Hi,

Is there any suggestion or guideline for pacakges that contain
both systemd-timer unit setting and cronjob? Don't they conflict
or not


--
Regards,

Hideki Yamane henrich @ debian.org/iijmio-mail.jp

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2022-03-12 Hideki Yamane <henrich@iijmio-mail.jp> wrote:

Is there any suggestion or guideline for pacakges that contain
both systemd-timer unit setting and cronjob? Don't they conflict
or not

Hello,

You want to skip running the cronjob on systems with systemd as init
systems. e.g. exim's daily cronjob works like this:
1. the systemd unit runs /etc/cron.daily/exim4-base with argument
systemd-timer.
2. /etc/cron.daily/exim4-base checks for a systemd setup by testing
existence of /run/systemd/system. On a systemd setup the script
exits immediately when executed from cron (i.e. $1!=systemd-timer).

If the cron script itself was trivial I would avoid the ugliness of invoking /etc/cron.d* from systemd. ;-)

cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Hideki Yamane wrote:

Is there any suggestion or guideline for pacakges that contain
both systemd-timer unit setting and cronjob? Don't they conflict
or not

Do what apt does; make the cron job exit successfully without doing
anything when run on systemd, move most of what is being run into a
script or program in /usr, then call that from the timer and cron job.

Alternatively, make the cron job exit successfully without doing
anything when run on systemd, then have the timer call the cron job
with a --run-on-systemd argument that makes it run under systemd.

--
bye,
pabs

https://wiki.debian.org/PaulWise

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEYQsotVz8/kXqG1Y7MRa6Xp/6aaMFAmIsSZgACgkQMRa6Xp/6 aaO0cQ//eIk157rsfeuj9ydnIseMnBfIevKeRQnPBs5lF6b2dlITWXFqNKJwu3WA 7LB3ExiXlDKwCUhqD9RljLekZJDKNbYG7thF0VgtF64n2hcdNt8Pr4GWxeU7hmAw QwYNerGiP5L/syUYOu50VaQKYLoQkUhbZulU1dHsD6kXwJILNep8KpRJrbrZB8rw /7WWFqKP9fI8CO+DsSYjx6pBqsIOj2qseAdYxchMRVJadcf1OXPrelruoTJektul QrE2cr7wksby71Q9zDVvPH8blqodgXY9tedIjDqRYSLAFcfI51oUOW9UCJD1GdZM 2g+vn72XHq9DXV8KgGBwlHK7UeNJHlzdr2/iR8ESZCSRU+i0BnOjCYi9HQtHecnF WPKjBouhurBGhAFYLprfsoec8U+fAIfzBS2eLYL7Mj7iZI93+KEGtGTZEzvFWCaF NWIAkSSacPm8irbQ9c01PBTjIriIjKxixN/MxhHqn6kpiA5iXKyXJmZiz8oQa2EG 9/JjAl8+rwhx2ekn9g74G924h9ejkOu2SHO8NAs/JhPvarixtf1tX1FKlNoevLbp AMMBSU5hkIPJ/SdvyKES1slIMnCE17YjB8/gC04XoRZgWFWlV8xvOziyXIJrGOV3 kzgXrkVSug+mxYbrq1gcOLBX1AA12dLWnWdshFVU9l0d+rx2sFs=
=l+LM
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, Mar 12, 2022 at 03:19:52PM +0800, Paul Wise wrote:

Hideki Yamane wrote:

Is there any suggestion or guideline for pacakges that contain
both systemd-timer unit setting and cronjob? Don't they conflict
or not

Do what apt does; make the cron job exit successfully without doing
anything when run on systemd, move most of what is being run into a
script or program in /usr, then call that from the timer and cron job.

Alternatively, make the cron job exit successfully without doing
anything when run on systemd, then have the timer call the cron job
with a --run-on-systemd argument that makes it run under systemd.

These are still somewhat annoying in practice because of the log
entries for CRON running something pointlessly.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------HgZpsu00Jx1YTv2RIEJmUa00
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

DQpBbSAxMi4wMy4yMiB1bSAwODowOSBzY2hyaWViIEFuZHJlYXMgTWV0emxlcjoNCj4gT24g MjAyMi0wMy0xMiBIaWRla2kgWWFtYW5lIDxoZW5yaWNoQGlpam1pby1tYWlsLmpwPiB3cm90 ZToNCj4+ICAgSXMgdGhlcmUgYW55IHN1Z2dlc3Rpb24gb3IgZ3VpZGVsaW5lIGZvciBwYWNh a2dlcyB0aGF0IGNvbnRhaW4NCj4+ICAgYm90aCBzeXN0ZW1kLXRpbWVyIHVuaXQgc2V0dGlu ZyBhbmQgY3JvbmpvYj8gRG9uJ3QgdGhleSBjb25mbGljdA0KPj4gICBvciBub3QNCj4gDQo+ IEhlbGxvLA0KPiANCj4gWW91IHdhbnQgdG8gc2tpcCBydW5uaW5nIHRoZSBjcm9uam9iIG9u IHN5c3RlbXMgd2l0aCBzeXN0ZW1kIGFzIGluaXQNCj4gc3lzdGVtcy4gZS5nLiBleGltJ3Mg ZGFpbHkgY3JvbmpvYiB3b3JrcyBsaWtlIHRoaXM6DQo+IDEuIHRoZSBzeXN0ZW1kIHVuaXQg cnVucyAvZXRjL2Nyb24uZGFpbHkvZXhpbTQtYmFzZSB3aXRoIGFyZ3VtZW50DQo+ICAgICBz eXN0ZW1kLXRpbWVyLg0KPiAyLiAvZXRjL2Nyb24uZGFpbHkvZXhpbTQtYmFzZSBjaGVja3Mg Zm9yIGEgc3lzdGVtZCBzZXR1cCBieSB0ZXN0aW5nDQo+ICAgICBleGlzdGVuY2Ugb2YgL3J1 bi9zeXN0ZW1kL3N5c3RlbS4gT24gYSBzeXN0ZW1kIHNldHVwIHRoZSBzY3JpcHQNCj4gICAg IGV4aXRzIGltbWVkaWF0ZWx5IHdoZW4gZXhlY3V0ZWQgZnJvbSBjcm9uIChpLmUuICQxIT1z eXN0ZW1kLXRpbWVyKS4NCj4gDQoNCkkgd291bGQgY29uc2lkZXIgdGhpcyBhbiBhbnRpLXBh dHRlcm4uDQpJZiB5b3UgaGF2ZSBzdWNoIGEgY29tcGxleCBjcm9uLWRhaWx5IHNjcmlwdCwg SSdkIGZhY3RvciB0aGF0IG91dCBpbnRvIGEgDQpzY3JpcHQgaW4gL3Vzci9saWIvZm9vIGFu ZCBjYWxsIHRoYXQgZGlyZWN0bHkgZnJvbSBib3RoIHRoZSBjcm9uIGVudHJ5IA0KYW5kIHRo ZSBzeXN0ZW1kIHRpbWVyLg0KDQpJdCdzIHRoZSBzYW1lIGtpbmQgb2YgYW50aSBwYXR0ZXJu IGxpa2UgY3JlYXRpbmcgYSAuc2VydmljZSB1bml0IGNvbnRhaW5pbmcNCkV4ZWNTdGFydD0v ZXRjL2luaXQuZC9mb28gc3lzdGVtZA0KDQpQbGVhc2UgZG9uJ3QgZG8gdGhhdC4NCklmIHlv dSBhY3R1YWxseSBoYXZlIGEgbmVlZCB0byBjYWxsIGNvbXBsZXggc2hlbGwgbWFjaGluZXJ5 IHRvIHJ1biB5b3VyIA0KZGFlbW9uLCBwbGVhc2UgZmFjdG9yIHRoaXMgb3V0IGludG8gYW4g aW5kZXBlbmRlbnQgc2NyaXB0IGFuZCBjYWxsIGl0IA0KZnJvbSBlaXRoZXIgdGhlIHN5c3Yg aW5pdCBzY3JpcHQgb3IgdGhlIHN5c3RlbWQgc2VydmljZSBmaWxlLg0KDQpzeXN0ZW1kIHNl cnZpY2VzIHNob3VsZCBub3QgZGVwZW5kIG9uIFN5c1YgaW5pdCBzY3JpcHRzIGFuZCBzeXN0 ZW1kIA0KdGltZXJzIHNob3VsZCBub3QgZGVwZW5kIG9uIGNyb24gZmlsZXMuDQo=

