systemd by example, Testing Private Methods, and Ed25519 Signatures
#systemd #SoftwareDevelopment #cryptography
👉 Please retweet if you ❤ Plurrrr. Thanks! 👍
Looking forward tomorrow 3 days hackfest organized by @tbernard
The main topic is GNOME mobile, but I expect there will be lots of collateral topics such as camera, hardware enablement, adaptive apps, UX, platform APIs, interoperability, and coordination.
We'll have people from @gnome @purism #systemd @mntmn @postmarketOS @FlatpakApps #Flathub #Phosh #freedesktop
I will be moderating and support where I can. Hopefully get some work done too.
seriously, I don't get the #SystemD haters.
#Redhat is doing another #systemD and doubling down on #Walyand by dropping #LibreOffice, because apparently editing images is more important than editing documents. #mywayorthehighway #debian is sure to follow again
How launch Firefox snap with profile that is already running #2204 #firefox #snap #systemd #dbus
Debugging DNS (client-side) related stuff is so tiresome...
Anyways, I'm happy now with my new networkd+resolved+wpa_supplicant setup. Long story short: I was using iwd, but iwd does *nasty things* to udev and I was ready for a change.
Fingers crossed 🤞🏻 it doesn't break again!
rc-local.service: Failed with result 'exit-code' #commandline #2004 #systemd #vps
systemctl: Failed to connect to bus #systemd #services #xscreensaver
Firefox snap broken: cannot launch with profile that is already running #2204 #firefox #snap #systemd #dbus
Firefox snap broken because, apparently, systemd thinks $XDG_RUNTIME_DIR is not set #2204 #firefox #snap #systemd #dbus
Na #systemd się rozwala, na #OpenRC works as expected. 🤔 A już chciałem obwiniać @XOrgFoundation@floss.social.
Unable to create SystemD user service "Failed to connect to bus: Permission denied" #server #2004 #systemd
PvRecorder throws error when run in systemd service #python #alsa #systemd #services #2304
Can I just say that the errors you get back from #systemd's #dbus API are inscrutable nonsense and that the logs are frequently equally as unhelpful even if you try to turn on debug mode?
I've read so much of the systemd container code at this point. But, I did basically re-implement the systemd-nspawn CLI as a python library, so that's neat.
Well so far playing around with #VoidLinux on an old laptop I've #SwayWM up and running along with all my other stuff. I've built #Spotify from source without issue and just setup printing / scanning . Using #Runit for services is a doddle too no cumbersome #Systemd . Could :void: be about to replace #ArchLinux on my daily ?
I think I need more time just to make sure that it's really for me but the results so far are in favour of Void.
#fediverse you are my only hope...
I stopped using #OpenBSD some times ago because of my work and the need of some wine tricks or linux things.
Now apps are SaaS and Google WorkSpace (Yes I know.
The only piece of sh** that remains is the #aws VPN client that is targeted to Ubuntu (there is a AUR one that works) and #systemD
It is a patched OpenVPN build against openssl 1.1 🤢
All my search gave nothing serious.
Is there a chance that a #puffy guy is using that crappy AWS VPN everyday ?
Oops. The @opensuse conference has only two tracks, but I often has the same problems as with @fosdem :-) Right now listening to Ludwig Nussel of #SUSE talking about:
#systemd-boot introduction and challenges
It might affect me soon.
Help Executing a Script Before Suspend #bash #scripts #suspend #systemd
Ubuntu Linux segfault when transferring files over SFTP #systemd #python3 #segmentationfault #glibc
Systemd and Linux Network Namespaces together are terrible, although each is very nice individually. I have seperated clearnet access and dn42 access via netns in a lab setup. For each program I wanted to use in both namespaces, I had to copy-paste and customize the Systemd unit. This is terrible. Too bad Systemd doesn't support this natively, but only with tricks.
What kind of reason is "I don't like the concept"?
Personally, I find netns very handy because you can easily isolate networks (for example, dn42 and the Clearnet). This is also what Kioubit does in dn42, for example. To reject a proposal with this reasoning I think is wrong.
Hack of the day: keep the Emacs server running in the active login session
Prereqs for this hack being useful to you: (1) you use GNU Emacs; (2) you keep a single Emacs running in your session and use emacsclient to open files for editing in it; (3) you have Linux computers that use systemd on which you keep mul
#Computers #FreeSoftware #Emacs #GNUEmacs #hack #Linux #systemd
We need to get rid of Stallman-esque "neighsaying without providing alterantives that are available"...
