On 05/15/2013 02:21 PM, Lennart Poettering wrote:
On Wed, 15.05.13 08:53, Chris Adams (linux@xxxxxxxxxxx) wrote:
Once upon a time, Lennart Poettering <mzerqung@xxxxxxxxxxx> said:
112ms iscsi.service
This really sounds like something that should be socket actviated on
demand rather than run by default.
This is attaching to configured iSCSI devices (which at a minimum
requires parsing configuration files to see if there are any devices
configured), not running a listening daemon.
It should be possible to come up with some form of ConditionPathExists=
or ConditionDirectoryNotEmpty= that causes this to be skipped if no
targets are configured.
https://bugzilla.redhat.com/show_bug.cgi?id=951951
97ms sshd.service
Dito. THis is something to start by default only on hosts where a ton of
people log in all the time.
SSH host key generation needs to be done in advance (don't want a
connecting socket to wait for that). Maybe that could be done with a
separate firstboot-like service that gets disabled once run?
We should really to be as stateless as possible here and not require
write access to /etc, which a solution like this would require.
Instead I'd propose to splitt the key generation into its own service
but then pull this in by the first connection and conditionalize it also
with ConditionPathExists= or so:
ConditionPathExists=!/etc/ssh/ssh_host_rsa_key
I filed this now:
https://bugzilla.redhat.com/show_bug.cgi?id=963268
I created such service ( ssh-keygen.service ) when I migrated the ssh to
unit files.
For some reason the maintainers in the distribution chose not to include
it..
JBG
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