--------------HgZpsu00Jx1YTv2RIEJmUa00--

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmItArkFAwAAAAAACgkQauHfDWCPItzo dA/+MK3GPSjIi0prv5sMVhPzXh64u1o29kFKtnjIEvIuOAhEWzfjKEvjGII0wPLqLDppZemO5jow ONi60tajN5mNZFyjrR0SdafgEpqGtTyu/9lE79wS4G+6GgNclYbHmHdnvF2jdvv0jTRd+wMDS/bN d92ccyrS7hXnW93HjSLjdsOlY1Cp2k6aBjWn8M2Q0gnqfxMa52VNH1BJD73n+Ve7t+K7IjMdO3g3 dvx5EqOnAhd+2k57OXUg+KMLa3mv4wUTpOmfDiF8EYEAwvbJDTJW9nCKpzKcEhv+FBtRd6u02Avy xkRyjQkLx84trTiF0UakT4ytGxCT9BrzX02FOyfMhe/K5APe5EXbEWcTNyfamQWTXT/J95IUGKkz JO8rjO0zA1nlmxniIFQxliIDUIrL/VYFGXwX415cvS8SoDbK4foW2h5Wsz29xLVKXswpX+g3Elot D4cz26ICYDw0mrQ/zw+YE7sMwX1fpSq3E8JolNgIvXlxcnvV0+gzar7fQO3/XB4DI8Z+DWauNiPJ HfUrPxPrORaCu8sHRPeJnzXB0oGl3klBoH2mpqrGDlj/zzou+1091km9QwSjt/gwrYL90TylwG3u v/VxoUta/tMm4jyfkWmh8/0DA0cXs11rJ8ROI4EvAkiyY4KrQGThDTAUiFQAEpcZTYmCn2zaZtAp 6Bc=
=d+aW
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------qDNtCWdmBQewgInvutI9gS0Z
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

QW0gMTIuMDMuMjIgdW0gMjA6NDAgc2NocmllYiBNaWNoYWVsIFN0b25lOg0KPiBPbiBTYXQs IE1hciAxMiwgMjAyMiBhdCAwMzoxOTo1MlBNICswODAwLCBQYXVsIFdpc2Ugd3JvdGU6DQo+ PiBIaWRla2kgWWFtYW5lIHdyb3RlOg0KPj4NCj4+PiBJcyB0aGVyZSBhbnkgc3VnZ2VzdGlv biBvciBndWlkZWxpbmUgZm9yIHBhY2FrZ2VzIHRoYXQgY29udGFpbg0KPj4+IGJvdGggc3lz dGVtZC10aW1lciB1bml0IHNldHRpbmcgYW5kIGNyb25qb2I/IERvbid0IHRoZXkgY29uZmxp Y3QNCj4+PiBvciBub3QNCj4+DQo+PiBEbyB3aGF0IGFwdCBkb2VzOyBtYWtlIHRoZSBjcm9u IGpvYiBleGl0IHN1Y2Nlc3NmdWxseSB3aXRob3V0IGRvaW5nDQo+PiBhbnl0aGluZyB3aGVu IHJ1biBvbiBzeXN0ZW1kLCBtb3ZlIG1vc3Qgb2Ygd2hhdCBpcyBiZWluZyBydW4gaW50byBh DQo+PiBzY3JpcHQgb3IgcHJvZ3JhbSBpbiAvdXNyLCB0aGVuIGNhbGwgdGhhdCBmcm9tIHRo ZSB0aW1lciBhbmQgY3JvbiBqb2IuDQo+Pg0KPj4gQWx0ZXJuYXRpdmVseSzCoG1ha2UgdGhl IGNyb24gam9iIGV4aXQgc3VjY2Vzc2Z1bGx5IHdpdGhvdXQgZG9pbmcNCj4+IGFueXRoaW5n IHdoZW4gcnVuIG9uIHN5c3RlbWQsIHRoZW4gaGF2ZSB0aGUgdGltZXIgY2FsbCB0aGUgY3Jv biBqb2INCj4+IHdpdGggYSAtLXJ1bi1vbi1zeXN0ZW1kIGFyZ3VtZW50IHRoYXQgbWFrZXMg aXQgcnVuIHVuZGVyIHN5c3RlbWQuDQo+IA0KPiBUaGVzZSBhcmUgc3RpbGwgc29tZXdoYXQg YW5ub3lpbmcgaW4gcHJhY3RpY2UgYmVjYXVzZSBvZiB0aGUgbG9nIGVudHJpZXMgDQo+IGZv ciBDUk9OIHJ1bm5pbmcgc29tZXRoaW5nIHBvaW50bGVzc2x5Lg0KDQpUaGF0IGlzIGluZGVl ZCB0cnVlLg0KSSBndWVzcyB3ZSBoYXZlIHRocmVlIG9wdGlvbnMgaGVyZToNCg0KLSBUZWFj aCBjcm9uIGFib3V0IHN5c3RlbWQgdGltZXJzIGFuZCBhbGxvdyBjcm9uIGVudHJpZXMgdG8g YmUgbWFya2VkIA0Kd2l0aCBtZXRhIGRhdGEgdGhhdCB0ZWxscyBjcm9uIHRoYXQgd2hlbiBy dW4gdW5kZXIgc3lzdGVtZCBpdCBzaG91bGQgDQpza2lwIHRob3NlIGVudHJpZXMuDQoNCi0g U2hpcCBuYXRpdmUgc3lzdGVtZCB0aW1lciB1bml0cyBmb3IgYWxsIHBhY2thZ2VzIGFuZCBu byBsb25nZXIgaW5zdGFsbCANCmNyb24gYnkgZGVmYXVsdA0KDQotIElmIGEgcGFja2FnZSBp cyBzaGlwcGluZyBhIG5hdGl2ZSBzeXN0ZW1kIHRpbWVyIHVuaXQsIGl0IHNob3VsZCBkcm9w IA0KdGhlIGNvcnJlc3BvbmRpbmcgY3JvbiBmaWxlcy4gVGhvc2Ugc2hvdWxkIGJlIGdlbmVy YXRlZCBvbiB0aGUgZmx5IG9uIA0Kbm9uLXN5c3RlbWRzIGJhc2VkIG9uIHRoZSBzeXN0ZW1k IHRpbWVyLg0K

--------------qDNtCWdmBQewgInvutI9gS0Z--

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmItBaEFAwAAAAAACgkQauHfDWCPItw/ VQ/9FBdGS41le3rlaQuM7WiVNqTTxggwR9nibacs1eNFipDgjcjBpZkOy0nX3uZRcgE4rdWO7pQc 7VdC5dZYODzkFXnXjBVCRM1/zoMW0gq/k7BfZMeaL/9Gh0yghJ4VKItXS7BIoxT3WrfsY8jBWIXQ fT9Kyg/PR+sSRWZNWWVJQheZVeyfuuHYHzxkoGqmQc98dYirUomGCUzmiYPodg6qem3d1vCJAQp6 TWvPNkq3eaz5K3pZG7WkPatdxlvvbyr9C437DaArN7lVs7Mkra7BLhdZW0fJJrB2K1Kmd7w4zHag Mxw9cKFGVDvlIB73IuOlvf3KJ2nlBWpkPUCooHhUKtKWVmU2NrGlnmKs+dPqL8azy5vueKfJUIhA iwmRV8qkO0xlGaFG3bOXnf2pMQVL9a8r+IGYdrnJN9SHBHLNOqCgBexxZZenFH5FuD6pO7kwNuMM 32FJO+CNRX3ehjKILgnnNDVLjK+LyuRLlLf8FKPhfTvTj54qnIH6PQFgJ5k0EsxQB+C7Dbvzy/ws NWf7tp7S/W8+ePCdHPOXVUWw+idAv3H65xnvRl64l8MIITfu1HWlQKQZcWwOnnDZC/O+vvcP0j20 ceOwrLqDW2a+UW0peIzfeXY0Y0dz8CasOBKgTAoYb+Wy/tguCXkZQNkG5hUUhl0gQXZ6R+hNb0Re oW8=
=QzSK
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 12 Mar 2022 at 14:40:32 -0500, Michael Stone wrote:

On Sat, Mar 12, 2022 at 03:19:52PM +0800, Paul Wise wrote:

Do what apt does; make the cron job exit successfully without doing anything when run on systemd, move most of what is being run into a
script or program in /usr, then call that from the timer and cron job.

Alternatively, make the cron job exit successfully without doing
anything when run on systemd, then have the timer call the cron job
with a --run-on-systemd argument that makes it run under systemd.

These are still somewhat annoying in practice because of the log entries for CRON running something pointlessly.

systemd-cron gets round this by assuming that /etc/cron.d/foobar
is redundant with a native systemd timer foobar.timer, so if
foobar.timer exists (or is explicitly masked), systemd-cron will not run /etc/cron.d/foobar. I don't think this naming convention is formally
guaranteed by Policy, but it seems to work well enough in practice.

systemd-cron is a third-party implementation of the cron-daemon interface
as a systemd generator, which outputs pairs of systemd .timer and
.service units corresponding to cron jobs. It is not part of systemd,
and is an alternative to running a more traditional cron-daemon (Vixie
cron or equivalent) as a long-running systemd service.

This mechanism currently only works for cron.d, and not for the grouped hourly/daily/weekly/monthly sets of cron jobs, which always get run
by run-parts (unless the corresponding directory is completely empty,
in which case the appropriate hourly/daily/weekly/monthly timer is automatically disabled by a ConditionDirectoryNotEmpty rule).

