 2015, 10:24 PM

Patrick raised the priority of this task from to Normal.

Patrick updated the task description. (Show Details)

Patrick added projects: Whonix 10, Debian version 8 codename Jessie, systemd.

Patrick added a subscriber: Patrick.

Herald added a project: Whonix. · View Herald TranscriptJan 22 2015, 10:24 PM

https://github.com/Whonix/swap-file-creator/commit/cba4e22135737f2966766711bfb606c0f905a4c4

Herald added a subscriber: • WhonixQubes. · View Herald TranscriptApr 2 2015, 2:56 PM

Patrick raised the priority of this task from Normal to High.Apr 2 2015, 3:31 PM

Patrick set Impact to Needs Triage.

I won't do create a systemd unit as replacement for ./packages/ksm/etc/init.d/ksm myself, because the package does not get installed by default and because there is now https://packages.debian.org/sid/ksmtuned. Patches welcome. @HulaHoop

Patrick updated the task description. (Show Details)Apr 2 2015, 3:42 PM

control-port-filter-python - added systemd service:
https://github.com/Whonix/control-port-filter-python/commit/d8e1d5711d2a71a9ab638c03e84a0d9b48d7ae48
Could you review that systemd unit please, @nrgaway?

May be helpful for systems configuration. Debian directory structure could be different:

https://access.redhat.com/articles/754933

Paths of the ksm/ksmtuned services on RHEL family:
/usr/lib/systemd/system/ksmtuned.service
/usr/lib/systemd/system/ksm.service

Is adding this for ksmtuned a matter of emulating your commit?

No.

Patrick edited projects, added Whonix 11; removed Whonix 10.Apr 4 2015, 12:06 PM

In T106#3482, @HulaHoop wrote:

May be helpful for systems configuration. Debian directory structure could be different:

https://access.redhat.com/articles/754933

Paths of the ksm/ksmtuned services on RHEL family:
/usr/lib/systemd/system/ksmtuned.service
/usr/lib/systemd/system/ksm.service

Is adding this for ksmtuned a matter of emulating your commit?

Debian systemd layout is same as fedora.

If you plan on overriding an upstream packages unit files, there are a few options:

If you just adding a path or something, add a snippet
place overridden unit file in /etc/system/systemd (This is wehre local modifications go). If you are using another name than the original systemd file, add an Alias in the install section

[Install]
WantedBy=multi-user.target
Alias=qubes-network.service

Then you would need to disable and enable the service to take effect.

add a snippet

Can you please elaborate?

@nrgaway?

I am not sure if we should remove old sysvinit scripts from packages once systemd units are available. They don't conflict. And someone might wish to use/port the package on systems without systemd. Mailed Paul Wise from Debian what the best practice about this is.

In T106#3814, @Patrick wrote:

add a snippet

Can you please elaborate?

From https://lwn.net/Articles/542609/

Configuration of unit files may now be extended via drop-in
files without having to edit/override the unit files
themselves. More specifically, if the administrator wants to
change one value for a service file foobar.service he can
now do so by dropping in a configuration snippet into
/etc/systemd/systemd/foobar.service.d/*.conf. The unit logic
will load all these snippets and apply them on top of the
main unit configuration file, possibly extending or
overriding its settings. Using these drop-in snippets is
generally nicer than the two earlier options for changing
unit files locally: copying the files from
/usr/lib/systemd/system/ to /etc/systemd/system/ and editing
them there; or creating a new file in /etc/systemd/system/
that incorporates the original one via ".include". Drop-in
snippets into these .d/ directories can be placed in any
directory systemd looks for units in, and the usual
overriding semantics between /usr/lib, /etc and /run apply
for them too.

Great stuff. Needless to say I am a huge fan of drop-in snippets.

In T106#3920, @Patrick wrote:

I am not sure if we should remove old sysvinit scripts from packages once systemd units are available. They don't conflict. And someone might wish to use/port the package on systems without systemd. Mailed Paul Wise from Debian what the best practice about this is.

They can confilct and it is a PITA to debug. You can keep the sysv init scripts in your Debian package but don't install them. I just went though that with network-manager; was wondering why 2 of them were popping up.

Also in order for a systemd unit file to override the sysv init one, you have to first disable it, then re-enable it and they should be both of the same name or you may need to set an alias

whonixcheck:
https://github.com/Whonix/whonixcheck/commit/c91dc77a1dae49be4635380e330fdfda9cb4ada2

Patrick updated the task description. (Show Details)May 13 2015, 2:23 PM

Patrick changed Impact from Needs Triage to High.

msgcollector:
https://github.com/Whonix/msgcollector/commit/ff50e3c286fea6663f6d45906411177080f9a1bd

Patrick updated the task description. (Show Details)May 13 2015, 2:42 PM

Patrick updated the task description. (Show Details)May 13 2015, 2:45 PM

bootclockrandomization:
https://github.com/Whonix/bootclockrandomization/commit/77d3e620017dd067e1660e7bebf582f042484c47