Personally I do always choose to provide better alternatives instead of trashtalking...
Also #SystemD just works and fixes a shitload of issues and since I know how stupid most users are, I do tend to act as #BenevolentDictator on most systems just to avoid having to bi-weekly reinstall shit or do data recovery...
@arialdo @otfrom it's shitty #bloatware and basically worse than everything people accuse #SystemD to be...
Also it's made for bs legacy shit like the LISP machine and the "Space Cadet" Keyboard...
I'm convinced that https://fireship.io hasn't done an "#emacs in 100 seconds" video because of all the RMS fanboys serial-harassing the f**k out of everyone...
Mastodon Linux users, I need your help!!
I've been looking around for a new #Linux #distro to #distrohop (even though I swore to never distrohop again :P), but I can't find one that fits my needs:
- Built on #Debian Linux latest
- Supports more #apt providers
- Does not use #systemd, #pulseaudio & #x11
- Does use #PipeWire and #Wayland
- Has a big userbase and is maintained by a group of people, not an individual
I'd go for MX, but it breaks #3
I'm ok with X11 but I'd like it toggleable
I was #hardening some #systemd services and now I cannot unlock my screenlocker. :blobcatthink:
So I have just learned of #devuan, which is apparently #debian without #systemd. If I need a full-featured interactive #linux, I’m gonna give that a try.
And before you consider reporting this post, note that our server rules say one may hate on systemd all day long here. 😜
@rust_discussions none of my systems has #sudo - and never had.
"Back in the days", I just used "su", nowadays most applications use #PolicyKit to get elevated privileges for a specific operation and in case I need a full shell, "machinectl shell .host" (aliased to "msh" here) provides a proper (not just subprocess-spawned) session incl. a DBus and systemd user-session.
Linux-Init-Daemon: systemd erhält Userspace-only-Reboot
Der #Linux-Init-Daemon #systemd soll bald eine Funktion erhalten, mit der er einen "Soft-Reboot" ausführen kann. Das beschleunigt den Systemneustart stark.
| heise online
HOSIANNA! Ich habe #systemd besiegt 💪 Nachdem systemd ja frechweg das (dokumentierte) Flag "keyscript" in /etc/crypttab ignoriert, musste eine eigene Lösung her. Die Idee "ein systemd-Service, der das Schlüsselmaterial bereitstellt", war an sich richtig - das Skript zur richtigen Zeit ausführen zu lassen hingegen extremst tricky, es gibt nämlich kein Target das unmittelbar vor dem verschlüsselten Mounten liegt.
Dafür weiß ich jetzt, was Generators sind und woher die services für crypttab kommen
Der Linux-Init-Daemon systemd soll bald eine Funktion erhalten, mit der er einen "Soft-Reboot" ausführen kann. Das beschleunigt den Systemneustart stark.
https://www.heise.de/news/Linux-Init-Daemon-systemd-erhaelt-Userspace-only-Reboot-8990191.html via @heiseonline #Linux #systemd
@heiseonline und wieder Wasser auf den Mühlen der systemD Gegner....
@lethalbit Another alternative (if you use #systemd) is `machinectl shell`
Hey, do you know #systemd configuration? Could you help review this Mastodon PR: https://github.com/mastodon/mastodon/pull/24751
Converting systemd unit files to things suitable for SMF?
Speaking as the only person in the world who has written a #systemd unit converter, to my knowledge: this is not a trivial task.
@ska has just written up a page on unit file conversions, and xe points out, as I do, that there are architectural mismatches in some areas.
Ich glaube, #systemd und ich werden in diesem Leben echt keine Freunde mehr.
Mitten im apt full-upgrade stellt sich systemd-journald quer und die ganze Kiste hängt. Ich geh dann mal den Scherbenhaufen zusammenfegen... 🙄
If you're a user of WireGuard, Ansible, and systemd-networkd, you may be interested to know that I've just published version 2.0.0 of my 'ansible-systemd-network' roles collection. The addition in this version is a role to manage WireGuard tunnels 🙂
@ska @benjamineskola @apgarcia @lightning @zash
One of the older criticisms of #systemd development was that server use cases got far less attention than workstation, and indeed specifically laptop, use cases.
