systemd: 239 -> 242 #61321
systemd: 239 -> 242 #61321
Conversation
| @@ -282,6 +278,8 @@ in | |||
|
|
|||
| services.udev.path = [ pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.utillinux udev ]; | |||
|
|
|||
| boot.kernelParams = mkIf (!config.networking.usePredictableInterfaceNames) [ "net.ifnames=0" ]; | |||
There was a problem hiding this comment.
Does this work for all our cases? Previously we did exclude a udev rule. That could have affected containers and similar constructs. Now we only affect "real" systems.
There was a problem hiding this comment.
tl;dr I don't think this should affect containers or custom network namespace applications.
As I understand it, the interface renaming should only effectively applied to physical interfaces (or if the kernel declares it as predictable) because the physical location is coded into the interface name (see NamePolicy in systemd.link(5) manpage). When creating virtual netdevs like vlans or bridges a custom name has to be supplied anyway. When moving physical interfaces to containers the interface has already been renamed on the host.
| @@ -59,7 +59,14 @@ in | |||
| in { | |||
| DHCP = override (dhcpStr cfg.useDHCP); | |||
| } // optionalAttrs (gateway != [ ]) { | |||
| gateway = override gateway; | |||
| routes = override [ | |||
There was a problem hiding this comment.
I am not convinced this is the best way to solve this right now.
The issue was that we would add onlink routes for all network devices on the system. Introduced in systemd/systemd@4912ab7 systemd would set the onlink attribute for all routes that didn't come with static addresses.
There was a problem hiding this comment.
It's certainly not ideal but then again adding the default gateway to every interface is FUBAR anyway. This fix is IMHO fine until we finally deprecate networking.defaultGateway and move it to the per interface configurations.
There was a problem hiding this comment.
👍 I created an issue for this (#61629) and also added it to our systemd project board https://github.com/NixOS/nixpkgs/projects/22. (I am trying to populate that more with all the things we come across wile working on this PR).
|
I'm testing this now |
|
You might want to use `nixos-rebuild boot`. I lost control of my pid1 after
switching. No idea what we can do about that.
…On Sun, 12 May 2019, 11:58 Milan, ***@***.***> wrote:
I'm testing this now
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#61321 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAE365F4R27JOIPPSMSPWTDPU7S4RANCNFSM4HMJAV2A>
.
|
|
Yup, saw that too late, this is what it looked like: |
|
we should probably also check why the failure with #56265 (comment) can't be reproduced anymore, and drop the systemd patch referenced there, if it's not effective anymore. |
|
I figured out why we can't reproduce the error anymore - see explanation in #56265 (comment). @andir, could you incorporate flokli@92600a9 into this PR, and drop andir/systemd@51077a9 from your systemd branch? I'll try having a look at how to best fix |
|
@andir loosing control as in no longer being able to contact via dbus? |
|
Not 100% certain this is related /var/lib exists and is a directory. |
Yes, the output looked very similar to #61321 (comment).
I am having the same. It seems like the daemon never came up after switching to the new systemd version. I have some idea what might cause this and will debug this tonight. |
|
The timesyncd issue has been reported for Arch-based distros too: |
|
This pull request has been mentioned on Nix community. There might be relevant details there: https://discourse.nixos.org/t/what-are-your-goals-for-19-09/2875/22 |
|
There's some more WIP patches over at https://github.com/flokli/nixpkgs/commits/systemd-v242-fk (not merged in yet here). Planning to add some more tests for LVM and crypted volumes, plus testing of the |
|
I spent a bit of time on the systemd-timesyncd issue.
Removing the old symlink `/var/lib/systemd/timesync` fixed it for me
locally. It pointed to `../private/systemd/timesync`
(`/var/lib/private/systemd/timesync`) since the unit was previously
running with `DyanmicUser=1`.
The issue here seems to be that even though the permissions were okay
timesyncd doesn't follow symlinks (anymore?) and thus fails to access
the path that was symlinked.
