srp_daemon: Rework systemd integration #135
Conversation
Surround expansions of shell variables that can contain spaces with double quotes. Use arrays instead of space-separated strings to store lists to avoid that strings that contain whitespace get split when iterating over a list. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
From https://liw.fi/manpages/, about the SYNOPSIS section: Font usage is important here, and carries information. All the parts that are in bold are things that the user is expected to write verbatim. Italic indicates values the user is expected to fill in. Normal font is used for syntax meta-characters: for the brackets that indicate optionality, and the ellipsis that indicates repetition. Additionally, change the identifiers that refer to arguments to lower case. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
This command-line option is used in a later patch to avoid having to start a shell script from a udev rule. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
… alias
Add a udev rule that creates the /dev/infiniband/umad/${ibdev}:${port}.device
alias. This alias is useful for opensm and srp_daemon.
Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
| @@ -1 +1,2 @@ | |||
| usr/lib/*/libibumad*.so.* | |||
| lib/udev/rules.d/libibumad.rules | |||
There was a problem hiding this comment.
@bdrung @jarodwilson is having a udev .rule in a library package OK for packaging, multi-arch/etc ?
There was a problem hiding this comment.
Yes. It's fine. For multi-arch, you just have to ensure that all these files that share the same path have the same content (which is true in this case).
|
Please remove the file extension from the
|
|
That script should probably be installed into /usr/lib or libexec since it is not intended to be called by the end user? |
|
The .sh suffix has been removed from srp_daemon_start_all.sh and that script has been moved to the libexec directory. Additionally, privileges that are neither used by the srp_daemon nor by the srp_daemon_port@ service have been dropped. |
srp_daemon/srp_daemon.service.in
Outdated
| ProtectKernelModules=yes | ||
| ProtectSystem=full | ||
| RestrictRealtime=yes | ||
| SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io | ||
|
|
There was a problem hiding this comment.
This is probably not necessary since start_on_all_ports is not network facing. I would worry that someday the calls to systemctl will break .. Other stuff looks great
debian/srptools.install
Outdated
| usr/sbin/ibsrpdm | ||
| usr/sbin/srp_daemon | ||
| libexec/srp_daemon/start_on_all_ports | ||
| usr/share/doc/rdma-core/ibsrpdm.md usr/share/doc/srptools/ |
There was a problem hiding this comment.
The libexec dir is usr/lib/ on Debian - looks like this is why travis is failing?
A new template service is added, namely srp_daemon_port@.service. This service controls /usr/sbin/srp_daemon for a single port and replaces /usr/sbin/srp_daemon.sh. The srp_daemon.service is modified such that it starts srp_daemon_port@.service instances instead of /usr/sbin/srp_daemon.sh. A udev rule is added that instantiates the srp_daemon_port@.service every time an RDMA port is hot-added. Since the per-port service depends on the srp_daemon service, starting or stopping the srp_daemon service affects all per-port services. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
Add a udev rule that instantiates the srp_daemon_port@.service every time an RDMA port is hot-added. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
…@ services Drop those privileges that are neither used by the srp_daemon nor by the srp_daemon_port@ service. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com>
|
I removed PrivateNetwork, ProtectControlGroups, ProtectSystem and SystemCallFilter from srp_daemon.service. The start_on_all_ports path had already been fixed. |
Split srp_daemon.service into srp_daemon.service and the srp_daemon_port@.service template. The former does not start any srp_daemon process but controls the latter. srp_daemon_port@.service instances are started automatically upon hot-add of an RDMA port to support hot-plugging.