Maintained by: NLnet Labs

unbound and systemd

Sami Kerola
Wed Oct 14 21:32:13 CEST 2015


On 14 October 2015 at 08:12, W.C.A. Wijngaards <wouter at nlnetlabs.nl> wrote:

Hi Wouter, et.al.,

> The patch looks very nice.  I would like to include contrib items that
> make systemd integration easier.  The code patches are well written.

Great to hear there's hope to get the stuff to upstream.

> I would like to incorporate them (with some changes, like not
> installing the systemd integration from the Makefile, but having the
> packager pick them up out of the contrib directory.).

I am not entirely sure what you mean with that. I think the service
and socket files ought to be part of installation when systemd
support is compiled. Assuming build system is cleaned this makes
more sense, and is easy to achieve.

> https://github.com/kerolasa/unbound/compare/systemd?diff=unified&name=systemd
>
> The part where it does systemd sd_listen_fds in
> systemd_get_activated().  Does that mean systemd will open the
> listening file descriptors?  And unbound.conf will be ignored for
> interfaces and port numbers?

Now when I think about what I did with pre-processor directives and
socket-activation I must agree you are right. When systemd support
is complied the old skool daemonization should work as fallback. I
will change the code to do this, which also means the config is not
ignored in case of fallback. But when systemd service and socket
are working the config is meaningless.

> Is there more stuff you want to do for this integration?

The stuff I did to avoid pkg-config is not nice. Fixing that would
require dependency that not all projects agree. What is your view
to add pkg-config dep?

And then there is the question of build-sys in general. If you don't
mind me waving sledgehammer I can do that, but give me enough
time. These changes tend to take quite some hours to write and
test.

> How is this packagable, I mean: the code changes,
> can unbound detect it was started by systemd

It can be made to know, and inform in log for instance, but it I
don't think such is technically mandatory, but perhaps nice to
have.

Sure hater's gona hate systemd, but as far I can tell it is
pretty transparent library like API to programmers. From that
perspective support for systemd is the same way packagable
as any random third party library, that may or may not be
present in all systems.

> and then do the systemd code in lieu of the normal code?

Let me fix this.

> On 10/13/2015 06:37 PM, Sami Kerola via Unbound-users wrote:
>> Hello,
>>
>> First of all sorry that I wrote patches using git, but that's the
>> version control system I like, so I took liberty to use unofficial
>> clone as basis for my work.
>>
>> https://github.com/jedisct1/unbound.git
>>
>> That said I have been recently working with patch set that will
>> glue unbound together with systemd. The patch set is not tested,
>> but before I go and make all perfectly shiny let me request if the
>> upstream is even interested of this kind change. In case not I
>> won't bother making all pitch perfect. See the changes below in git
>> pull request format.
>>
>> While writing the systemd changes the other thing I notice was,
>> ehm, a bit crude way of using autotools. Is there any interest to
>> make configure.ac && Makefile.am stuff to work, and include
>> requirement to pkg-config? Yep, I do ack adding pkg-config
>> requirement is a bit irritating, but it does work fairly well for
>> many projects so perhaps it is not that evil.  Assuming there is
>> interest to make build tooling nicer, and you wish I would take a
>> lead on this, please let me first finish the systemd stuff.
>>
>> Cheers, Sami
>>
>> p.s. Could the upstream move using git, please, please, please,
>> please?
>>
>> ----------------------------------------------------------------
>> The following changes since commit
>> e3d4f1edfdae567b07cc75a9e3669de5bc8b1a6a: - iana portlist update.
>> (2015-10-09 08:08:31 +0000) are available in the git repository
>> at: git://github.com/kerolasa/unbound.git systemd for you to fetch
>> changes up to ccda84c59e594f9c918996017ea045256ad64659: systemd:
>> add do-daemonize note when running with systemd (2015-10-13
>> 17:15:46 +0100)
>> ----------------------------------------------------------------
>> Sami Kerola (12): build-sys: run autoreconf -f version 1.5
>> build-sys: add some autotools output files to .gitignore build-sys:
>> add systemd support to autotools build-sys: rerun autoreconf -f and
>> libtoolize -f build-sys: add ./configure output files to
>> .gitignore build-sys: update .gitignore after build systemd: make
>> systemd activation work for udp sockets systemd: make systemd
>> activation work for tcp sockets systemd: make systemd activation
>> work for unix sockets systemd: add service and socket files
>> systemd: add state notifications systemd: add do-daemonize note
>> when running with systemd
>>
>> .gitignore                 |  204 + Makefile.in                |
>> 12 +- aclocal.m4                 | 2762 +++++++------ config.h.in
>> |    6 +- configure                  | 2192 ++++++---- configure.ac
>> |    6 +- contrib/unbound.service.in |   16 +
>> contrib/unbound.socket.in  |   16 + daemon/daemon.c            |
>> 15 +- doc/example.conf.in        |    1 + ltmain.sh
>> | 9656 +-------------------------------------------
>> services/listen_dnsport.c  |   71 +- systemd.m4                 |
>> 28 + util/configlexer.c         |   19 +- 14 files changed, 3348
>> insertions(+), 11656 deletions(-) create mode 100644 .gitignore
>> create mode 100644 contrib/unbound.service.in create mode 100644
>> contrib/unbound.socket.in mode change 100644 => 120000 ltmain.sh
>> create mode 100644 systemd.m4
>>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBAgAGBQJWHgB1AAoJEJ9vHC1+BF+NR8AQAJXBVW4NAHxbmrKpEZun53tY
> Cex4/74NwLaAZshraOH0RKwV2hlYWfFh0dILl6DZtykLOjW/W1dkCuVT5/xv9vIX
> 0iIvoyJiRKTjwFgsKeCRWKHgXyhbgycDyKxcLE35Qd52r7y2aWnC8xGn9eg4JPgH
> yPNBKrp3qMtOITOH94Gi3rAOJWpXPVSNnBAxMUZZBJ3ObA5AhII7aIV7m9dDK4+9
> lkWKLC9T4hgjAMobXFMCYaGf1oaoYR5AVrFD10DGE8D5DsLCFC0oRSZ8CuAgzBUE
> TW+4kfm3b4JhJFggDkhsECmv+juUjbrJaJV4vmOR7zSxg3V9mUQQy2hinec16LOp
> RB64XdTKFmO8ZWxB5zloO1KoVMKNZ7wlq4Lyx9UIhw8i96b2RTcqtn8I7onwW2W9
> bgJOBb3DZFlBjC0K6Snpe09AdQy+Z/GaVoRC6466/8dHcuETxDa+9XqD8C+P3Azz
> CpsKqg96Zl4ESCHTta+ahHqh/18GD799/8OWNpdaeOzcIOGpgokdM3gTaBoKZVDy
> hb/G27lCho1qKok+ePvyR6WYSJlPLZjUdZ4DEOHSGA3bjj6Y015HgcUZc9Yb8cqz
> 4p3Y1vnJhHQTXI85aTJYU4gA/jy3cTWMDmX7Zd3mistBTCAdqxFY9wBgwktRyDiY
> snp6L35lTrcQ/dBws7wU
> =VEOx
> -----END PGP SIGNATURE-----



-- 
Sami Kerola
http://www.iki.fi/kerolasa/