On 04/21/2014 03:44 AM, Andrew Lutomirski wrote:
Would it make sense to audit all spec files to look for instances of 'systemctl.*enable'?
I'm attaching the hits for that pattern on the actual RPM scripts in Fedora rawhide (x86_64). This combines both regular scripts and trigger scripts. I can add additional columns with more information, but the text file will become a bit unwieldy.
-- Florian Weimer / Red Hat Product Security Team
name | script
-------------------------+------------------------------------------------------------------------------------------------------------------------
OpenIPMI | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply httpd +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save ipmi >/dev/null 2>&1 ||: +
| /bin/systemctl --no-reload enable ipmi.service >/dev/null 2>&1 ||: +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del ipmi >/dev/null 2>&1 || : +
| /bin/systemctl try-restart ipmi.service >/dev/null 2>&1 || :
at | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply atd +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save atd +
| +
| # The package is allowed to autostart: +
| /bin/systemctl enable atd.service >/dev/null 2>&1 +
| +
| /sbin/chkconfig --del atd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart atd.service >/dev/null 2>&1 || : +
| /bin/systemctl daemon-reload >/dev/null 2>&1 || :
avahi | /usr/bin/systemd-sysv-convert --save avahi-daemon >/dev/null 2>&1 || : +
| /usr/bin/systemctl --no-reload enable avahi-daemon.service >/dev/null 2>&1 || : +
| /usr/bin/systemctl try-restart avahi-daemon.service >/dev/null 2>&1 || :
avahi-dnsconfd | /usr/bin/systemd-sysv-convert --save avahi-dnsconfd >/dev/null 2>&1 || : +
| /usr/bin/systemctl --no-reload enable avahi-dnsconfd.service >/dev/null 2>&1 || : +
| /usr/bin/systemctl try-restart avahi-dnsconfd.service >/dev/null 2>&1 || :
bcfg2 | /usr/bin/systemd-sysv-convert --save bcfg2 >/dev/null 2>&1 || : +
| /bin/systemctl --no-reload enable bcfg2.service >/dev/null 2>&1 || : +
| /sbin/chkconfig --del bcfg2 >/dev/null 2>&1 || : +
| /bin/systemctl try-restart bcfg2.service >/dev/null 2>&1 || :
bcfg2-server | /usr/bin/systemd-sysv-convert --save bcfg2-server >/dev/null 2>&1 || : +
| /bin/systemctl --no-reload enable bcfg2-server.service >/dev/null 2>&1 || : +
| /sbin/chkconfig --del bcfg2-server >/dev/null 2>&1 || : +
| /bin/systemctl try-restart bcfg2-server.service >/dev/null 2>&1 || :
bwbar | /usr/bin/systemd-sysv-convert --save bwbar >/dev/null 2>&1 ||: +
| /bin/systemctl --no-reload enable bwbar.service >/dev/null 2>&1 ||: +
| /sbin/chkconfig --del bwbar >/dev/null 2>&1 || : +
| /bin/systemctl try-restart bwbar.service >/dev/null 2>&1 || :
cronie | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply crond +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save crond +
| +
| # The package is allowed to autostart: +
| /bin/systemctl enable crond.service >/dev/null 2>&1 +
| +
| /sbin/chkconfig --del crond >/dev/null 2>&1 || : +
| /bin/systemctl try-restart crond.service >/dev/null 2>&1 || : +
| /bin/systemctl daemon-reload >/dev/null 2>&1 || :
deltacloud-core | /usr/bin/systemd-sysv-convert --save deltacloud-core >/dev/null 2>&1 ||: +
| /bin/systemctl --no-reload enable deltacloud-core.service >/dev/null 2>&1 ||: +
| /sbin/chkconfig --del deltacloud-core >/dev/null 2>&1 || : +
| /bin/systemctl try-restart deltacloud-core.service >/dev/null 2>&1 || :
device-mapper-multipath | # make sure old systemd symlinks are removed after changing the [Install] +
| # section in multipathd.service from multi-user.target to sysinit.target +
| /bin/systemctl --quiet is-enabled multipathd.service >/dev/null 2>&1 && /bin/systemctl reenable multipathd.service ||:
device-mapper-multipath | /usr/bin/systemd-sysv-convert --save multipathd >/dev/null 2>&1 ||: +