Patrick updated the task description. (Show Details)May 13 2015, 7:52 PM

timesanitycheck:
https://github.com/Whonix/timesanitycheck/commit/03640195a9c6b18ae1259b62a44994c32619add9

Patrick updated the task description. (Show Details)May 13 2015, 8:26 PM

swap-file-creator:
https://github.com/Whonix/swap-file-creator/commit/a8f58cf240763599613e3ab4598a3e7e34400caa

Patrick updated the task description. (Show Details)May 13 2015, 8:50 PM

Patrick updated the task description. (Show Details)May 13 2015, 9:46 PM

vbox-disable-timesync, no port to systemd, because upstream does not provide a systemd unit, diverting it, more robust implementation that is compatible with systemd:
https://github.com/Whonix/vbox-disable-timesync/commit/958086eb0d55e0669492ab16ec15d810a533f597

Patrick updated the task description. (Show Details)May 14 2015, 11:12 AM

Patrick updated the task description. (Show Details)May 14 2015, 12:09 PM

Patrick updated the task description. (Show Details)

sdwdate:
https://github.com/Whonix/sdwdate/commit/62c32cb2cd2bb9f518bb8b5cd7c84906a4294f1e

timesync:
https://github.com/Whonix/timesync/commit/270a1f3fb397deda261e11e5d4c38e435bbb40d4

sdwdate pidfile is still missing and timesync complains about that. Working on that.

Fixed that:

Patrick updated the task description. (Show Details)May 14 2015, 11:21 PM

TODO: most should use SuccessExitStatus.

In T106#4449, @Patrick wrote:

TODO: most should use SuccessExitStatus.

Done:

So far everything done here. Created follow up tasks for remaining work.

Patrick updated the task description. (Show Details)May 16 2015, 3:00 AM

Patrick mentioned this in T309: consider deleting old Whonix 10`ish /etc/init.d scripts during upgrade to Whonix 11.May 16 2015, 3:06 AM

fix, renamed lib/systemd/system/timesanitycheck to lib/systemd/system/timesanitycheck.service:
https://github.com/Whonix/timesanitycheck/commit/fee20a038d26f281fbbcfe904ece3bd11f556bf9

fix, lib/systemd/msgcollector.service -> lib/systemd/system/msgcollector.service - https://phabricator.whonix.org/T106:
https://github.com/Whonix/msgcollector/commit/a708e9180eb22038aad68e5fb0990a4122eb9daa

fix:
https://github.com/Whonix/msgcollector/commit/8132e8a8ffaeede8557f9482ff64464c5c998296

systemd unit: added 'KillMode = process', because the daemon handles terminating child processes itself - https://phabricator.whonix.org/T106:
https://github.com/Whonix/sdwdate/commit/3a14c5ecc0649c66df43a396a20a47da4b27383d

systemd unit: added 'KillMode = process', because the daemon handles terminating child processes itself - https://phabricator.whonix.org/T106
https://github.com/Whonix/whonixcheck/commit/7cb379710c081a3e14a68b41d1f30c68ca5f1b0e

Patrick mentioned this in T315: disable rads, whonix-initializer and swap-file-creator systemd unit files in qubes-whonix.May 18 2015, 11:39 AM

systemd unit: added 'Before=rads.service' to prevent output by rads mixing up with output by whonix-initializer and to prevent the login manager from starting before whonix-initializer rebooted the system:
https://github.com/Whonix/whonix-initializer/commit/80dbb25732d58cab3a3abbe7634345d42848d4a5

when timesync (sdwdate gui plugin) is installed, then the sdwdate.service needs an additional 'Requires = msgcollector.service' - https://phabricator.whonix.org/T106:
https://github.com/Whonix/timesync/commit/e1e88c84c07697825a4aea14ac1c723192a58075

systemd unit: added 'Before=control-port-filter-python.service:
https://github.com/Whonix/whonix-initializer/commit/ace6738ef5ebb00ac5bc645d80577011b873e506

more work on systemd support - https://phabricator.whonix.org/T106:
https://github.com/Whonix/timesync/commit/0a76d86a8e37ae9691374da69bdef452b6def7cc

systemd unit: added 'StandardOutput=tty' for better look and feel. - https://phabricator.whonix.org/T106
https://github.com/Whonix/swap-file-creator/commit/f49f572e5a06ed33eeacc5647f0f85751cc611b9

more work on systemd support - https://phabricator.whonix.org/T106:

systemd unit: added 'Before=tor.service' and 'After=swap-file-creator.service' for better look and feel. - https://phabricator.whonix.org/T106:
https://github.com/Whonix/whonix-initializer/commit/0c1490942edd4c58207980785bb658afa163cb15

systemd unit: added 'Before=graphical.target' and 'Before=getty.target' - https://phabricator.whonix.org/T106:
https://github.com/Whonix/msgcollector/commit/ab24bd261d8ac2027f6a3ad85da4b4a3d416b044

port Whonix's init.d scripts to systemdClosed, ResolvedPublicActions

Description

Details

Related Objects

Event Timeline

port Whonix's init.d scripts to systemd
Closed, ResolvedPublic
Actions