The always-on public HTTP server would be properly killed when the laptop lid was closed, but you had to look to a 4th-party plug-in to get service monitoring integrated into Nagios. (-:
@apgarcia @lightning @zash @ska
The scope of the software makes no magic difference to whether it's a valid metric, as I said. It's an invalid metric _whatever_ the software is. Because it's feeling the width, not measuring the quality.
The point is that it _isn't_ a valid one. It's exactly the sort of superficial analysis of #systemd that points at wholly the wrong things.
Valid critique looks at excessive coupling between nominally modular parts, the ad hoc nature of the "unit" concept, & the violation of design principles long accepted as good such as _compiling stuff_.
Counting manual pages is not valid critique. It's as invalid as, for starters, criticizing #OpenBSD for its 152 manpages on perl.
It is. No, I don't know who "V.R." is. (-:
But if one tries to reduce the explanation of why the architecture has problems to something simplistic, the simplistic thing is often egregiously wrong and contradicted often by the history of real Unix itself.
There are a whole bunch of bad, trite, & trivially disprovable critiques of #systemd; and they don't really help the world. Good criticism covers coupling, the irregular "unit" concept, parsing at runtime, & so forth.
In truth, #systemd rather started out with "let's replace Upstart", which had _already_ brought in the idea of doing whole parts of an operating system _very_ differently.
And in fairness, the (proverbial) goal of expanding until it can read mail has not yet been achieved. (-:
I recommend that article by "V.R.", and these as well, because a lot of the pop history is actually wrong:
The problems with #systemd are not measured with size metrics at all, though. For every tritely expressed metric, there are plenty of real world historical and present counterexamples showing that it isn't actually the case for historical or current operating systems nor other softwares.
"V.R.", whoever that is, did a far better job of analysis than wc(1), but also demonstrated that one really cannot boil this stuff down to simple slogans.
The people who say that will in the same breath argue that it's the "Unix Way" to have lots of little tools with their own manual pages rather than giant multitools with single thousands-of-lines-long manual entries.
So be careful what your off-the-cuff metrics actually are. They might be entirely contrary to the design ethos that you actually prefer.
@ska, Gerrit Pape, and I have toolsets with lots of manual pages, too. None yet includes reading mail. (-:
A new systemd method of rebooting described as ‘userspace-only reboot’ is in the works. It will enable a quick reset of the userspace e.g while updating image based Linux systems without shutting down the kernel. Check out the pull request:
Who would like to run #rclone started by a #systemd timer?
I prepared something: https://gist.github.com/Finkregh/7c16a70178318676f7e9f96bbf4061d2
I plan to spice it up by adding notifications to #pushover via https://www.scolby.com/2020/12/08/how-i-get-notified-of-failed-systemd-timers/
https://home-gallery.org/ is really quite nice for browsing a media archive going back over 2 decades. While setup in #rootless #dockercompose was slightly more annoying than I would have liked (permissions of bind-mounts in the non-root containers), I now have a #saltstack setup that allows me to deploy it (with rootless docker) within a few minutes on any new host, including #systemd timer based daily incremental update of the media index.
Initial indexing is slow-ish (>80.000 images with a whopping total of >250GB sitting on a RAIDZ array of spinning disks took over half a week to generate thumbnails and index files of 42GB), but afterwards accessing is pleasantly fast even from smartphones through a VPN tunnel, and the cross-referencing by time or location as well as face recognition or "likeness" of images (not ideal in terms of accuracy, but a pretty good start) gives my family a totally new way of browsing at photo collections.
I wrote something about running a systemd service as a regular user:
> Tell HN: #ChatGPT is fantastic for finding and solving issues in logs | Hacker News
> Just paste in a chunk of #systemd (or whatever) logs and start asking questions. Often just pasting in the logs and pressing enter results in it identifying potential problems and suggesting solutions. It helped me troubleshoot a huge amount of issues on linux desktops and servers that would have taken me a lot longer with google
I have to say that even if it does not bring many new features, I'm quite excited about the fact that #UbuntuTouch is now based on 20.04 and not 16.04. Sure, 20.04 still is old but it should now be much easier to change the base version now that the switch to #systemd is done. I already saw a phone running on 23.04 beta!