| bin/systemctl --no-reload enable multipathd.service >/dev/null 2>&1 ||: +
| /sbin/chkconfig --del multipathd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart multipathd.service >/dev/null 2>&1 || :
dmapd | /usr/bin/systemd-sysv-convert --save dmapd >/dev/null 2>&1 || : +
| /bin/systemctl --no-reload enable dmapd.service >/dev/null 2>&1 || : +
| /sbin/chkconfig --del dmapd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart dmapd.service >/dev/null 2>&1 || :
exim | /usr/bin/systemd-sysv-convert --save clamd.exim >/dev/null 2>&1 ||: +
| /bin/systemctl enable clamd.exim.service >/dev/null 2>&1 +
| /sbin/chkconfig --del clamd.exim >/dev/null 2>&1 || : +
| /bin/systemctl try-restart clamd.exim.service >/dev/null 2>&1 || :
exim | /usr/bin/systemd-sysv-convert --save exim >/dev/null 2>&1 ||: +
| /bin/systemctl enable exim.service >/dev/null 2>&1 +
| /sbin/chkconfig --del exim >/dev/null 2>&1 || : +
| /bin/systemctl try-restart exim.service >/dev/null 2>&1 || :
fsniper | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply fsniper +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save fsniper >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable fsniper.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del fsniper >/dev/null 2>&1 || : +
| /bin/systemctl try-restart fsniper.service >/dev/null 2>&1 || :
gpm | /usr/bin/systemd-sysv-convert --save gpm >/dev/null 2>&1 ||: +
| /bin/systemctl enable gpm.service >/dev/null 2>&1 +
| /bin/systemctl try-restart gpm.service >/dev/null 2>&1 || :
groonga | /usr/bin/systemd-sysv-convert --save groonga >/dev/null 2>&1 ||: +
| /bin/systemctl --no-reload enable groonga-server-http.service >/dev/null 2>&1 ||: +
| /sbin/chkconfig --del groonga >/dev/null 2>&1 || : +
| /bin/systemctl try-restart groonga-servre-http.service >/dev/null 2>&1 || :
hsqldb | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply httpd +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save hsqldb >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable hsqldb.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del hsqldb >/dev/null 2>&1 || : +
| /bin/systemctl try-restart hsqldb.service >/dev/null 2>&1 || :
iscsi-initiator-utils | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply iscsid +
| # and systemd-sysv-convert --apply iscsi +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save iscsi >/dev/null 2>&1 ||: +
| /usr/bin/systemd-sysv-convert --save iscsid >/dev/null 2>&1 ||: +
| +
| # enable socket activation +
| /bin/systemctl enable iscsid.socket >/dev/null 2>&1 || : +
| /bin/systemctl enable iscsiuio.socket >/dev/null 2>&1 || : +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del iscsid >/dev/null 2>&1 || : +
| /sbin/chkconfig --del iscsi >/dev/null 2>&1 || : +
| /bin/systemctl try-restart iscsid.service >/dev/null 2>&1 || : +
| /bin/systemctl try-restart iscsi.service >/dev/null 1>&1 || :
jabberd | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply jabberd +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save jabberd >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable jabberd.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del jabberd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart jabberd.service >/dev/null 2>&1 || :
libvirt | /usr/bin/systemd-sysv-convert --save libvirtd >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable libvirtd.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del libvirtd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart libvirtd.service >/dev/null 2>&1 || :
libvirt-client | /usr/bin/systemd-sysv-convert --save libvirt-guests >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable libvirt-guests.service >/dev/null 2>&1 ||: +
| +
| # Run this because the SysV package being removed won't do them +
| /sbin/chkconfig --del libvirt-guests >/dev/null 2>&1 || :