If there was a way to flag system cron jobs with metadata that says
"this is redundant when running under systemd", then that would remove
this redundancy for the more traditional cron-daemon setup too. That
would be a feature request for traditional cron implementations (and systemd-cron) rather than a feature request for systemd.

Some backwards-compatible ways that I can think of to represent that
flag in crontab(5) syntax are:

- reserving an environment variable like SKIP_CRON_JOB_UNDER_SYSTEMD=1
to act as a request to skip parsing this cron job on systemd systems
(it would also be set like any other environment variable when the cron
job is executed on a non-systemd system, but that should generally be
harmless, because programs are generally expected to ignore unknown
environment variables)

- a magic comment, analogous to LSB "### BEGIN INIT INFO" comments
(the major disadvantage of this approach is that it requires parsing
comments, which always seems like a "code smell" to me)

- having a single conventional way to spell not-systemd guard, parsing
the shell command to see whether it includes the guard, and skipping
commands that do
(I don't like this aesthetically, because I feel as though the shell
command should be treated as opaque, and more practically I suspect
there are lots of variations of how to spell the guard: && vs. if/fi,
[ -d ] vs. test -d, and so on)

I personally think I've written those in preference order (best one first),
but it's up to the cron implementors' tastes rather than mine.

smcv

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2022-03-12 21:42, Michael Biebl wrote:

- Teach cron about systemd timers and allow cron entries to be marked
with meta data that tells cron that when run under systemd it should
skip those entries.

On 2022-03-13 01:07, Simon McVittie wrote:

If there was a way to flag system cron jobs with metadata that says
"this is redundant when running under systemd",

[...]

I personally think I've written those in preference order (best one first), but it's up to the cron implementors' tastes rather than mine.

Unless cron finds a new maintainer (#984736), I don't think either of
these are going to happen.

Best,
Christian

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, Mar 13, 2022 at 11:06:46AM +0100, Marc Haber wrote:

The anti-systemd faction in Debian is cordially invited to step in,
bring cron and cronie up to shape, before asking the rest of the
Distribution to stick with essential system software that has been unmaintained for years.

And in that case, they please generate cron files from systemd timer
units.

Bastian

--
Warp 7 -- It's a law we can live with.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 13 Mar 2022 08:47:27 +0100, Christian Kastner <ckk@debian.org>
wrote:

Unless cron finds a new maintainer (#984736), I don't think either of
these are going to happen.

This looks like we all should migrate over to systemd timers as soon
as possible for everything, leaving the burden of keeping cron alive
to those systemd-free distributions.

The anti-systemd faction in Debian is cordially invited to step in,
bring cron and cronie up to shape, before asking the rest of the
Distribution to stick with essential system software that has been
unmaintained for years.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2022-03-13 11:06, Marc Haber wrote:

The anti-systemd faction in Debian is cordially invited to step in,
bring cron and cronie up to shape, before asking the rest of the
Distribution to stick with essential system software that has been unmaintained for years.

I don't think that's a very constructive line of argument. As a former maintainer, it was evident that user crontabs (crontab -e) are still
very popular, as are some other perhaps niche features, and I've never
had the impression that anti-systemd has anything to do with it.

And in all fairness, I did invest a lot of time maintaining it over the
years before I stepped down recently. I spent hundreds of hours alone on converting our fork of Vixie cron from source format 1.0 to 3.0 (the
cumulative 1.0 diff spanned more than two decades of changes) so that
our fork can more easily be compared and merged with other cron forks,
such as cronie.

I completed that task a while ago, but then lost all motivation to
continue further. The cron daemons all originate from the early 90s.
systemd timers, being newer, just seem like a much cleaner
implementation, and thus the way forward to me. I could no longer muster
the time or energy to work on something I wasn't happy with, so I
stepped down.

In my opinion, the way forward for cron would be for someone to adopt
cronie, carry over any Debian patches not already included or equivalent
(there aren't too many, last time I checked), and to make cronie the new default cron daemon.

Best,
Christian

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 2022-03-13 at 18:02 +0100, Christian Kastner wrote:

I don't think that's a very constructive line of argument. As a former maintainer, it was evident that user crontabs (crontab -e) are still
very popular, as are some other perhaps niche features, and I've never
had the impression that anti-systemd has anything to do with it.

As a systemd user who has a large user crontab I have to agree.

I'd like to migrate to systemd timers, but there are a few blockers:

The cron feature of sending the output via email by default isn't
possible to get easily with systemd timers or systemd-cron, unless you
modify every single timer to manually send email or use systemd-cron
and have every single timer fail.

Having everything in one file makes them more convenient to edit.

Being able to implicitly share environment variables between groups of
crontab lines is more convenient.

Figuring out if there native systemd equivalents for features I've
implemented manually, such as the lock and sleep times to ensure system
load isn't high due to running everything at once or disabling jobs
when the network isn't online.

Spending the time to migrate everything.

--
bye,
pabs

https://wiki.debian.org/PaulWise

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEYQsotVz8/kXqG1Y7MRa6Xp/6aaMFAmIumpEACgkQMRa6Xp/6 aaPZWRAAurP5DHueBXb0muHD2mrbu4JXnCL5ZpV4jib97f4OwYLkCDI+NmOFSVIn wp7U4VIS4sakQ4RnKKNw1lG+0Yct0WhI6Vicm1oUA8yfIRAYEe01CPOB7PggLpek tJd5K+7EYmrdzYK1xnSrVXNF+OIvq+PaRfi/7Rzoa15KsKzVth7lc/Fqo5oz2C3t bIZ2fUWgwDVgoAOlV8QSKFiRjDiJK8keMi4mcpj3Nu4sm878T9UbG91+GsBaHS9J s2MmMCkF2ig/w81ugxlrbm+JMxNW9WlpTE8U60BLiFJs8exlgiQWl1JNaIXLDbLC 8xhZ0dlwBc0rn5jShWCs7I7Vs2nNxY0W91brI/kk3ZnSrYI7p/HGlxo4TkJJ78Mi eRB7k2/uN0kBj3Yk6zSFAbE0saQsUi/ydNA1d5y/cGH+y1UoK9LkyOOTUTmDXnsr gn/DQ1hHkkv/T3m91f7jtZGLMonym4uq8oGy0qosEoGBuz8GuuUT1INjITd5kwJn iJEvtBSqD8uDUCSt+HmrAf3ehAv5G6qNUk8PzYBmG3wetXVSmdgU47fwy2BooUE4 aDQYQBjFIfXvkjwGZvsa+d1gF9UaR9Q1dTv793GF0Dq0zCbYA5jAn3SyyVqUcrru dcdIhWKn6Y8PTl7WH8wTtbV2GeV8vPmge5BFhUXrYYghpJESmuQ=
=zuXo
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

To: debian-devel@lists.debian.org

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------s3x4Muw2J6WCmHbr62Dp3LIV
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

QW0gMTQuMDMuMjIgdW0gMDI6Mjkgc2NocmllYiBQYXVsIFdpc2U6DQo+IFRoZSBjcm9uIGZl YXR1cmUgb2Ygc2VuZGluZyB0aGUgb3V0cHV0IHZpYSBlbWFpbCBieSBkZWZhdWx0IGlzbid0 DQo+IHBvc3NpYmxlIHRvIGdldCBlYXNpbHkgd2l0aCBzeXN0ZW1kIHRpbWVycyBvciBzeXN0 ZW1kLWNyb24sIHVubGVzcyB5b3UNCj4gbW9kaWZ5IGV2ZXJ5IHNpbmdsZSB0aW1lciB0byBt YW51YWxseSBzZW5kIGVtYWlsIA0KDQpTZWUgaHR0cHM6Ly9saXN0cy5kZWJpYW4ub3JnL2Rl Ymlhbi1kZXZlbC8yMDIwLzAxL21zZzAwMjA1Lmh0bWwNCg0KDQoNCg0KDQo=

--------------s3x4Muw2J6WCmHbr62Dp3LIV--

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmIu3I0FAwAAAAAACgkQauHfDWCPItxX tw/9HwyB/Fbw8s+EBCYsCpPy5GwIulBD5CCgO4+I2v4UcRcTFw26arsvgxflcmCriV7bAqZ6b5gw fWyfL8kHoT3JsP+acosyFyiNeGppW0e1x7qJwL+kYQh+NtHdPIIqEhucCHdDFfh4Thsf9uU7pB/w +B5vUZcZ/YxPOQ5kd7bIk2sItxuF8KLmJTaFs8Q/i7oRnfv1TsDoEqiVWjtrZAQ9Xd5+OECxqbGV tcwigtPL6tTxDU3GL696TpsxnYflE5RYuFtLhPaJetB9P6Nk+yIaeJNToCe7W2Wh9yReTKKddV0Z dJq1aJRLDULiXxFU/fArJFDPiEu60mQmXy1ZqnT2P4fg/Kp/BWveHAUZlIUmzcCLy8ztbVGXiMnB hiwc29bbAeJVbnJzN8W0JU8Zh+l+TCFoK7xrgThrrbKgm7N/yBhWkcBW6DrY7kmo6uL3jlMaEUO5 Fz6w4lWtWQAhkmFzBlVUvVL6/WbToCdUfupdE0VXKqjEjN8eIWZUIiyeIvprcR7emAYQB/YadFIK F+fILs4E+3aPZYermCXOrUXR+G9iXHYS2L4M0OwirvLVaHLrCHwnsiGHbottyJULOkzbyf6B8Vt+ IkbGNioK8nNEPTe/De1ZxY8MYvDC2/orZuLOzjT+VIgzUYc441DGxZk10AdhwIdeYMhzjd5c9iVB WnY=
=+5Qi
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 13 Mar 2022 18:02:55 +0100, Christian Kastner <ckk@debian.org>
wrote:

On 2022-03-13 11:06, Marc Haber wrote:

The anti-systemd faction in Debian is cordially invited to step in,
bring cron and cronie up to shape, before asking the rest of the
Distribution to stick with essential system software that has been
unmaintained for years.

