Clean services.yml #269
Merged
Clean services.yml #269
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Redmine ticket https://dev.yunohost.org/issues/647 |
|
I don't understand why we need those "null" services in this file (amavis, ...) : can you give a hint ? |
|
From what I understand (and confirmed by my testing), YunoHost uses them to clean This is why I've added Tell me if it's clear. |
|
For udisk2, ok, there does not seem to be any "service udisk2" available. I don't know if it's an issue with your PR, but seemed worth mentionning since you say you did not find trace of it.
And seems like there are some buggy "status" definitions. The following have a correctly running daemon, but the admin interface report them as "Not Running":
|
|
rmilter and rspamd are running for me, are you on the last version? We've moved from socket activation to services. Indeed for nsswitch, I've also encountered a strange behavior with my patch for it, I will investigate. I'm going to add the other services you've pointed to. Thanks! |
|
Oups, thank for noticing :) |
Psycojoker
force-pushed
the
clean-services.yml
branch
from
fbad38b
to
a18486d
Compare
opi
approved these changes
Mar 7, 2017
|
Mergeable on the 14 March with two positives reviews. |
|
I still need to investigate the nsswitch case. |
|
Works for nsswitch. The inline python in the regenconf shell script is... |
alexAubin
added a commit
that referenced
this pull request
Jan 19, 2019
… edebe4dc..d7d2e693 d7d2e693 fix: typo in bare metal detection (fixes #269) b0083d91 Remove unneeded volumes in Dockerfile (#266) 904a83c6 Fix Arch kernel image detection (#268) 906f54cf Improved hypervisor detection (#259) c45a06f4 Warn on missing kernel info (#265) 4a6fa070 Fix misdetection of files under Clear Linux (#264) c705afe7 bump to v0.40 401ccd4b Correct aarch64 KPTI dmesg message 55120839 Fix a typo in check_variant3_linux() f5106b3c update MCEDB from v83 to v84 (no actual change) 68289dae feat: add --update-builtin-mcedb to update the DB inside the script 3b2d5296 feat(l1tf): read & report ARCH_CAPABILITIES bit 3 (SKIP_VMENTRY_L1DFLUSH) cbb18cb6 fix(l1tf): properly detect status under Red Hat/CentOS kernels 299103a3 some fixes when script is not started as root dc5402b3 chore: speed optimization of hw check and indentation fixes 90c2ae5d feat: use the MCExtractor DB as the reference for the microcode versions 53d6a447 Fix detection of CVE-2018-3615 (L1TF_SGX) (#253) 297d890c fix ucode version check regression introduced by fbbb19f under BSD 0252e74f feat(bsd): implement CVE-2018-3620 and CVE-2018-3646 mitigation detection fbbb19f2 Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. (#246) 1571a56c feat: add L1D flush cpuid feature bit detection 3cf91416 fix: don't display summary if no CVE was tested (e.g. --hw-only) bff38f1b BSD: add not-implemented-yet notice for Foreshadow-NG b419fe7c feat(variant4): properly detect SSBD under BSD f193484a chore: fix deprecated SPDX license identifier (#249) (#251) 349d77b3 Fix kernel detection when /lib/kernel exists on a distro (#252) e589ed7f fix: don't test SGX again in check_CVE_2018_3615, already done by is_cpu_vulnerable ae120628 fix: remove some harcoded /proc paths, use $procfs instead b44d2b54 chore: remove 'experimental' notice of Foreshadow from README 7b72c20f feat(l1tf): explode L1TF in its 3 distinct CVEs b48b2177 feat: Add Clear Linux Distro (#244) 8f31634d feat(batch): Add a batch short option for one line result (#243) 96798b19 chore: add SPDX GPL-3.0 license identifier (#245) 687ce1a7 fix: load cpuid module if absent even when /dev/cpu/0/cpuid is there 80e0db7c fix: don't show erroneous ucode version when latest version is unknown (fixes #238) e8890ffa feat(config): support for genkernel kernel config file (#239) b2f64e11 fix README after merge 42a3a61f Slightly improved Docker configuration (#230) afb36c51 Fix typo: 'RBS filling' => 'RSB filling' (#237) 0009c0d4 fix: --batch now implies --no-color to avoid colored warnings dd67fd94 feat: add FLUSH_CMD MSR availability detection (part of L1TF mitigation) 339ad317 fix: add missing l1tf CPU vulnerability display in hw section 794c5be1 feat: add optional git describe support to display inter-release version numbers a7afc585 fix several incorrect ucode version numbers fc1dffd0 feat: implement detection of latest known versions of intel microcodes e9426161 feat: initial