lvm2 | /usr/bin/systemd-sysv-convert --save lvm2-monitor >/dev/null 2>&1 || : +
| /bin/systemctl --no-reload enable lvm2-monitor.service > /dev/null 2>&1 || : +
| /sbin/chkconfig --del lvm2-monitor > /dev/null 2>&1 || : +
| /bin/systemctl try-restart lvm2-monitor.service > /dev/null 2>&1 || :
mailman | /usr/bin/systemd-sysv-convert --save mailman >/dev/null 2>&1 ||: +
| /bin/systemctl enable mailman.service >/dev/null 2>&1 +
| /sbin/chkconfig --del mailman >/dev/null 2>&1 || : +
| /bin/systemctl try-restart mailman.service >/dev/null 2>&1 || :
mdadm | /usr/bin/systemd-sysv-convert --save mdmonitor >/dev/null 2>&1 || : +
| /bin/systemctl --no-reload enable mdmonitor.service >/dev/null 2>&1 || : +
| /sbin/chkconfig --del mdmonitor >/dev/null 2>&1 || : +
| /bin/systemctl try-restart mdmonitor.service >/dev/null 2>&1 || :
monit | /usr/bin/systemd-sysv-convert --save monit > /dev/null 2>&1 || : +
| /bin/systemctl --no-reload enable monit.service > /dev/null 2>&1 || : +
| /sbin/chkconfig --del monit > /dev/null 2>&1 || : +
| /bin/systemctl try-restart monit.server > /dev/null 2>&1 || :
openct | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply openct +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save openct >/dev/null 2>&1 ||: +
| +
| /bin/systemctl --no-reload enable openct.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del openct >/dev/null 2>&1 || : +
| /bin/systemctl try-restart openct.service >/dev/null 2>&1 || :
opendkim | /usr/bin/systemd-sysv-convert --save opendkim >/dev/null 2>&1 || : +
| /bin/systemctl enable opendkim.service >/dev/null 2>&1 +
| /sbin/chkconfig --del opendkim >/dev/null 2>&1 || : +
| /bin/systemctl try-restart opendkim.service >/dev/null 2>&1 || :
openssh-server | /usr/bin/systemd-sysv-convert --save sshd >/dev/null 2>&1 || : +
| /bin/systemctl enable sshd.service >/dev/null 2>&1 +
| /sbin/chkconfig --del sshd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart sshd.service >/dev/null 2>&1 || :
partimage | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply partimaged +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save partimaged >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable partimaged.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del partimaged >/dev/null 2>&1 || : +
| /bin/systemctl try-restart partimaged.service >/dev/null 2>&1 || :
rhnsd | if [ -f /etc/init.d/rhnsd ]; then +
| /sbin/chkconfig --add rhnsd +
| fi +
| if [ -f /usr/lib/systemd/system/rhnsd.service ]; then +
| +
| if [ $1 -eq 1 ] ; then +
| # Initial installation +
| /usr/bin/systemctl preset rhnsd.service >/dev/null 2>&1 || : +
| fi +
| if [ "$1" = "2" ]; then +
| # upgrade from old init.d +
| if [ -L /etc/rc2.d/S97rhnsd ]; then +
| /usr/bin/systemctl enable rhnsd.service >/dev/null 2>&1 +
| fi +
| rm -f /etc/rc?.d/[SK]??rhnsd +
| fi +
| fi
rinetd | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply rinetd +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save rinetd >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable rinetd.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del rinetd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart rinetd.service >/dev/null 2>&1 || :
rpcbind | /usr/bin/systemd-sysv-convert --save rpcbind >/dev/null 2>&1 ||: +
| /bin/systemctl --no-reload enable rpcbind.service >/dev/null 2>&1 +
| /sbin/chkconfig --del rpcbind >/dev/null 2>&1 || : +
| /bin/systemctl try-restart rpcbind.service >/dev/null 2>&1 || :
sendmail | /usr/bin/systemd-sysv-convert --save sendmail >/dev/null 2>&1 ||: +
| /bin/systemctl enable sendmail.service >/dev/null 2>&1 +
| /bin/systemctl enable sm-client.service >/dev/null 2>&1 +
| /sbin/chkconfig --del sendmail >/dev/null 2>&1 || : +
| /bin/systemctl try-restart sendmail.service >/dev/null 2>&1 || : +
| /bin/systemctl try-restart sm-client.service >/dev/null 2>&1 || : +