I don't think that's a very constructive line of argument. As a former >maintainer, it was evident that user crontabs (crontab -e) are still
very popular, as are some other perhaps niche features, and I've never
had the impression that anti-systemd has anything to do with it.

That was not my intention to say. And I didn't want to put your
maintenance work in a bad light. You had quite ambitioned plans and I
am sad that it didn't work out. And, given our personpower problem
regarding core packages, your plans are unlikely to go forward any
time soon with both cron and cronie being more or less maintainerless.

Not being a systemd fanboi myself, for many things I prefer having
mechanisms outside of systemd, but if an alternative is unlikely to
move forward any time soon, I'd seriously consider migrating to
something that IS moving forward, and that is systemd timers.

And in all fairness, I did invest a lot of time maintaining it over the
years before I stepped down recently. I spent hundreds of hours alone on >converting our fork of Vixie cron from source format 1.0 to 3.0 (the >cumulative 1.0 diff spanned more than two decades of changes) so that
our fork can more easily be compared and merged with other cron forks,
such as cronie.

That was very good work and I am sad to see that this work is unlikely
to be done soon.

I completed that task a while ago, but then lost all motivation to
continue further. The cron daemons all originate from the early 90s.
systemd timers, being newer, just seem like a much cleaner
implementation, and thus the way forward to me. I could no longer muster
the time or energy to work on something I wasn't happy with, so I
stepped down.

I fully understand.

In my opinion, the way forward for cron would be for someone to adopt
cronie, carry over any Debian patches not already included or equivalent >(there aren't too many, last time I checked), and to make cronie the new >default cron daemon.

That would be very good. Sadly I am not in a position to do that
myself because I lack the C skills. i surly hope that someone steps
in.

Thank you for caring about cron and cronie!

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 2022-03-14 at 07:11 +0100, Michael Biebl wrote:

See https://lists.debian.org/debian-devel/2020/01/msg00205.html

AFAICT OnSuccess/OnFailure services don't recieve the output of the succeeding/failing service. So the mail sending service needs to dig
around in the systemd journal. Or make the service output go to a file,
FIFO or socket and then send that to a mail.

--
bye,
pabs

https://wiki.debian.org/PaulWise

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEYQsotVz8/kXqG1Y7MRa6Xp/6aaMFAmIu8EcACgkQMRa6Xp/6 aaN1iRAAs34GlG283Q1433gP4AZaD/t4BQFN0v8lo5m1e3Gw3wupszyFsKPy4/TL eOCsBnlU3eoqofykg88NI9xVUljQr7SlNUGug3tLIRQCI6HyIKqR9sbyyLHaDPq+ e5hO4YnCulswtStM02B59LizbHysw46baJpYxMNgNx3eY0SGw5v8ihRGnwvyJMpV LGqdNI5kq0gxW613J9omVpj4feN1Q+q5iEf9S9z2OJLgd+jIDBry5uwh7XKTvkjX b9b/wVOsWv1Bu5GQ/SbQTIlyKGvrfPSw61JUHc3ArXu58VbSwpWFi+/htCHyDiuR oX+UB9g07gH9VloqmQRZi1hJhEkG+UC+ufnpbQU0WCHDFJySWt6bRhPZHxRZw+pF PFoKGAglBJC/0bsfxsPUJCNfEjBVOZYbkyaVHF/FOSAShSLBK7PiY/MvLWpqyjJX VTtqiYV23z5Hfc/D8WvBZfv2Eo9hooOGdFiUsRc1pav9+pb+b+3cQe46XTGXA3HP Cs7X10WPdAuBJq6IED4XQNpsP6lHeYCiUgupdh0IxZ+HbfuOnBK+/LUR+YBhpDEx MpPaxzZ4z2XS/H4WEyNgDrPYjxmhEXXD0pzingmnzZkW/0QeNeT6Qex1diPZgk4U YAzqXT0wvVpcK9YIu4wwKrLaVMZP4fwUn3i42O6dwUr3/07nWnU=
=W/bV
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 14 Mar 2022 09:29:56 +0800, Paul Wise <pabs@debian.org> wrote:

The cron feature of sending the output via email by default isn't
possible to get easily with systemd timers or systemd-cron, unless you
modify every single timer to manually send email or use systemd-cron
and have every single timer fail.

This is something that has been hindering migrations since I was
young: People identify one feature that is going away as vitally
important to them and use that to reject the movement, even if it's an
advance in sum. See NAT or DHCP for IPv6.

Having everything in one file makes them more convenient to edit.

Same ;-)

Being able to implicitly share environment variables between groups of >crontab lines is more convenient.

Since Lennart seems to have decided not to get rid of the
EnvironmentFile setting, that can be replaced.

Figuring out if there native systemd equivalents for features I've >implemented manually, such as the lock and sleep times to ensure system
load isn't high due to running everything at once or disabling jobs
when the network isn't online.

I think that the equivalent of cron.daily in systemd timers would make excessive use of start point randomization, that is going to take care
of load spikes. Additionally, it will take care of load spikes in VM environments (see 07:35 when all machines begin their cron.daily simultaneously). Migrating to more randomized times of daily runs is
also going to expose the case where certain cron jobs depend on each
other and only work if they're executed in exact order.

Spending the time to migrate everything.

Yes, that's a point. Would it be an alternative to spend time on cron
and cronie patching and packaging?

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mar 14, Paul Wise <pabs@debian.org> wrote:

AFAICT OnSuccess/OnFailure services don't recieve the output of the succeeding/failing service. So the mail sending service needs to dig
around in the systemd journal. Or make the service output go to a file,
FIFO or socket and then send that to a mail.

Yes, this is true. These are the unit and script that I use, and I think
that Debian would benefit from having something like this available in
some common package.

I think that there is still space for cron jobs and for having a cron
package installed by default, but also that packages should seriously
consider migrating their cron jobs to timer units.

admin@rs1:~$ cat /etc/systemd/system/status-email@.service
# Add this to the unit to be monitored:
#
# [Unit]
# OnFailure=status-email@%n.service

[Unit]
Description=Status mailer unit for %i

[Service]
Type=oneshot
ExecStart=/usr/local/bin/systemd-email noc@minap.it
Environment=FAILED_UNIT=%i
Environment=HOSTNAME=%H
admin@rs1:~$ cat /usr/local/bin/systemd-email
#!/bin/sh -e

if [ "$1" ]; then
MAILTO="$1"
else
MAILTO="root"
fi

if [ -z "$FAILED_UNIT" ]; then
echo "\$FAILED_UNIT is not set!" 2>&1
exit 1
fi

fuu=$(systemctl show $FAILED_UNIT --property=User)
fuu="${fuu#User=}"
if [ "$fuu" ]; then
shortfrom="$fuu@${HOSTNAME%%.*}"
else
shortfrom="$root@${HOSTNAME%%.*}"
fi

exec /usr/sbin/sendmail -t <<EOF
To: $MAILTO
Subject: Systemd <$shortfrom> $FAILED_UNIT
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Auto-Submitted: auto-generated

$(systemctl status "$FAILED_UNIT" --full --lines=3D100)
EOF

--=20
ciao,
Marco

-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQQnKUXNg20437dCfobLPsM64d7XgQUCYi8dRQAKCRDLPsM64d7X gY1HAQCEScswAZ4bX8lopYoQpHRb3ZcTNG4Ejn6Kv2JXAwomMAEA1Y1JTWTVBcf7 9zG/n4DkUjoqxCvTy0rYIyQstkHmKQo=
=vkAR
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 14 Mar 2022 at 11:47:33 +0100, Marco d'Itri wrote:

On Mar 14, Paul Wise <pabs@debian.org> wrote:

AFAICT OnSuccess/OnFailure services don't recieve the output of the succeeding/failing service. So the mail sending service needs to dig
around in the systemd journal.