Upon the next start the directory (/var/lib/systemd/timesync) was
created. That is definitly not a fix that I'd like to ship to users.
Looking at the changes bit more lead me to the upstream commit 162e0b7
[0] where dynamic users was removed from systemd-timesyncd. Following
that to the related PR 10117 [1] referrenced downstream issues from
Debian and Fedora. The Debian issue seems to be about some confusion
regarding "unknown users" from DBus. Following the Debian issue led to
the bug 9503 [3] where a lengthy discussion and a commit that we've been
shipping in v239 [4]. So I didn't chase that route further.
Looking at how Fedora dealt with the issue brought me to their package
spec [5] file. They check if `/var/lib/systemd/timesync` is a symlink
and in that case they remove it and move the data from
`/var/lib/private/systemd/timesync` to `/var/lib/systemd/timesync`.
At this point I think it might be a safe way to do that in an automated
fashion when switching to a new generation - before starting
systemd-timesyncd.
Any thoughts?
/cc @flokli @petabyteboy
[0] systemd/systemd@162e0b7
[1] systemd/systemd#10117
[3] systemd/systemd#9503
[4] NixOS/systemd@b179909
[5] https://src.fedoraproject.org/rpms/systemd/blob/b9896dc2cebc3c4cfda0a6c355183f645e372765/f/systemd.spec#_606
|
|
I dropped the commit @flokli mentioned in #61321 (comment). Rerunning all the tests 🎉 |
| # The interface version prevents NixOS from switching to an | ||
| # incompatible systemd at runtime. (Switching across reboots is | ||
| # fine, of course.) It should be increased whenever systemd changes | ||
| # in a backwards-incompatible way. If the interface version of two | ||
| # systemd builds is the same, then we can switch between them at | ||
| # runtime; otherwise we can't and we need to reboot. | ||
| passthru.interfaceVersion = 2; | ||
| passthru.interfaceVersion = 3; |
There was a problem hiding this comment.
What's the reason for bumping interfaceVersion? This is really undesirable because it requires every user to reboot.
There was a problem hiding this comment.
After re-exec the userspace was no longer able to talk to the daemon.
See #61321 (comment) & #61321 (comment). Unfortunately the paste did expire :/
If we come up with a better way to handle these kinds of scenarios that would be great.
Rebooting every once in a while after your pid 1 did a major version change doesn't sound unreasonable to me.
There was a problem hiding this comment.
Sounds like an upstream systemd bug that should be reported there. AFAIK systemd is supposed to be able to re-exec itself across version changes.
With local-fs.target part of sysinit.target (NixOS#61321), we don't need to add it explicitly to certain units anymore, and can change dependencies like they are in other distros (I picked from Google's official CentOS 7 image here). Like them, use StandardOutput=journal+console to pipe google-*.service output to the serial console as well.
Since NixOS#61321, local-fs.target is part of sysinit.target again, meaning units without DefaultDependencies=no will automatically depend on it, and the manual set dependencies can be dropped.
|
@fpletz @andir Not too experienced with udev and systemd internals, but this seems to break when using a predictably named network interface during a stage-1 boot (in my case to provide SSH access in initrd in order to enter the LUKS passphrase remotely). Until now I've used the {
boot.kernelParams = [
"ip=<v4-addr>::<gateway>:255.255.0.0::ens3:none"
];
}May I ask what's the recommended way to implement such a feature in NixOS 19.09? AFAICT only udev is started in stage 1, so there's no predicatably named network interface then. I also checked the This is why I decided to continue using the old udev rules from nixpkgs (https://github.com/NixOS/nixpkgs/blob/release-19.03/nixos/modules/services/hardware/80-net-setup-link.rules) for now as my network is configured properly in stage-1 then, but I'm not sure if that's a suitable solution :) |
|
I think this update might broke |
|
On Wed, 2019-09-11 at 03:49 -0700, Jörg Thalheim wrote:
I think this update might broke systemd --user for me. I am using
lightdm as a login manager.
