Page MenuHomePhabricator

disable rads, whonix-initializer and swap-file-creator systemd unit files in qubes-whonix
Closed, ResolvedPublic

Description

As a follow up ticket of T106 and T312...

rads, whonix-initializer and swap-file-creator systemd unit files should be disabled in the qubes-whonix package.

[Unit]
ConditionPathExists = !/usr/lib/qubes-whonix

That's done for rads already. Are whonix-initializer and swap-file-creator are remaining TODO.

I (Patrick) don't mind if @nrgaway does this or if I provide another pull request.

Details

Impact
Normal

Event Timeline

Patrick raised the priority of this task from to Normal.
Patrick updated the task description. (Show Details)
Patrick set Impact to Normal.
Patrick added subscribers: Patrick, nrgaway.

Those are already disabled. As well, I have already created a systemd rule for whonix-initializer and just created one for swap-file-creator. As stated I have the rads one already from your PR

disableSystemdUnits \

qubes-whonix-network \
qubes-whonix-firewall \
sdwdate \
whonixcheck \
network-manager \
spice-vdagent \
swap-file-creator \
whonix-initializer \
tor
nrgaway claimed this task.

It's a hackish solution. We can get rid of the whole non-standard disableSystemdUnits hopefully.

Quoting myself.

In T316#4749, @Patrick wrote:

pull request against @nrgaway/qubes-whonix,
systemd unit file remove spaces fix/workaround:
https://github.com/nrgaway/qubes-whonix/pull/3

That should also help to abolish that hack.

Patrick changed the task status from Open to Review.May 26 2015, 6:57 PM

pull request...
clean mechanism to skip starting services network-manager, spice-vdagent, swap-file-creator and whonix-initializer in Qubes using /etc/systemd/system/unit.service.d directory - https://phabricator.whonix.org/T315:
https://github.com/nrgaway/qubes-whonix/pull/5

Please review and merge. @nrgaway

Few more comments:

  • Not starting spice-vdagent might not work, because that package still comes with a sysvinit script from Debian. But nevermind. spice-vdagent only gets installed when using the build script with --target qcow2. So deactivating/overwriting it is not really necessary anymore.
  • This pull request is independent. Shouldn't cause a lot issues.
  • However, this pull request should also allow for a follow up task. Abolishing all manual interaction with systemd, i.e. abolishing disableSystemdUnits, enableSystemdUnits and systemctl restart. Needs quite some testing, I guess? @nrgaway Or anything more required still to be able to abolish these hacks? Can be done for Whonix 11 or Whonix 12. (Whonix 11 task list is getting smaller.)

I don't consider enable SystemdUnit hacks if there are no other deb-installer solutions to ensure a proper state.

The rules can be removed for spice-vdagent, whonix-initalizer and swap-file-creator since you added systemd overrides.

I commented on your PR https://github.com/nrgaway/qubes-whonix/pull/5; needs a few small tweaks before merge.

Done.

In T315#4975, @nrgaway wrote:

I don't consider enable SystemdUnit hacks if there are no other deb-installer solutions to ensure a proper state.

What's the problem that needs to be solved?

  • a rush to make Whonix work with systemd (T273), ...
  • the systemd unti file spaces issue that lead to services not being enabled by default T316
  • the Tor reload on first boot issue T320

All bugs in Whonix core that are now solved.