Yes, this is true. These are the unit and script that I use, and I think
that Debian would benefit from having something like this available in
some common package.

systemd-cron has something very similar, which it uses for the units that
it generates from crontab entries.

I think that there is still space for cron jobs and for having a cron
package installed by default

I'm not sure whether systemd-cron is ready to be that default yet, but
it might be a good candidate for people who are interested in cron jobs
to work on?

(I use it myself, but I am not involved in maintaining it.)

smcv

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 2022-03-14 at 11:47 +0100, Marco d'Itri wrote:

On Mar 14, Paul Wise <pabs@debian.org> wrote:

AFAICT OnSuccess/OnFailure services don't recieve the output of the succeeding/failing service. So the mail sending service needs to dig
around in the systemd journal. Or make the service output go to a file, FIFO or socket and then send that to a mail.

Yes, this is true. These are the unit and script that I use, and I think that Debian would benefit from having something like this available in
some common package.

I think that there is still space for cron jobs and for having a cron package installed by default, but also that packages should seriously consider migrating their cron jobs to timer units.

From v251 (should be out soon-ish) processes spawned via
OnFailure/OnSuccess will get the following env vars set automatically:

$MONITOR_UNIT
$MONITOR_SERVICE_RESULT
$MONITOR_EXIT_CODE
$MONITOR_EXIT_STATUS
$MONITOR_INVOCATION_ID

Besides, OnFailure/OnSuccess really should start templated units
anyway, so that you get exactly one instance per invocation. So the
pattern you noted with on-failure@n.service is the right thing anyway.

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmIvLAMACgkQKGv37813 JB63EQ/9HEKbE1P1utQq6uARwy/QAEijExbriomZRV/gBYzOAGtXb1Rr0k3QXZzd 951U/4zl5dHiakQyuUNZefrIZ5qpC8KaiCi7FrM2b0gVKCMpgziqoWYrNIvGFv6q NkzZBgAtAgPJGWvrhRfYxLKMiKHJQznZRgSC27vm6OB4xJMr5LSnoeRvuKtaChMQ j4xBpowtRbsptqvEYmUyywJLPtU+ch4nMTYchdXBGVdjnVdUXo/iB2OSET2dWhZ8 sZtKVD66M5BZ/dJmgjvx4ll93Pw7YRZkxuga43SKSmMIuHjP3AsaQS74/BMKDvkx ll8QJlbr7eP4GVMQXPM8M/wtk9Pv0YMRoI3wOdCE2NehZa/oEfFYDrbT4oRMQ1nz aHc7D0hW8R/lGs4TBLrz3P4wxiOlkSSQqR4wllvF69dBv4/JW5PpYoSfatsOJct+ pcU7oTJA00IgkeeFfXbckOcpredGA09OIJdMocQ1bEWspnmYtyJYyZqgi4QKuMAn exYe3DcWqt9whOjPTPuX/iy+nJDovVJIopTqZY7Uv7njeTG03yJFxQC7JmlbUG7H QRmQ3Rg6vUXuKoy5id5PNXXsBFsKwIf5VotMRyk1rvv5sZDNSr5WTf3gXqtS4vTA zzqXEcDiOWyZc89qHJwNy/bmzfLCSZ7q58p7HOT8POPXJ/Cdo3Q=
=F0cZ
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2022-03-14 08:48, Marc Haber wrote:

On Sun, 13 Mar 2022 18:02:55 +0100, Christian Kastner <ckk@debian.org>

I don't think that's a very constructive line of argument. As a former
maintainer, it was evident that user crontabs (crontab -e) are still
very popular, as are some other perhaps niche features, and I've never
had the impression that anti-systemd has anything to do with it.

That was not my intention to say.

I think I could have expressed myself better as well. I read
"anti-systemd" and "unmaintained", and by addressing the these
arguments, I only wanted to point out how conclusions drawn from these
might be questionable.

I probably could have left out the part where the work stopped and what
would be needed to move forward, as that is document in the respective
WNPP bugs.

And I didn't want to put your maintenance work in a bad light.

I didn't take it as such, actually I simply assumed you were unaware of
the maintenance work.

Not being a systemd fanboi myself, for many things I prefer having
mechanisms outside of systemd, but if an alternative is unlikely to
move forward any time soon, I'd seriously consider migrating to
something that IS moving forward, and that is systemd timers.

That's the way that I see it, too.

cron has this bad luck that basically every Linux and BSD distribution
has its own fork of Vixie cron (1993) or its successor ISC cron (2000),
so there is no reasonable collaboration / sharing of work between
upstreams, so most of them are mainly one-person shows.

systemd has not only the benefit of being newer, but also appears to
have many eyes on it. It also comes with a large number of security
features that may be useful for job execution.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, Mar 14, 2022 at 09:29:56AM +0800, Paul Wise wrote:

On Sun, 2022-03-13 at 18:02 +0100, Christian Kastner wrote:

I don't think that's a very constructive line of argument. As a former maintainer, it was evident that user crontabs (crontab -e) are still
very popular, as are some other perhaps niche features, and I've never
had the impression that anti-systemd has anything to do with it.

As a systemd user who has a large user crontab I have to agree.

I'd like to migrate to systemd timers, but there are a few blockers:

Also systemd timers require a session to be running, so as I understand
it you have to configure lingering (loginctl enable-linger) for users
who want to use per-user timers that aren't tied to having an
interactive session (surely the common case). This is frankly obscure - there's no mention of it in systemd.timer(5), and I only found out about
it from the Arch wiki.

I'm not particularly anti-systemd - there are lots of things about it
that I like and use. However, I'm not sure the ergonomics of it weighed
up against user crontabs are particularly favourable. Unlike init
scripts, for instance, it usually requires noticeably more typing to
write a systemd timer than a cron job. The trade-off is that you get
better observability and fancier controls over when and how things run.
That trade-off usually seems to be worth it for packaged cron jobs, but
I have a fair few ad-hoc user cron jobs where I don't feel particularly enthusiastic about it. I'd hate to have to write the release notes
entry telling people that they had to use timers rather than user
crontabs!

systemd-cron provides a generator so that the traditional
domain-specific language for crontabs remains available, which seems
like a decent approach. I haven't used it, but in general I think the
crontab syntax is much stickier than the particular cron implementation.

--
Colin Watson (he/him) [cjwatson@debian.org]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 2022-03-14 at 15:28 +0000, Colin Watson wrote:

I'm not particularly anti-systemd - there are lots of things about it
that I like and use.  However, I'm not sure the ergonomics of it
weighed up against user crontabs are particularly favourable.

I think we are only talking about possibly replacing cronjobs shipped
by packages with .timer units in this thread, i.e., the files in
/etc/cron.d and /etc/cron.{daily,monthly,weekly}.

Cron jobs added manually by users or system administrators are a
different problem. There is only a very small contact area: if we
replace all cron jobs with .timer units, then we might also choose to
no longer install cron by default and users would have to install it
manually.

Ansgar

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------3qjwDwVSq7d5Javfhlphfe6z
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

