[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Back to systemd [was: Re: New list for Raspbian? (was: Re: systemdq)]

ghe <ghe@slsware.net> wrote:
> On 12/30/19 3:54 PM, Andrei POPESCU wrote:

>> Please show us the full output of
>> 
>>     systemctl status YOUR_SERVICE_UNIT

> root@test:~# systemctl status ipfilter
> ● ipfilter.service - packetFilter
>    Loaded: loaded (/usr/lib/systemd/system/ipfilter.service; enabled;
> vendor preset: enabled)
>    Active: inactive (dead) since Mon 2019-12-30 16:23:33 MST; 1min 41s ago
>   Process: 393 ExecStart=/etc/ipfilterfiles/ipfilter.sh on (code=exited,
> status=0/SUCCESS)
>   Process: 1520 ExecStop=/etc/ipfilterfiles/ipfilter.sh off
> (code=exited, status=0/SUCCESS)
>  Main PID: 393 (code=exited, status=0/SUCCESS)


Please show the output of

    systemctl cat YOUR_SERVICE_UNIT

This will show all additions and overrides to the unit.

> Dec 30 16:23:00 test ipfilter.sh[1520]: [ OK ]   Saved HTTP_BLK to
> /etc/ipfilterfiles/savedHTTP_BLK.sh
> Dec 30 16:23:00 test ipfilter.sh[1520]: [ OK ]   Saved POP_BLK to
> /etc/ipfilterfiles/savedPOP_BLK.sh
> Dec 30 16:23:00 test ipfilter.sh[1520]: [ OK ]   Saved NTP_BLK to
> /etc/ipfilterfiles/savedNTP_BLK.sh
> Dec 30 16:23:01 test ipfilter.sh[1520]: [ OK ]   Saved SMTP_BLK to
> /etc/ipfilterfiles/savedSMTP_BLK.sh
> Dec 30 16:23:01 test ipfilter.sh[1520]: [ OK ]      Accepting all slsware
> Dec 30 16:23:33 test root[1751]: packetFilter: off (ACCEPT all) at Mon
> 30 Dec 2019 04:23:33 PM MST
> Dec 30 16:23:33 test ipfilter.sh[1520]: [ OK ]      Accepting all input
> Dec 30 16:23:33 test ipfilter.sh[1520]: [ OK ]      Accepting and
> masquerading all routing
> Dec 30 16:23:33 test ipfilter.sh[1520]: [ OK ]      Accepting all output
> Dec 30 16:23:33 test systemd[1]: ipfilter.service: Succeeded.

>> immediately after boot and also explain what makes you think the service 
>> is not actually running.

Your shell script isn't really daemon, so it is normal to not stay
running after it setup the iptables rules.

See for example the ferm.service doing the same on my system:

,----
| ● ferm.service - ferm firewall configuration
|      Loaded: loaded (/lib/systemd/system/ferm.service; enabled; vendor preset: enabled)
|     Drop-In: /etc/systemd/system/ferm.service.d
|              └─override.conf
|      Active: active (exited) since Fri 2019-10-04 14:37:39 CEST; 2 months 26 days ago
|    Main PID: 1663 (code=exited, status=0/SUCCESS)
|       Tasks: 0 (limit: 19173)
|      Memory: 0B
|      CGroup: /system.slice/ferm.service
`----

It also terminates after doing its thing.

I think your unit is missing the following:

,----
| [Service]
| Type=oneshot
| RemainAfterExit=yes
`----

> And how did that file get in /usr? When I wrote it, it was in
> /lib/systemd/system.

usr-merge is the keyword here.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.
Reply to: