Page MenuHomePhabricator

disable rads, whonix-initializer and swap-file-creator systemd unit files in qubes-whonix
Closed, ResolvedPublic

Description

As a follow up ticket of T106 and T312...

rads, whonix-initializer and swap-file-creator systemd unit files should be disabled in the qubes-whonix package.

[Unit]
ConditionPathExists = !/usr/lib/qubes-whonix

That's done for rads already. Are whonix-initializer and swap-file-creator are remaining TODO.

I (Patrick) don't mind if @nrgaway does this or if I provide another pull request.

Details

Impact
Normal

Event Timeline

Patrick created this task.May 18 2015, 1:39 PM
Patrick raised the priority of this task from to Normal.
Patrick updated the task description. (Show Details)
Patrick set Impact to Normal.
Patrick added subscribers: Patrick, nrgaway.

Those are already disabled. As well, I have already created a systemd rule for whonix-initializer and just created one for swap-file-creator. As stated I have the rads one already from your PR

disableSystemdUnits \

qubes-whonix-network \
qubes-whonix-firewall \
sdwdate \
whonixcheck \
network-manager \
spice-vdagent \
swap-file-creator \
whonix-initializer \
tor
nrgaway closed this task as Resolved.May 18 2015, 10:38 PM
nrgaway claimed this task.
Patrick reopened this task as Open.May 18 2015, 11:22 PM

It's a hackish solution. We can get rid of the whole non-standard disableSystemdUnits hopefully.

Quoting myself.

In T316#4749, @Patrick wrote:

pull request against @nrgaway/qubes-whonix,
systemd unit file remove spaces fix/workaround:
https://github.com/nrgaway/qubes-whonix/pull/3

That should also help to abolish that hack.

Patrick changed the task status from Open to Review.May 26 2015, 6:57 PM

pull request...
clean mechanism to skip starting services network-manager, spice-vdagent, swap-file-creator and whonix-initializer in Qubes using /etc/systemd/system/unit.service.d directory - https://phabricator.whonix.org/T315:
https://github.com/nrgaway/qubes-whonix/pull/5

Please review and merge. @nrgaway

Few more comments:

  • Not starting spice-vdagent might not work, because that package still comes with a sysvinit script from Debian. But nevermind. spice-vdagent only gets installed when using the build script with --target qcow2. So deactivating/overwriting it is not really necessary anymore.
  • This pull request is independent. Shouldn't cause a lot issues.
  • However, this pull request should also allow for a follow up task. Abolishing all manual interaction with systemd, i.e. abolishing disableSystemdUnits, enableSystemdUnits and systemctl restart. Needs quite some testing, I guess? @nrgaway Or anything more required still to be able to abolish these hacks? Can be done for Whonix 11 or Whonix 12. (Whonix 11 task list is getting smaller.)

I don't consider enable SystemdUnit hacks if there are no other deb-installer solutions to ensure a proper state.

The rules can be removed for spice-vdagent, whonix-initalizer and swap-file-creator since you added systemd overrides.

I commented on your PR https://github.com/nrgaway/qubes-whonix/pull/5; needs a few small tweaks before merge.

Done.

In T315#4975, @nrgaway wrote:

I don't consider enable SystemdUnit hacks if there are no other deb-installer solutions to ensure a proper state.

What's the problem that needs to be solved?

  • a rush to make Whonix work with systemd (T273), ...
  • the systemd unti file spaces issue that lead to services not being enabled by default T316
  • the Tor reload on first boot issue T320

All bugs in Whonix core that are now solved.

nrgaway closed this task as Resolved.Jun 6 2015, 6:21 PM