QW0gMTQuMDMuMjIgdW0gMTY6Mjggc2NocmllYiBDb2xpbiBXYXRzb246DQo+IE9uIE1vbiwg TWFyIDE0LCAyMDIyIGF0IDA5OjI5OjU2QU0gKzA4MDAsIFBhdWwgV2lzZSB3cm90ZToNCj4+ IE9uIFN1biwgMjAyMi0wMy0xMyBhdCAxODowMiArMDEwMCwgQ2hyaXN0aWFuIEthc3RuZXIg d3JvdGU6DQo+Pj4gSSBkb24ndCB0aGluayB0aGF0J3MgYSB2ZXJ5IGNvbnN0cnVjdGl2ZSBs aW5lIG9mIGFyZ3VtZW50LiBBcyBhIGZvcm1lcg0KPj4+IG1haW50YWluZXIsIGl0IHdhcyBl dmlkZW50IHRoYXQgdXNlciBjcm9udGFicyAoY3JvbnRhYiAtZSkgYXJlIHN0aWxsDQo+Pj4g dmVyeSBwb3B1bGFyLCBhcyBhcmUgc29tZSBvdGhlciBwZXJoYXBzIG5pY2hlIGZlYXR1cmVz LCBhbmQgSSd2ZSBuZXZlcg0KPj4+IGhhZCB0aGUgaW1wcmVzc2lvbiB0aGF0IGFudGktc3lz dGVtZCBoYXMgYW55dGhpbmcgdG8gZG8gd2l0aCBpdC4NCj4+DQo+PiBBcyBhIHN5c3RlbWQg dXNlciB3aG8gaGFzIGEgbGFyZ2UgdXNlciBjcm9udGFiIEkgaGF2ZSB0byBhZ3JlZS4NCj4+ DQo+PiBJJ2QgbGlrZSB0byBtaWdyYXRlIHRvIHN5c3RlbWQgdGltZXJzLCBidXQgdGhlcmUg YXJlIGEgZmV3IGJsb2NrZXJzOg0KPiANCj4gQWxzbyBzeXN0ZW1kIHRpbWVycyByZXF1aXJl IGEgc2Vzc2lvbiB0byBiZSBydW5uaW5nLCBzbyBhcyBJIHVuZGVyc3RhbmQNCj4gaXQgeW91 IGhhdmUgdG8gY29uZmlndXJlIGxpbmdlcmluZyAobG9naW5jdGwgZW5hYmxlLWxpbmdlcikg Zm9yIHVzZXJzDQo+IHdobyB3YW50IHRvIHVzZSBwZXItdXNlciB0aW1lcnMNCg0KSSdkIGFn cmVlIGhlcmUuIHVzZXIgY3JvbnRhYnMgYXJlIHN1Y2ggYSBuaWNoZSBjYXNlIHdoZXJlIHN5 c3RlbWQncyBvd24gDQpmYWNpbGl0aWVzIGRvbid0IHByb3ZpZGUgYSBkaXJlY3QgcmVwbGFj ZW1lbnQuDQoNClRoYXQgc2FpZCwgbXkgbWFpbiBwb2ludCB3YXMgYWJvdXQgcGFja2FnZXMg c2hpcHBpbmcgY3JvbiBmaWxlcy4NCkFzIGEgZGlzdHJvIHdlJ2QgYmVuZWZpdCBpZiB0aG9z ZSBzaGlwcGVkIG5hdGl2ZSBzeXN0ZW1kIHRpbWVycyAoaW5zdGVhZCANCm9yIGluIGFkZGl0 aW9uKS4NCkkgZG9uJ3QgdGhpbmsgd2UgaGF2ZSBhbnkgcGFja2FnZXMgaW4gdGhlIGFyY2hp dmUgdGhhdCBtYWtlIGRpcmVjdCB1c2UgDQpvZiB1c2VyIGNyb250YWJzPw0KDQpJZiBhbGwg cGFja2FnZXMgc2hpcHBlZCBuYXRpdmUgc3lzdGVtZCB0aW1lcnMgSSBjb3VsZCBlbnZpc2lv biB0aGF0IGF0IA0Kc29tZSBwb2ludCBpdCB3b3VsZCBtYWtlIHNlbnNlIHRvIHN0b3AgaW5z dGFsbGluZyBjcm9uIGJ5IGRlZmF1bHQgYW5kIA0KdXNlcnMgdGhhdCBuZWVkIG9yIHdhbnQg dXNlciBjcm9udGFiIGNhbiBqdXN0IHJ1biBhcHQgaW5zdGFsbCBjcm9uLg0KDQpSZWdhcmRz LA0KTWljaGFlbA0K

--------------3qjwDwVSq7d5Javfhlphfe6z--

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmIvZVYFAwAAAAAACgkQauHfDWCPItyX Cg/+LoVMpdyn7QuwheYwpmbNS+MpimU1OfzqBFVZAVkLPhKv26oYsiRNy+njzHJPvgUHzmKJVDcl BCnQiqj2B5fSlOw0rgoTrjdBWwa8dfDHQ5sYJTizfeCuY4ZzL+Zy10/uP7yqyNT77iAX51cSoFyh P2cGpBj86BhjWW1R8ZSPEhawdgTC2Z6LThhBaGxIXj1nMNq3yxsPr0JCnwBqCxtzTlKMve+VqVRZ Niy/Mw+mtyyIMVY44AGXZaYmBwcHQLQVz5+JK41lRXuMOmxGcJ5wNi4SAFBZfau9zxhqNHiRFw1k Mx5wuvmmP/ZKmZCIpJWxxHBwKah6YKsydkIsNmhTpDDKKm+6MPJEmEELG0V9Qv65rhNwjiYObZX8 S3slJ5Q4Gj0+CxvPExNBbCbzGiaJyUzlFVP/q6JYBjJbOirIlFqXJAHye6ykTIuBNQVQ+kO63Rbh 9mGoNLsZvx77wAPnzHw7BkKfAr5MVMP9Qa/q7zo95dXqxMivhpci5vNNnqcUZWR1yV4HFRj//dcQ F/j+an8+iA6yRAp8P1TIYk4JiqiorCCuW/3rYzgiHokvNEBVayHw06c9HBW1iOcQuh1X+Ee0EI2M AeuMRTeuM1HP1MBtM90DckH51DP3PeWXiBfRyE259eu3Z25KbouE78VL9bWC7HfKvuOYpVs1kdJT RJU=
=2JyR
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Michael Biebl wrote:

I'd agree here. user crontabs are such a niche case where systemd's
own facilities don't provide a direct replacement.

That said, my main point was about packages shipping cron files.

As a distro we'd benefit if those shipped native systemd timers
(instead or in addition). I don't think we have any packages in the
archive that make direct use of user crontabs?

If all packages shipped native systemd timers I could envision that at
some point it would make sense to stop installing cron by default and
users that need or want user crontab can just run apt install cron.

Perhaps a first step would be to promote lintian's `missing-systemd-timer-for-cron-script` (https://lintian.debian.org/tags/missing-systemd-timer-for-cron-script)
from "pedantic" to "warning"? If that were fixed for the majority of
packages, `cron` could then become priority optional, with a release
note suggesting to install it to support user crontabs.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2022-03-13 01:07, Simon McVittie wrote:

- reserving an environment variable like SKIP_CRON_JOB_UNDER_SYSTEMD=1
to act as a request to skip parsing this cron job on systemd systems
(it would also be set like any other environment variable when the cron
job is executed on a non-systemd system, but that should generally be
harmless, because programs are generally expected to ignore unknown
environment variables)

I guess I overlooked this at first, because this sounds like a really
simple solution, 3 LOC or so.

It also shouldn't conflict with anything else out there.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 2022-03-14 at 11:47 +0100, Marco d'Itri wrote:

Yes, this is true. These are the unit and script that I use, and I think that Debian would benefit from having something like this available in
some common package.

...

$(systemctl status "$FAILED_UNIT" --full --lines=100)

Unfortunately for my cron jobs I need the entire output of the command invocation, don't want any output from prior runs of the command and
don't want any of the output to end up in the systemd journal.

So I need something like StandardOutput=mail or to add some sort of
wrapper script to each of the relevant systemd timers.

--
bye,
pabs

https://wiki.debian.org/PaulWise

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEYQsotVz8/kXqG1Y7MRa6Xp/6aaMFAmIv+ncACgkQMRa6Xp/6 aaN6tw/8C8JSTBXVAhBCtHxiwz4y7L4e9x4J6wKtg7Pzgbm+ZgRPhBPNHpbqe3fx zPCTX03qbAYK0n+gYsgScg/dFBhf1HzKUgzZBDPKVEIsuqhhfbf7gRRtSjxs6tuj 874I/C5FHZp9Vk/8rVe/1dWGKyqT/6zR3Y8aLIVi5601KTyjtzyZaCnhBmHgvpj3 +8jDQKhkqwQczYcfTuH8dTfyVlq18RrxCHOxcK0iBii1s8tOrkEl6L7uqauv7OMb FWqvHr1MBPGvkMUUKgzhA1L7W9Ax3TwwxEscs5KVzhJjB0pw370ZuuP2stB6es/B XoufiSzsqPq2KRv4O3XMCZQD9W+vj5FGV7018GwpRnaWwzgMb7kV9gQxn56/u4KO UAG0I/5SSJOmWXfG+ZSAnmTZB8CurOw6gezWujSwZ9D0/DOweudXTtfRdGB29mez I8zC6p2ZKVJCMI1frP5SECmJ21hZsIbGAYqlDJgr3gXx1MQIpm6yK4R1Wekz7NGA oVSwSQHYL55zuIXVheMctte2ufmZb47oZ0dS0OE9oNHZPMK8I3IpxbiQyiHKpg/L rd4NX6jZO16i7lrT3Fy0HJILxyNyVI/oFvFciZAVN9xOS+tqLGsoEgEiPqSzVtpO Dj2d0vFjlfzSrjDEaOuRs3N2ncja1dWYEXE4J8r+7BXNsXqIWac=
=+4P9
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

To: bluca@debian.org (Luca Boccassi)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------AXkT7m27b8GAZ8dNxiBd77vN
Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64

