We want to make sure that, at any given time, we have either the modular daemons or the monolithic one running, never both. In order to achieve that, make every single modular unit conflict with the corresponding libvirtd unit. We set both Conflicts=libvirtd.unit and After=libvirtd.unit: this tells systemd that, whenever virtfood.unit and libvirtd.unit are part of the same transaction, the former should win out. Thanks to this, if both the modular daemons and the monolithic one have been enabled because of outdated automation or a simple mistake of the administrator, the request to start libvirtd at boot will be ignored and the result will be a regular modular deployment. If the request to start libvirtd is made when the modular daemons are already running, we have no way to prevent systemd from complying with that request; however, thanks to the way the conflict relationship has been declared, they will be shut down cleanly before libvirtd is started. From the user's point of view, the transition from modular to monolithic will be completely transparent: it's basically the same scenario as a regular package upgrade, just with an extra twist. Note that, while switching from modular to monolithic at runtime happens automatically, going back requires manual intervention, i.e. starting all the necessary sockets one by one. That's okay: the goal here is to prevent misconfiguration and force of habit to accidentally disrupt a working setup, not to encourage the scenario. In a correctly configured and managed host, it should never occur. Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx> --- src/virtd-admin.socket.in | 2 ++ src/virtd-ro.socket.in | 2 ++ src/virtd-tcp.socket.in | 2 ++ src/virtd-tls.socket.in | 2 ++ src/virtd.service.in | 3 ++- src/virtd.socket.in | 2 ++ 6 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/virtd-admin.socket.in b/src/virtd-admin.socket.in index 3a09951b12..e43f4df82d 100644 --- a/src/virtd-admin.socket.in +++ b/src/virtd-admin.socket.in @@ -3,6 +3,8 @@ Description=@name@ admin socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirtd-admin.socket +After=libvirtd-admin.socket @socket_unit_extra@ [Socket] diff --git a/src/virtd-ro.socket.in b/src/virtd-ro.socket.in index e882f25a7b..7b91f0d657 100644 --- a/src/virtd-ro.socket.in +++ b/src/virtd-ro.socket.in @@ -3,6 +3,8 @@ Description=@name@ local read-only socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirtd-ro.socket +After=libvirtd-ro.socket @socket_unit_extra@ [Socket] diff --git a/src/virtd-tcp.socket.in b/src/virtd-tcp.socket.in index 26c6dfa75b..d715e2d00d 100644 --- a/src/virtd-tcp.socket.in +++ b/src/virtd-tcp.socket.in @@ -3,6 +3,8 @@ Description=@name@ non-TLS IP socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirtd-tcp.socket +After=libvirtd-tcp.socket @socket_unit_extra@ [Socket] diff --git a/src/virtd-tls.socket.in b/src/virtd-tls.socket.in index 077c320cce..5b2550fb1d 100644 --- a/src/virtd-tls.socket.in +++ b/src/virtd-tls.socket.in @@ -3,6 +3,8 @@ Description=@name@ TLS IP socket Before=@service@.service BindsTo=@service@.socket After=@service@.socket +Conflicts=libvirt-tls.socket +After=libvirt-tls.socket @socket_unit_extra@ [Socket] diff --git a/src/virtd.service.in b/src/virtd.service.in index c9afecad73..21391a65b0 100644 --- a/src/virtd.service.in +++ b/src/virtd.service.in @@ -1,9 +1,10 @@ [Unit] Description=@name@ daemon -Conflicts=libvirtd.service Requires=@service@.socket Requires=@service@-ro.socket Requires=@service@-admin.socket +Conflicts=libvirtd.service +After=libvirtd.service After=network.target After=dbus.service After=apparmor.service diff --git a/src/virtd.socket.in b/src/virtd.socket.in index 278f59ef1c..e4dc94b277 100644 --- a/src/virtd.socket.in +++ b/src/virtd.socket.in @@ -1,6 +1,8 @@ [Unit] Description=@name@ local socket Before=@service@.service +Conflicts=libvirtd.socket +After=libvirtd.socket @socket_unit_extra@ [Socket] -- 2.41.0