What kind of error are you running into? My user session has been
working like before. I am running a bunch of services (through home-
manager) in my user session.
|
|
I still see my systemd user session, both the process as well as the dbus session in busctl - systemctl currently does not connect to those. UPDATE need to have a look at that later. Currently I am at work. |
|
On Wed, 2019-09-11 at 03:56 -0700, Jörg Thalheim wrote:
I still see my systemd user session, both the process as well as the
dbus session - systemctl currently does not connect to those...
Ths is indeed odd. I can connect to mine just fine:
```
$ systemctl --user status timers.target
● timers.target - Timers
Loaded: loaded (/nix/store/niw0jbw29x0rg85m7z8j5gll16y37g5n-systemd-
242/example/systemd/user/timers.target; static; vendor preset: enabled)
Active: active since Tue 2019-09-10 00:04:14 CEST; 1 day 12h ago
Docs: man:systemd.special(7)
```
Can you check what `strace -s 1500 -e connect,recvmsg,sendmsg --
systemctl --user status timers.target` produces?
|
Since NixOS#61321, local-fs.target is part of sysinit.target again, meaning units without DefaultDependencies=no will automatically depend on it, and the manual set dependencies can be dropped. (cherry picked from commit f74735c)
|
This pull request has been mentioned on NixOS Discourse. There might be relevant details there: https://discourse.nixos.org/t/predictable-network-interface-names-in-initrd/4055/6 |
|
I am having an issue with my but it cannot connect to the bus: and if I look at Interestingly it also tries to connect to |
|
FYI, rebooting my machine fixed this for me. It broke when doing |
|
If you were using the normal switching code you would have seen the
incompatibility noted there.
…On Thu, 19 Sep 2019, 12:14 Arian van Putten, ***@***.***> wrote:
FYI, rebooting my machine fixed this for me. It broke when doing nixos-rebuild
switch between 239 -> 243 . We should probably tell people to reboot when
going from 19.03 to 19.09
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#61321?email_source=notifications&email_token=AAE365DMJGYUYFUBS3IIEBLQKNGH7A5CNFSM4HMJAV2KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD7C6ZBI#issuecomment-533064837>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAE365D7E76KUVBOQHOOO7LQKNGH7ANCNFSM4HMJAV2A>
.
|
|
You're already required to reboot, but #68906 reverts that. |
With local-fs.target part of sysinit.target (NixOS#61321), we don't need to add it explicitly to certain units anymore, and can change dependencies like they are in other distros (I picked from Google's official CentOS 7 image here). Like them, use StandardOutput=journal+console to pipe google-*.service output to the serial console as well. (cherry picked from commit 106a1fe)
Motivation for this change
This is a follow-up to #56184.
As explained in #56184 (comment) I rebased @Mic92's attempt for systemd version 242 and added the two patches that I wrote last year.
The current head of my systemd fork is at https://github.com/andir/systemd/commits/nixos-v242. I had to add one additional patch to make udev rules work again (andir/systemd@7283141).
While running all the NixOS release.nix tests I discovered a few issues that required changes to our modules. Those are included in this PR.
From all the failing tests only theIt was broken before. Nothing we've to take care of.mysqlReplicationtest is seemingly relevant. It requires some refactoring in order to work on v242. The failure log can be seen here: https://gist.github.com/a46e172235ae9066afd758cbf9e86564 It would be great if someone with knowledge in the area could have a look.I am in the process of switching my notebook to this branch to see if anything that we aren't testing is obviously broken.
Feedback from others is highly appreciated.
My private hydra build of
release.nix: https://hydra.h4ck.space/eval/155 (ipv6 only)If we like these changes it would be nice if someone with access to https://github.com/nixos/systemd could push my systemd changes to the
nixos-v242branch.Things done
sandboxinnix.confon non-NixOS)nix-shell -p nix-review --run "nix-review wip"./result/bin/)nix path-info -Sbefore and after)