Maintained by: NLnet Labs

unbound and systemd

W.C.A. Wijngaards
Fri Oct 16 13:45:32 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Sami,

On 10/14/2015 09:32 PM, Sami Kerola wrote:
> On 14 October 2015 at 08:12, W.C.A. Wijngaards
> <wouter at nlnetlabs.nl> wrote:
> 
> Hi Wouter, et.al.,
> 
>> The patch looks very nice.  I would like to include contrib items
>> that make systemd integration easier.  The code patches are well
>> written.
> 
> Great to hear there's hope to get the stuff to upstream.

Certainly!  I would like to pick up on the extra support for systemd.
 With this I mean the two files in contrib, and some sort of
configure-detection and then ifdeffed and iffed code.

The Makefile changes, please do not do them as part of this patch.
The build system is working today.  The conversion process is likely
to create issues.  (if such a conversion is even possible, or an
improvement).

Your patch seems to want to customize the compile itself, and
always-active, install for systemd.  This is because the Makefile is
also trying to do the package install.  Most package systems can pick
up files and install them, especially system files like init.d/rc.d.
It would be inappropriate (I think) for Unbound's Makefile to install
these files, and even more so, install them when systemd is not
present.  So, I would leave those files in contrib, the Makefile then
does not need any changes (I think).  A packager or package-script can
then pick then up and install them.  Wouldn't that be cleaner and more
portable?

That would leave the systemd changes at: files that are 'rc.d' (they
are now in contrib).  And configure detection for systemd, startup
detection for systemd, and then some code changes?  I think this means
you are already mostly done with the patch as well?

I think it is fine to use pkg-config for the systemd-configure part.
That would make it work best I guess?