@joeyh Having the :gitannex: #gitAnnex assistant run permanently in the background on a phone seems to be quite a power hog though, probably due to the assistant's persistent connection to the remotes for instant syncing.
I'm experimenting with #systemd's MaxRuntimeSec=15min and RestartSec=3h for the git annex user service now as quick'n'dirty scheduling.
#Linux users when you say you like #systemd:
TIL: systemd ExecStartPre/ExecStopPost permissions
TIL that you can tell systemd to run any ExecStartPre and ExecStopPost scripts as root instead of the user the service is supposed to run under.
At the same time we can touch on how to create an override for a service. In my case, I wanted to override how Redis is started on a system to ensure hugepage was set correctly, per the
un error que de hecho se me ocurrió que podría pasar e ignoré. Al generar la unidad de #systemd para el servicio con #podman lo hice en #archlinux pero el sistema objetivo es ubuntu. Entonces hay una discrepancia en exactamente un argumento de línea de comandos usado. Fácil de corregir.
Become A :tor: Tor Bridge / ❄️ Snowflake, If You Haven't Already
Automated Installer To Become Dedicated ❄️ Snowflake Bridge On Any #Systemd #Linux Device, Using Single install Script (downloads / builds / creates dedicated service - can turn off anytime)
(+ Automated 'update" Option)
#Tor #Anonymity #HumanRights #proxy #China #GreatFirewall #Infosec #cybersecurity #security #privacy #Pinephone
📁 DOWNLOAD: https://github.com/RightToPrivacy/snowflake-tor-service
Just a reminder that #Microsoft #Windows #WSL2 is #Linux.
Now with more #systemd: https://devblogs.microsoft.com/commandline/systemd-support-is-now-available-in-wsl/
By the way, if you’re still using things like `nohup whatever &` to start an ad-hoc background process, have a look at `systemd-run` instead. It creates an ad-hoc, transient unit, that will show up in `systemctl status`, have logs in `journalctl`, etc.
For example, I’ve just used this to set a https://blink1.thingm.com animation in the background:
sudo systemd-run -u blink1-running blink1-tool -m 2500 -t 3000 --rgb 8f00af --blink 0
@Nitrux_NX AND you’re on Mastodon as well! Awesome!
Now that I have more #Linux experience under my belt, I find the concept of fully containerized apps intriguing, and I’m interested to see how the NX desktop tames #KDE, which I find to be overly busy and fussy.
Maybe a video from @thelinuxEXP can explain if #Systemd vs #OpenRC should be a concern for ordinary users like me. 😉
I have a question for #Linux nerds.
Is it possible to get #apcups alerts via email?
I have a #systemd process which logs events from my UPS to /var/log/apcupsd.events
When the power goes out, I get a "Power failure" message logged.
Is there a sensible way of running a process when that happens, sending me an email?
@cowsay exists! This was a fun little adventure figuring out how to glue together VHS, #cowsay, #toot, #Nix, and #systemd. I have a #NixOS module here in case anyone else is curious:
TIL: The Littlest JupyterHub uses a systemd-based spawner that leverages the MemoryLimit property of transient systemd services to allocate a per-user RAM limit. Awesome work by @yuvipanda
Uhhhh just spent an hour moving from my existing Systemd WSL setup to the new shiny official Systemd support for WSL!
...only to find out it didn't even fix the one issue I had and also broke my Docker and ssh in the process. (Probably because of namespaces but too lazy to verify).
Finally finished reverting back to my old setup using this script: https://github.com/diddledani/one-script-wsl2-systemd Thanks for making it @diddledani!