DQpBbSAxNS4wMy4yMiB1bSAwMzozMSBzY2hyaWViIFBhdWwgV2lzZToNCj4gT24gTW9uLCAy MDIyLTAzLTE0IGF0IDExOjQ3ICswMTAwLCBNYXJjbyBkJ0l0cmkgd3JvdGU6DQo+IA0KPj4g WWVzLCB0aGlzIGlzIHRydWUuIFRoZXNlIGFyZSB0aGUgdW5pdCBhbmQgc2NyaXB0IHRoYXQg SSB1c2UsIGFuZCBJIHRoaW5rDQo+PiB0aGF0IERlYmlhbiB3b3VsZCBiZW5lZml0IGZyb20g aGF2aW5nIHNvbWV0aGluZyBsaWtlIHRoaXMgYXZhaWxhYmxlIGluDQo+PiBzb21lIGNvbW1v biBwYWNrYWdlLg0KPiAuLi4NCj4+ICQoc3lzdGVtY3RsIHN0YXR1cyAiJEZBSUxFRF9VTklU IiAtLWZ1bGwgLS1saW5lcz0xMDApDQo+IA0KPiBVbmZvcnR1bmF0ZWx5IGZvciBteSBjcm9u IGpvYnMgSSBuZWVkIHRoZSBlbnRpcmUgb3V0cHV0IG9mIHRoZSBjb21tYW5kDQo+IGludm9j YXRpb24sIGRvbid0IHdhbnQgYW55IG91dHB1dCBmcm9tIHByaW9yIHJ1bnMgb2YgdGhlIGNv bW1hbmQgYW5kDQo+IGRvbid0IHdhbnQgYW55IG9mIHRoZSBvdXRwdXQgdG8gZW5kIHVwIGlu IHRoZSBzeXN0ZW1kIGpvdXJuYWwuDQo+IA0KPiBTbyBJIG5lZWQgc29tZXRoaW5nIGxpa2Ug U3RhbmRhcmRPdXRwdXQ9bWFpbCBvciB0byBhZGQgc29tZSBzb3J0IG9mDQo+IHdyYXBwZXIg c2NyaXB0IHRvIGVhY2ggb2YgdGhlIHJlbGV2YW50IHN5c3RlbWQgdGltZXJzLg0KDQpJIG1p Z2h0IGJlIG1pc3Rha2VuIGhlcmUsIGJ1dCBMdWNhIGhpbnRlZCBhdA0KJE1PTklUT1JfSU5W T0NBVElPTl9JRCBpbiBoaXMgZW1haWwgd2hpY2ggbWVhbnMgb25lIGNvdWxkIGVhc2lseSBm aWx0ZXIgDQpqb3VybmFsIG91dHB1dCBmb3IgdGhlIGxhc3QgZmFpbGVkIGludm9jYXRpb24g dXNpbmcgdGhpcyANCiRNT05JVE9SX0lOVk9DQVRJT05fSUQuDQpMdWNhLCBpcyB0aGlzIHVu ZGVyc3RhbmRpbmcgY29ycmVjdD8NCkFmYWljcyB0aGlzIHdvdWxkIGNvdmVyIFBhdWwncyB1 c2UgY2FzZQ0KDQpNaWNoYWVsDQoNClsxXSBodHRwczovL2xpc3RzLmRlYmlhbi5vcmcvZGVi aWFuLWRldmVsLzIwMjIvMDMvbXNnMDAyNDAuaHRtbA0K

--------------AXkT7m27b8GAZ8dNxiBd77vN--

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmIwUvsFAwAAAAAACgkQauHfDWCPItz6 iw/+K55N0+bjSYDnlqBYjeHu2WlAQoF2oLWaVTD2Nd1MUSm5MadRx2x9QqukrSaAp8hUyRtGqnPR eFlvogEHt9pUmOkVn0qQD/KbXEyd7TEFJfzbIb5m2j73N3iC5GDWC6CnYBz3DVd4h0WN4OCEBHZ2 EuU3vTpvO7YUqFXR8mzf2Jt/XXlD/BFXrbAHSryojFp94SHumnmlXDcUGuIEAh6yzMHzNwc7KDfS 4heH6/OGw89MFwrBqIfbpJGk5PbMEm9vKZyMLoKZPnfJPtMFI1SRdCPb8kDFmAuzOffs/aupILz5 GJzwbhE86B2SsXA8foVutx8XNka1RYcsC6ZSvejz8f1KPPFWaovSG58WKo7FOduBPZEhbHFjKSqa zU574wKiaJtbQb+ESF1TIDTZCj/BIFFU31ZKDmwyfu+nFCHAkKtV/RZTWAtezKR9rEJIKUQkYmr8 OmXxglmt4Pw2XKyJy2foi9jzn7bBSrfirKbt3DasUyOY+dL1lf2xSg43hAA0Grd5zQP98cLExqPf Z9NqeueCS00ag0AvzrTUTldb/KAkSiJOWvEkMeG6FZh+hBZHetRCv0EUbdfNudPze90mNIs6erxo p5FO+EI3eGlaO1yHJjy46qDLUp7yKutDdtKnbrpVLzM3td5SOOenrjbUiB5dRQ4HbCJ7lkG9o62m Yx0=
=kzo5
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 2022-03-15 at 09:48 +0100, Michael Biebl wrote:

Am 15.03.22 um 03:31 schrieb Paul Wise:

On Mon, 2022-03-14 at 11:47 +0100, Marco d'Itri wrote:

Yes, this is true. These are the unit and script that I use, and I think that Debian would benefit from having something like this available in some common package.

...

$(systemctl status "$FAILED_UNIT" --full --lines=100)

Unfortunately for my cron jobs I need the entire output of the command invocation, don't want any output from prior runs of the command and
don't want any of the output to end up in the systemd journal.

So I need something like StandardOutput=mail or to add some sort of
wrapper script to each of the relevant systemd timers.

I might be mistaken here, but Luca hinted at
$MONITOR_INVOCATION_ID in his email which means one could easily filter journal output for the last failed invocation using this $MONITOR_INVOCATION_ID.
Luca, is this understanding correct?
Afaics this would cover Paul's use case

Michael

[1] https://lists.debian.org/debian-devel/2022/03/msg00240.html

Yes indeed, logs can be filtered by invocation id, eg:

journalctl INVOCATION_ID=abcdefg

Also to make a unit's log "private" (not stored in the system journal) LogNamespace= can be used, see:

https://www.freedesktop.org/software/systemd/man/systemd.exec.html#LogNamespace=

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQEzBAABCgAdFiEE6g0RLAGYhL9yp9G8SylmgFB4UWIFAmIwlHMACgkQSylmgFB4 UWI2BAf9EiV5fxXEFyA6nd5dRirJo9z2BHwEi4MeeS6gaFe8+EEiovHn/Z6NRYeF /oyGl5jMDXl5Z1rArruYmqyDwE6Ua+e0oK7P4gT5zT7AFxUcZ7FrceZA+ew0ejSp PQJv0+pYP1wRWVUHYMAiBjIDTJ8BGg8Bcax+V6pAT9Wt3DegHfO8LuQhMnnkCJ7u 9Xl9Lr0WQFSEipTIJKHHpD7c8NTmaU/XI8MBFif0uftRGGxsa607zXzvvAFYVXuP ZSYoWofGUzIX4hTpnEYkMJFGz7QIX2RiNTx31/nwDQrxaqX4Zy4J19G3ozZUDXUG dQ9EAzLonb0C8qlJ0AVGdgto8dwSag==
=H/JY
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Michael Biebl <biebl@debian.org> writes:

Am 15.03.22 um 03:31 schrieb Paul Wise:

On Mon, 2022-03-14 at 11:47 +0100, Marco d'Itri wrote:

Yes, this is true. These are the unit and script that I use, and I think >>> that Debian would benefit from having something like this available in
some common package.

...

$(systemctl status "$FAILED_UNIT" --full --lines=100)

Unfortunately for my cron jobs I need the entire output of the command
invocation, don't want any output from prior runs of the command and
don't want any of the output to end up in the systemd journal.

So I need something like StandardOutput=mail or to add some sort of
wrapper script to each of the relevant systemd timers.

I might be mistaken here, but Luca hinted at
$MONITOR_INVOCATION_ID in his email which means one could easily filter journal output for the last failed invocation using this $MONITOR_INVOCATION_ID.
Luca, is this understanding correct?
Afaics this would cover Paul's use case

Except for the "don't want any of the output to end up in the systemd
journal" bit.

Cheers, Phil.
--
|)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd.
|-| http://www.hands.com/ http://ftp.uk.debian.org/
|(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3/FBWs4yJ/zyBwfW0EujoAEl1cAFAmIwo4IACgkQ0EujoAEl 1cBckQ/+LNGnYYWlyxkvHiIeuqKZixUsW21R12ZY0a+hPW60BniXomigOwkEfmfr VVQ5zFaYr5hTmvhfoxy/HVM7qxfe4Un0nrNi4PEmeZaj7VqPz6f3AHZT6GOawFlJ Cw5r0yhgWkHxwsKCDEy9vrywlfRnMhz0bjrKaDCu9WsNu75Rr+K3931k2zbOjegH VbKFaEpOu97JZQ5xL0Szx7Za8qEv4kuUn9aEjz3T4HVlTzdiuzbnpvi/1phltRqp 3x3nkAHNo8/1FFLPCevou9fuRSnFGe/jR1jINA3oP8s7OOKNp49B6fLuT8gYjQDH yv9SXxYep6+1+TygW9SXCZvYUDfu5mOJt5E+4YE87i4RSOVIPo1Y8mXHoY1F3moQ pwZ93JMXKk7M13lbZW1v4yd5XgLvLdqGYnZHJM6fCwXlCMCr85Iy3wyjI26gbOYA 2jsmSLE8t0gTVs1Aurs2yrsm/SPAvABMVafeJpVya8YKxV9QMP/Vw+WNBeo5SoKF ASZaCuoaypg/Nd8/ArSCISjdQWaAOEqLWL789YqgLq9TOC43s8iSZ3CJ+pGXXbkJ VCZt2oqFzaZYwp8pzupEWxI08k/+9XxJQnzzydIVy6nitkHw3HuLGtZ9MSRaR9LC Y9HCzpaiG/MdhHS

On Tue, 2022-03-15 at 13:28 +0000, Luca Boccassi wrote:

Yes indeed, logs can be filtered by invocation id, eg:

journalctl INVOCATION_ID=abcdefg

That sounds useful.