support for L1TF 360be7b3 fix: hide arch_capabilities_msr_not_read warning under !intel 5f592578 bump to v0.39 92d59cbd chore: adjust some comments, add 2 missing inits 4747b932 feat: add detection of RSBA feature bit and adjust logic accordingly 860023a8 fix: ARCH MSR was not read correctly, preventing proper SSB_NO and RDCL_NO detection ab67a922 feat: read/write msr now supports msr-tools or perl as dd fallback f4592bf3 Add Arch armv5/armv7 kernel image location (#227) be15e476 chore: setting master to v0.38+ d3481d95 Add support for the kernel being within a btrfs subvolume (#226) 21af5611 bump to v0.38 cb740397 feat(arm32): add spectrev1 mitigation detection 84195689 change: default to --no-explain, use --explain to get detailed mitigation help b637681f fix: debug output: msg inaccuracy for ARM checks 9316c305 fix: armv8: models < 0xd07 are not vulnerable f9dd9d8c add guess for archlinuxarm aarch64 kernel image on raspberry pi 3 (#222) 0f0d103a fix: correctly init capabilities_ssb_no var in all cases b262c405 fix: remove spurious character after an else statement cc2910fb fix: read_cpuid: don't use iflag=skip_bytes for compat with old dd versions 30c4a1f6 arm64: cavium: Add CPU Implementer Cavium (#216) cf06636a fix: prometheus output: use printf for proper \n interpretation (#204) 60077c8d fix(arm): rewrite vuln logic from latest arm statement for Cortex A8 to A76 c181978d fix(arm): Updated arm cortex status (#209) 9a6406a9 chore: add docker support (#203) 5962d20b fix(variant4): whitelist from common.c::cpu_no_spec_store_bypass (#202) 17a34885 fix(help): add missing references to variants 3a & 4 (#201) e54e8b3e chore: remove warning in README, fix display indentation 39c778e3 fix(amd): AMD families 0x15-0x17 non-arch MSRs are a valid way to control SSB 2cde6e46 feat(ssbd): add detection of proper CPUID bits on AMD f4d51e7e fix(variant4): add another detection way for Red Hat kernel 85d46b27 feat(variant4): add more detailed explanations 61e02abd feat(variant3a): detect up to date microcode 114756fa fix(amd): not vulnerable to variant3a ea75969e fix(help): Update variant options in usage message (#200) ca391cbf fix(variant2): correctly detect IBRS/IBPB in SLES kernels 68af5c5f feat(variant4): detect SSBD-aware kernel 19be8f79 doc: update README with some info about variant3 and variant4 f75cc0bb feat(variant4): add sysfs mitigation hint and some explanation about the vuln f33d65ff feat(variant3a): add information about microcode-sufficient mitigation 725eaa8b feat(arm): adjust vulnerable ARM CPUs for variant3a and variant4 c6ee0358 feat(variant4): report SSB_NO CPUs as not vulnerable 22d0b203 fix(ssb_no): rename ssbd_no to ssb_no and fix shift 3062a841 fix(msg): add missing words 6a4318ad feat(variant3a/4): initial support for 2 new CVEs c1998618 fix(variant2): adjust detection for SLES kernels 7e4899bc ibrs can't be enabled on no ibrs cpu (#195) 5cc77741 Update spectre-meltdown-checker.sh 1c0f6d95 cpuid and msr module check 4acd0f64 Suggestion to change VM to a CPU with IBRS capability fb52dbe7 set master branch to v0.37+ git-subtree-dir: src/yunohost/vendor/spectre-meltdown-checker git-subtree-split: d7d2e6934ba08a2de2e2c80bb42936a60b884b78
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello,
This is an attempt to clean
/etc/yunohost/services.ymlfrom outdated services.Right we have a series of old/not used anymore/doesn't make sens services and this confused users (can be confirmed from several feedback with this internet cube, this was a very frequent request like "is it normal that those services doesn't run?").
services.ymlis used for 2 things: saying which services are tracked with which logs files AND keeping track of the regen-conf. This collide sometime because it happens that we handle the regen-conf of stuff that aren't services but they end up being listed as inactive services.This PR attempt to do 3 things to fix that:
statuskey, by default the "service %(service name)s" was used when nostatuskey was present, we ended up with services likesslwhich didn't make any sensnsswitchandudisks2because I THINK (not sure) that they aren't used anymore (I couldn't find any trace of them and they were always inactives)bind9as a null service entry, this will remove bind9 from old YunoHostservices.ymlwhere it was still present before the dnsmasq migration (this concern quite a lot of Internet Cube actually)