nixos/murmur: log to systemd journal, expose wrapper #50333
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
instead of /var/log/murmur/murmurd.log. Achieved by having systemd run the daemon in foreground instead of letting it fork to background.
|
@GrahamcOfBorg test mumble |
|
No attempt on aarch64-linux (full log) The following builds were skipped because they don't evaluate on aarch64-linux: tests.mumble Partial log (click to expand)
|
|
No attempt on x86_64-linux (full log) The following builds were skipped because they don't evaluate on x86_64-linux: tests.mumble Partial log (click to expand)
|
|
Seems like I don't have the required permissions to run the tests through ofBorg, and when I try to run the tests locally I get a kernel panic, which does not seem to be related to the tests themselves, though. Probably issues with my nested virtualization setup or something. |
|
@GrahamcOfBorg test mumble |
aanderse
reviewed
Apr 24, 2019
| @@ -251,19 +273,13 @@ in | |||
| after = [ "network-online.target "]; | |||
|
|
|||
| serviceConfig = { | |||
| Type = "forking"; | |||
| Type = "simple"; | |||
There was a problem hiding this comment.
Simple is the default type so this isn't actually necessary.
| Restart = "always"; | ||
| User = "murmur"; | ||
| ExecStart = "${pkgs.murmur}/bin/murmurd -ini ${configFile}"; | ||
| ExecStart = "${cli-wrapper}/bin/murmurd-service -fg"; | ||
| PermissionsStartOnly = true; |
There was a problem hiding this comment.
I know #56265 isn't related to this PR at all... but would you be willing to do me a solid and remove PermissionsStartOnly = true; in an extra commit here? It looks like the only other things to do would be to add StateDirectory = "murmur"; and remove the call to createHome = true; and you would be good to go...
|
Since #38775 was merged, I guess this can be closed now? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation for this change
Everything I have on my server logs to systemd journal by default - except murmur.
This takes murmur in line with all other services by changing that.
On the very first start, murmur writes the password of the SuperUser into the log file.
To change this if desired or if that entry is not available anymore, this exposes a wrapper combining the binary and the service config file as the
murmurd-serviceexecutable. (open to better naming propositions!).As long as it's in the journal, the initial SuperUser password is now readable for all users in the
journalgroup instead ofrootandmurmuronly. In case that group is not equal with the murmur administrators, the password can be changed with the new wrapper.Things done
sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)nix path-info -Sbefore and after)