Also to make a unit's log "private" (not stored in the system journal) LogNamespace= can be used, see:

https://www.freedesktop.org/software/systemd/man/systemd.exec.html#LogNamespace=

That sounds useful too but not for my use-case due to:

This option is only available for system services and is not
supported for services running in per-user instances of the
service manager.

I guess the reason for this is that it uses mount namespaces to
override the journald socket, rather than just pointing the process at
a different socket via another mechanism.

--
bye,
pabs

https://wiki.debian.org/PaulWise

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEYQsotVz8/kXqG1Y7MRa6Xp/6aaMFAmIxKO4ACgkQMRa6Xp/6 aaOecg/8CFPzLm3yHrIdtbFvNsSkJ/q3hL67iFairVv8i1aGAKp5PreRmkuVDQdA w2DURzXXLM8ulkhUJ/XRfPmdU/2hT/IeDQ5c/SuCcbHMrAhaTK0a/qg1Gwxz5l5R yys7bu5B1jUjV3foNIRhTwud85/kUtQpsx5wT+XEHfhiA5OTF3iCGB4OsPLL0vVt icvYTb2Cvc8zLCITrUGECRpKRh++7huezKhoX43W4BVtCJ1SMIPiYUn7B/9okiXT hJ5hqQ6Vst22BF3llIKvvmNknX0tJIZqphMvCvkPIsQuyz2qhx6sI73dLMg3WGub opStZNIONKBL4U0FYO9oCm7xewao4FXQB9eYs98UnQBJ47VcMvlnRybukNmPJI6V jtbFTSIC0oU5sLj/htj+tocgbZBQSEPm9vjMf5nn3IIXL2xRYVhrgLvMwegBtWHU TcfCQGa9Hi/RbVVyzMtWmkwdrmYs0DGsFzfdh5MYG8eVTWKo4cvgwycz/JmdgV+z 28R/7p4y/uUmQ5KqqHmfLXklfkq6G4rbQ5F8gELpgHwcsuKODqLoEgI+wLnVZrPa HaZqL/xmrhmYLNWKOzVNYzuM/gLcYA++6secTSkREZUwgfEfU29BZDD7fPExFqXz uZHcqdurzOzMQHU+DyUR9NWtVeCAeisiigCenJCv5n9oFPUAFM0=
=klJe
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 2022-03-15 at 15:32 +0100, Philip Hands wrote:

Michael Biebl <biebl@debian.org> writes:

Am 15.03.22 um 03:31 schrieb Paul Wise:

On Mon, 2022-03-14 at 11:47 +0100, Marco d'Itri wrote:

Yes, this is true. These are the unit and script that I use,
and I think
that Debian would benefit from having something like this
available in
some common package.

...

$(systemctl status "$FAILED_UNIT" --full --lines=100)

Unfortunately for my cron jobs I need the entire output of the
command
invocation, don't want any output from prior runs of the command
and
don't want any of the output to end up in the systemd journal.

So I need something like StandardOutput=mail or to add some sort
of
wrapper script to each of the relevant systemd timers.

I might be mistaken here, but Luca hinted at
$MONITOR_INVOCATION_ID in his email which means one could easily
filter
journal output for the last failed invocation using this $MONITOR_INVOCATION_ID.
Luca, is this understanding correct?
Afaics this would cover Paul's use case

Except for the "don't want any of the output to end up in the systemd journal" bit.

Cheers, Phil.

See other reply to pabs w.r.t. LogNamespace=.

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmIyh2YACgkQKGv37813 JB53dg//Ze+Sds7mp422SNb+d6UBFxBKoIJk/lncZIYipZkaiUUc9TEI72m+V7lQ b4aVfxMqfpEcJ2vC1+YkxtAkxUlBTFogi1Sj7TM8lKuPEzSWkk7Pg3/8/a6zhXyN yLTftZL47fE5bhgsVRJA6FvfKcwn0KxBbc3ZiQEZBuoHMGff2fx4OrqEICqvT7qy OL/qnV+mokkDiJ7tV+xQ+GvoK3n6Dbet/KRd23NN/YRJOj2eTsyVdRidLfPml2GQ 9y4/CFTaXEJAUw8/837vAJuMZF3dWqLMeIan07sBIKc0jdmMh7nZCo3VmUHDZplX XSoiTaDMyL39YLpgFB7LO2ibYNah3Ph9qAx/SA0f9qyHTUHiXSb3JQMwz2FS0mnB iMZV6T234IJEWaIAj8aM9C/MVnA+2anASc0lJ7B5Yz6WxYSQ0NKg5nT+/bSgbERj q7cV//Fuwzw1JKcjYzs46KEOwR4c0PdF/t4pZwsz1DNjkP6mlqur/069MCrH7IJK wGdnEJ4wrDic8zk7QY2qmAAPq4StFun9BhPUGaGq5pcb7TG32ahqiatLOPtElD6k xXqS19z0LPf6M9d/xJqsE6ndAeuE5tcVbQlu9NYjUDmpA0GilMJcNCzQgBO2cKKj MEOcOphow2g+VToJeuHl8HjB6CrmmS3/GBbJCMIBq2dCzRMaXHU=
=pZz4
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 2022-03-16 at 08:01 +0800, Paul Wise wrote:

On Tue, 2022-03-15 at 13:28 +0000, Luca Boccassi wrote:

Yes indeed, logs can be filtered by invocation id, eg:

journalctl INVOCATION_ID=abcdefg

That sounds useful.

Also to make a unit's log "private" (not stored in the system
journal)
LogNamespace= can be used, see:

https://www.freedesktop.org/software/systemd/man/systemd.exec.html#LogNamespace=

That sounds useful too but not for my use-case due to:

      This option is only available for system services and is not       supported for services running in per-user instances of the       service manager.

I guess the reason for this is that it uses mount namespaces to
override the journald socket, rather than just pointing the process
at
a different socket via another mechanism.

That will actually work from v251 too (as long as PrivateUsers=yes and TemporaryFileSystem=/run are also configured), with one caveat: given
the journald instance is a system unit rather than a user one, a user
unit won't have privileges to start it automagically. But it's very
trivial to start it manually if you are configuring the user unit,
since it's just a template based on the chosen namespace.

Ie, for a unit with LogNamespace=foo, a 'systemctl start systemd-journald@foo.service' once at boot will do the trick.

I'll see if I can make it work safely and automagically, without the
manual start, before the next release, but no promises.

Journal files will be stored under
/[var|run]/log/journal/<machineid>.foo/ and be separated from the
system ones.

--
Kind regards,
Luca Boccassi

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmIyh6oACgkQKGv37813 JB7tfQ//cHBRve5JRLykXwIPrcptC97wPMPQ9zPEJjdvmS2WrwGiE1aOewEOhYgJ LiWy9HzhLfeoSWaADyvxwV2R2lyO5l/Myw/t4oMHm5loJXWREE+5a6FRNtrrzAPO fWheQNsA5KAVfyifQX/82k4hmGGehmgNUlvI+6qj8SYlGhZHWfnbMyadsjRwpW6R t8cNaPyfS50var+ZeXz6xmVXMwrvoGsYgzhGfN6XERhmH+1WacyrEg3e5Yf+xUT0 jnjpyAbMZ/uTw0tBpDtMHywF/xzDBv4fcb/uhU9AUxPze7fYWDocVpJKJyMWLDcb 1f2eZbm7n17yL2JW98TYHYzmvnlt+tyLeg9SECGwfyHWV5Rs0xYWYXuIAajIB4U5 uT9nC1TsKpHtNoHiz3qg1PuC68k7UvwMxlB/Sj/HBNAwm6B7ZbfOBSKoWPC6IbLI 8SmvS8UqJAPG/rNqhbQnJVd1qjFJ5q5TcPDsIo1985xvPDRef8hw8lXxEi+BIUkS ReHzX0nz2tnw+BAvnLIoHkGSQLTWIO89ci0tj2Z1spGyACH25lHCqlkwSjEq93g0 mCeETt6QRBuMwvoClXkVxbxoeBSMcLbPUWAh7as8XZMdUSIZ9MWSHEJH2emxvoCL Y6hopnQuaao1yrRftPUhbprRqz4+5WdYomCQzTw+hmhR9ObSP4s=
=EFOF
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)