Good evening good folx of the :fediverse: It's time for your evening #ConnectionList #Introduction. Please meet:
@ashul is a #WebDev and a #runner, living on #Noongar country in #Perth 🇦🇺 👋
@badri is a #writer and #NonFiction #Editor, on the lookout for pieces of #science, #culture, #history and #philosophy 👋
Dr @annettamallon is an #EndOfLife consultant and #doula, with an interest in #sociology and #SocialResearch. She is a #writer and #mentor on #Lutruwita land #Tasmania 👋
@lathiat is into #linux #ubuntu, #ceph and #OpenStack and maintains Avahi #mDNS. It's always DNS, right?! 👋
@benno You might know him as Jeamland, Benno Has Opinions on #systemd 😆 🇦🇺 Writes about #software, and importantly, the people behind it 👋
@melodytaba is a #PhD candidate #researcher at Sydney Uni, researching #Youth #DigitalHealth #SocialMedia #SciComm 👋
@derek is a #ProductManager who is into #SolarPunk and #sustainability 🇺🇸 👋
life goal: ✅ 🤣
Distinguished Professor @gernot heads up the #TrustedSystems #systems group at UNSW and is the the founding Chairman of #seL4 - the world's most assured #linux #kernel. 🇦🇺 👋
@estark works on #security and #PKI for Chrome browser - #HTTPS, #certs, #encryption and the like 👋
That's all for this evening, why not consider building your own #ConnectionList? ❤️
Just set up my server to backup daily to Backblaze B2! Also set up Postfix to send me an email via the Mailjet relay if it fails ^^
Also yes I guess now my server can email me whenever it detects an "intrusion" lol (wrong password in sudo)
Learnt a bit about #systemd today. Essential skill, eh :P
To any other #MastodonAdmin and #MastodonOwner who might need this info:
If you use `n` to manage your #NodeJS version, the default #Mastodon streaming #systemd config uses `/usr/bin/node`, which will be your system’s node package. Change that to `/usr/bin/env node` to use the one from n.
The file is “/etc/systemd/system/mastodon-streaming.service”.
Hope this helps. #mastodonserver #devops #mastodonstreaming #mastodonerror
Do you know about http://verybad.kushaldas.in:8000/ experiment? This web application has a lot of #security holes, and I tried to secure it using only #systemd. Feel free to do a round of #pentest, #attack the box. Remember to let me know what did you find.
The box is up from April end 2022.
Please boost so that your other security minded friends see this. I try to make sure that any learning from this goes back to systemd upstream.
Problem 1 bestand darin, dass Aufgaben, die Mastodon im Hintergrund von einer Komponente namens #Sidekiq abarbeiten lässt, immer mehr wurden. Zeitweise dauerte es über eine halbe Stunde, bis neue Beiträge in den Zeitleisten erschienen. Auch das Anhängen von Medien an Tröts dauerte so lange!
Ursache war der starke Anstieg der Nutzendenzahlen seit dem 27.10.2022.
Das haben wir zuerst dadurch zu lösen versucht, dass wir der virtuellen Maschine auf unserer eigenen Hardware mehr Ressourcen (RAM, vCPUs) gaben. Aber es wurde dadurch nicht besser.
Erst als wir Rat bei erfahreneren Mastodon-Admins suchten, kamen wir auf die richtige Spur. Ingo @ij riet uns, mehr Sidekiq-Prozesse zu starten, und schlug uns eine Lösung mit zusätzlichen #systemd-Service-Files vor. Wer Docker einsetzt, kann das gleiche auch auf anderem Weg erreichen: https://blog.freeradical.zone/post/surviving-thriving-through-2022-11-05-meltdown/#technical-details
Mehr dazu: https://docs.joinmastodon.org/admin/scaling/
Ingos Vorschlag hat unser Lastproblem gelöst. Unser ewiger Dank gehört dir!
Tested on #Pinephone + #EndeavourOS. Works on most Linux OS.
Only needs #systemd if you want to "start selected flags at boot"
-w flag requires nmcli (#NetworkManager), signal strength related: wireless-tools
#Privacy #macAddress #spoofing #Linux #FOSS #bash #systemd #wifi #Pinephone
#Linux #LinuxTablet #LinuxAudio
Supposedly #RedHat has decided to depreciate #VirtManager in favor of #Cockpit. Cockpit will likely get Red Hat’s money instead of Virt-Manager, although development of Virt-Manager will still continue—likely independently. Cockpit seems modern and nice, but apparently requires hosts and guests to use #Systemd, which would rule out my usage of virtualizing OSes like #Androidx86, I believe. I guess I could use #VirtualBox for those OSes in given no other option.
#linuxtablet #linuxaudio #systemd It’s time to check in again. I am still experimenting and cataloging audio plugins that scale properly on high resolution screens. There aren’t too many, but the essential ones are there. Lately, I’ve been digging into Linux internals and wrapping my head around systemd. I’m convinced if I had understood more of this, I would have been able to fix my Arch distro. I think my problem was related to competing services—I needed to stop one of them.