From: Daniel Kahn Gillmor Date: Thu, 19 Oct 2017 19:32:20 +0000 (-0400) Subject: systemd: drop RefuseManualStart=true, disable kresd.service by default X-Git-Tag: v1.99.1-alpha~2^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a0d93df69e27d5b1b4ca115a66a5fb970746fb3c;p=thirdparty%2Fknot-resolver.git systemd: drop RefuseManualStart=true, disable kresd.service by default I introduced RefuseManualStart=true last year when writing the initial systemd unit file for kresd. I did this because i didn't want to start running the daemon if no one was going to talk to it. I'm no longer convinced that this directive has a good justification. While i think that there is no need to activate the service without socket activation, i think preventing manual invocation is actively harmful (admins will reflexively do "systemctl restart kresd" just like they do "systemctl restart apache2" and it's jarring to have it rejected). A distributor who wants to (by default) delay kresd startup until it is accessed can ship the preset file included here, but leave the *.socket units enabled by default. --- diff --git a/systemd/90-kresd.preset b/systemd/90-kresd.preset new file mode 100644 index 000000000..ee9934054 --- /dev/null +++ b/systemd/90-kresd.preset @@ -0,0 +1,6 @@ +# kresd is fully socket-activated, so it does not need to be enabled +# in the systemd sense (automatically started at boot). The +# associated sockets *are* enabled however, so the kresd service will +# be started as soon as anything connects to one of the listening +# sockets. +disable kresd.service diff --git a/systemd/README.md b/systemd/README.md index 8ddbdc17d..daa414da2 100644 --- a/systemd/README.md +++ b/systemd/README.md @@ -6,6 +6,11 @@ by systemd (or any supervisor that provides equivalent file descriptor initialization via the interface supported by sd_listen_fds_with_names(3)). +Distributors of systems using systemd may wish to place +./90-kresd.preset in /lib/systemd/systemd-preset/90-kresd.preset if +they want to delay daemon launch until it is accessed. (see +systemd.preset(5)). + When run in this configuration: * it will be run under a non-privileged user, which means it will not diff --git a/systemd/kresd.service b/systemd/kresd.service index 186126d00..202240136 100644 --- a/systemd/kresd.service +++ b/systemd/kresd.service @@ -1,8 +1,6 @@ [Unit] Description=Knot DNS Resolver daemon Documentation=man:kresd(8) -## This is a socket-activated service: -RefuseManualStart=true [Service] Type=notify