| # workaround for systemd rhbz#738022 +
| /bin/systemctl is-active sendmail.service >/dev/null 2>&1 && \ +
| ! /bin/systemctl is-active sm-client.service >/dev/null 2>&1 && \ +
| /bin/systemctl start sm-client.service >/dev/null 2>&1 || :
varnish | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply varnish +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save varnish >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| #/bin/systemctl --no-reload enable varnish.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del varnish >/dev/null 2>&1 || : +
| #/bin/systemctl try-restart varnish.service >/dev/null 2>&1 || :
vdsm | /usr/bin/vdsm-tool configure --module sanlock --force +
| /usr/bin/vdsm-tool sebool-config || : +
| # set the vdsm "secret" password for libvirt +
| /usr/bin/vdsm-tool set-saslpasswd +
| +
| # After vdsm install we should create the logs files. +
| # In the install session we create it but since we use +
| # the ghost macro (in files session) the files are not included +
| touch /var/log/vdsm/{metadata.log,mom.log,supervdsm.log,vdsm.log} +
| chmod 0644 /var/log/vdsm/{metadata.log,mom.log,supervdsm.log,vdsm.log} +
| chown vdsm:kvm /var/log/vdsm/{metadata.log,mom.log,vdsm.log} +
| chown root:root /var/log/vdsm/supervdsm.log +
| +
| # Have moved vdsm section in /etc/sysctl.conf to /etc/sysctl.d/vdsm.conf. +
| # So Remove them if it is played with /etc/sysctl.conf. +
| if grep -q "# VDSM section begin" /etc/sysctl.conf; then +
| /bin/sed -i '/# VDSM section begin/,/# VDSM section end/d' \ +
| /etc/sysctl.conf +
| fi +
| +
| # hack until we replace core dump with abrt +
| if /usr/sbin/selinuxenabled; then +
| /usr/sbin/semanage fcontext -a -t virt_cache_t '/var/log/core(/.*)?' +
| fi +
| /sbin/restorecon -R /var/log/core >/dev/null 2>&1 +
| # hack until we replace core dump with abrt +
| +
| /bin/systemctl restart systemd-modules-load.service >/dev/null 2>&1 || : +
| if [ "$1" -eq 1 ] ; then +
| /bin/systemctl enable vdsmd.service >/dev/null 2>&1 || : +
| /bin/systemctl enable supervdsmd.service >/dev/null 2>&1 || : +
| fi +
| /bin/systemctl daemon-reload >/dev/null 2>&1 || : +
| exit 0
xrdp | /usr/bin/systemd-sysv-convert --save xrdp >/dev/null 2>&1 ||: +
| +
| # If the package is allowed to autostart: +
| /bin/systemctl --no-reload enable xrdp.service >/dev/null 2>&1 ||: +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del xrdp >/dev/null 2>&1 || : +
| if [ "`/bin/systemctl is-active xrdp.service`" = 'active' ]; then +
| /bin/systemctl stop xrdp.service >/dev/null 2>&1 || : +
| /bin/systemctl start xrdp.service >/dev/null 2>&1 || : +
| fi
yum-cron | +
| #systemd_post yum-cron.service +
| # Do this manually because it's a fake service for a cronjob, and cronjobs +
| # are default on atm. This may change in the future. +
| if [ $1 = 1 ]; then +
| systemctl enable yum-cron >/dev/null 2>&1 +
| else +
| # Note that systemctl preset is being run here ... but _only_ on initial +
| # install. So try this... +
| +
| if [ -f /var/lock/subsys/yum-cron -a -f /etc/rc.d/init.d/yum-cron ]; then +
| systemctl enable yum-cron >/dev/null 2>&1 +
| fi +
| fi +
| +
| # Also note: +
| # systemctl list-unit-files | fgrep yum-cron
yum-updatesd | # Save the current service runlevel info +
| # User must manually run systemd-sysv-convert --apply yum-updatesd +
| # to migrate them to systemd targets +
| /usr/bin/systemd-sysv-convert --save yum-updatesd >/dev/null 2>&1 || : +
| +
| # This package is allowed to autostart: +
| /bin/systemctl --no-reload enable yum-updatesd.service >/dev/null 2>&1 || : +
| +
| # Run these because the SysV package being removed won't do them +
| /sbin/chkconfig --del yum-updatesd >/dev/null 2>&1 || : +
| /bin/systemctl try-restart yum-updatesd.service >/dev/null 2>&1 || :
(39 rows)
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
