I recently installed all rpms that provide a systemd service file in a container. Quite a few services are enabled by default and crash badly. I think enabling so many services by default is a bad thing, but if they at least run OK, that's less problematic. Right now I want to look at those which crash. Our policy [1] says > If a service does not require manual configuration to be functional > and does not listen on a network socket for connections originating > on a separate physical or virtual machine, it may be enabled by > default (but is not required to do so). In general my plan is to do 'dnf install *' and reboot and have a clean boot, always. There's a few simple cases where the service is plain broken: rootfs-resize: https://bugzilla.redhat.com/show_bug.cgi?id=1524031 gpm: https://bugzilla.redhat.com/show_bug.cgi?id=1524034 soundmodem: https://bugzilla.redhat.com/show_bug.cgi?id=1094931 rtkit: https://bugzilla.redhat.com/show_bug.cgi?id=1169449 audit: no bug number, but audit is generally incompatible with containers But there are also services which cannot run in a container when they are also started on the host (or have some other issues): ● iscsiuio.socket - Open-iSCSI iscsiuio Socket Loaded: loaded (/usr/lib/systemd/system/iscsiuio.socket; enabled; vendor preset: disabled) Dec 09 14:51:41 f27c systemd[1]: iscsiuio.socket: Failed to listen on sockets: Address already in use ● iscsid.socket - Open-iSCSI iscsid Socket Loaded: loaded (/usr/lib/systemd/system/iscsid.socket; enabled; vendor preset: disabled) Dec 09 14:51:41 f27c systemd[1]: iscsid.socket: Failed to listen on sockets: Address already in use ● ipmi.service - IPMI Driver Loaded: loaded (/usr/lib/systemd/system/ipmi.service; enabled; vendor preset: enabled) Dec 09 14:51:42 f27c systemd[1]: Starting IPMI Driver... Dec 09 14:51:42 f27c openipmi-helper[232]: Startup failed. Dec 09 14:51:42 f27c systemd[1]: ipmi.service: Main process exited, code=exited, status=1/FAILURE ● ipmievd.service - Ipmievd Daemon Loaded: loaded (/usr/lib/systemd/system/ipmievd.service; enabled; vendor preset: enabled) Dec 09 14:51:42 f27c ipmievd[297]: Could not open device at /dev/ipmi0 or /dev/ipmi/0 or /dev/ipmidev/0: No such file or dir Dec 09 14:51:42 f27c systemd[1]: Starting Ipmievd Daemon... Dec 09 14:51:42 f27c systemd[1]: ipmievd.service: Control process exited, code=exited status=1 impi* was enabled in https://bugzilla.redhat.com/show_bug.cgi?id=961878 without much discussion. Those were the early days where the policy wasn't yet settled. I don't think it's acceptable to have a service which crashes enabled by default, hence I propose to remove all those services from default presets. An alternative would be to fix them to e.g. exit cleanly when running in a container, but since I don't know anything about iscsi, I have no idea if this is feasible. So unless I hear some better idea, I plan to file patch against fedora-release to drop the presets. [1] https://fedoraproject.org/wiki/Packaging:DefaultServices Zbyszek _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