Best regards, Wouter

> 
>> I would like to incorporate them (with some changes, like not 
>> installing the systemd integration from the Makefile, but having
>> the packager pick them up out of the contrib directory.).
> 
> I am not entirely sure what you mean with that. I think the
> service and socket files ought to be part of installation when
> systemd support is compiled. Assuming build system is cleaned this
> makes more sense, and is easy to achieve.
> 
>> https://github.com/kerolasa/unbound/compare/systemd?diff=unified&name=systemd
>>
>>
>> 
The part where it does systemd sd_listen_fds in
>> systemd_get_activated().  Does that mean systemd will open the 
>> listening file descriptors?  And unbound.conf will be ignored
>> for interfaces and port numbers?
> 
> Now when I think about what I did with pre-processor directives
> and socket-activation I must agree you are right. When systemd
> support is complied the old skool daemonization should work as
> fallback. I will change the code to do this, which also means the
> config is not ignored in case of fallback. But when systemd service
> and socket are working the config is meaningless.
> 
>> Is there more stuff you want to do for this integration?
> 
> The stuff I did to avoid pkg-config is not nice. Fixing that would 
> require dependency that not all projects agree. What is your view 
> to add pkg-config dep?
> 
> And then there is the question of build-sys in general. If you
> don't mind me waving sledgehammer I can do that, but give me
> enough time. These changes tend to take quite some hours to write
> and test.
> 
>> How is this packagable, I mean: the code changes, can unbound
>> detect it was started by systemd
> 
> It can be made to know, and inform in log for instance, but it I 
> don't think such is technically mandatory, but perhaps nice to 
> have.
> 
> Sure hater's gona hate systemd, but as far I can tell it is pretty
> transparent library like API to programmers. From that perspective
> support for systemd is the same way packagable as any random third
> party library, that may or may not be present in all systems.
> 
>> and then do the systemd code in lieu of the normal code?
> 
> Let me fix this.
> 
>> On 10/13/2015 06:37 PM, Sami Kerola via Unbound-users wrote:
>>> Hello,
>>> 
>>> First of all sorry that I wrote patches using git, but that's
>>> the version control system I like, so I took liberty to use
>>> unofficial clone as basis for my work.
>>> 
>>> https://github.com/jedisct1/unbound.git
>>> 
>>> That said I have been recently working with patch set that
>>> will glue unbound together with systemd. The patch set is not
>>> tested, but before I go and make all perfectly shiny let me
>>> request if the upstream is even interested of this kind change.
>>> In case not I won't bother making all pitch perfect. See the
>>> changes below in git pull request format.
>>> 
>>> While writing the systemd changes the other thing I notice
>>> was, ehm, a bit crude way of using autotools. Is there any
>>> interest to make configure.ac && Makefile.am stuff to work, and
>>> include requirement to pkg-config? Yep, I do ack adding
>>> pkg-config requirement is a bit irritating, but it does work
>>> fairly well for many projects so perhaps it is not that evil.
>>> Assuming there is interest to make build tooling nicer, and you
>>> wish I would take a lead on this, please let me first finish
>>> the systemd stuff.
>>> 
>>> Cheers, Sami
>>> 
>>> p.s. Could the upstream move using git, please, please,
>>> please, please?
>>> 
>>> ----------------------------------------------------------------
>>>
>>> 
The following changes since commit
>>> e3d4f1edfdae567b07cc75a9e3669de5bc8b1a6a: - iana portlist
>>> update. (2015-10-09 08:08:31 +0000) are available in the git
>>> repository at: git://github.com/kerolasa/unbound.git systemd
>>> for you to fetch changes up to
>>> ccda84c59e594f9c918996017ea045256ad64659: systemd: add
>>> do-daemonize note when running with systemd (2015-10-13 
>>> 17:15:46 +0100) 
>>> ----------------------------------------------------------------
>>>
>>> 
Sami Kerola (12): build-sys: run autoreconf -f version 1.5
>>> build-sys: add some autotools output files to .gitignore
>>> build-sys: add systemd support to autotools build-sys: rerun
>>> autoreconf -f and libtoolize -f build-sys: add ./configure
>>> output files to .gitignore build-sys: update .gitignore after
>>> build systemd: make systemd activation work for udp sockets
>>> systemd: make systemd activation work for tcp sockets systemd:
>>> make systemd activation work for unix sockets systemd: add
>>> service and socket files systemd: add state notifications
>>> systemd: add do-daemonize note when running with systemd
>>> 
>>> .gitignore                 |  204 + Makefile.in
>>> | 12 +- aclocal.m4                 | 2762 +++++++------
>>> config.h.in |    6 +- configure                  | 2192
>>> ++++++---- configure.ac |    6 +- contrib/unbound.service.in |
>>> 16 + contrib/unbound.socket.in  |   16 + daemon/daemon.c
>>> | 15 +- doc/example.conf.in        |    1 + ltmain.sh | 9656
>>> +------------------------------------------- 
>>> services/listen_dnsport.c  |   71 +- systemd.m4
>>> | 28 + util/configlexer.c         |   19 +- 14 files changed,
>>> 3348 insertions(+), 11656 deletions(-) create mode 100644
>>> .gitignore create mode 100644 contrib/unbound.service.in create
>>> mode 100644 contrib/unbound.socket.in mode change 100644 =>
>>> 120000 ltmain.sh create mode 100644 systemd.m4
>>> 
>> 
>> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
>> 
>> iQIcBAEBAgAGBQJWHgB1AAoJEJ9vHC1+BF+NR8AQAJXBVW4NAHxbmrKpEZun53tY 
>> Cex4/74NwLaAZshraOH0RKwV2hlYWfFh0dILl6DZtykLOjW/W1dkCuVT5/xv9vIX 
>> 0iIvoyJiRKTjwFgsKeCRWKHgXyhbgycDyKxcLE35Qd52r7y2aWnC8xGn9eg4JPgH 
>> yPNBKrp3qMtOITOH94Gi3rAOJWpXPVSNnBAxMUZZBJ3ObA5AhII7aIV7m9dDK4+9 
>> lkWKLC9T4hgjAMobXFMCYaGf1oaoYR5AVrFD10DGE8D5DsLCFC0oRSZ8CuAgzBUE 
>> TW+4kfm3b4JhJFggDkhsECmv+juUjbrJaJV4vmOR7zSxg3V9mUQQy2hinec16LOp 
>> RB64XdTKFmO8ZWxB5zloO1KoVMKNZ7wlq4Lyx9UIhw8i96b2RTcqtn8I7onwW2W9 
>> bgJOBb3DZFlBjC0K6Snpe09AdQy+Z/GaVoRC6466/8dHcuETxDa+9XqD8C+P3Azz 
>> CpsKqg96Zl4ESCHTta+ahHqh/18GD799/8OWNpdaeOzcIOGpgokdM3gTaBoKZVDy 
>> hb/G27lCho1qKok+ePvyR6WYSJlPLZjUdZ4DEOHSGA3bjj6Y015HgcUZc9Yb8cqz 
>> 4p3Y1vnJhHQTXI85aTJYU4gA/jy3cTWMDmX7Zd3mistBTCAdqxFY9wBgwktRyDiY 
>> snp6L35lTrcQ/dBws7wU =VEOx -----END PGP SIGNATURE-----
> 
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWIONcAAoJEJ9vHC1+BF+Nbu8P/RbUxcpG1dO22V5dwpmlkBLC
hBdLYA5MNsb1B/sbxicm9OaqgjJOpCc0HZBXshAIiKs1ChdfkFKkb2C9bhMtEX8c
6AzSjUaLgZaCyXKWQvXbxnBpFBIGIz/oWQ7ah8upSumFVKuNEh4RalkL6SXeKLYP
hdk0ZGCNm8RsA7YeSVImVEcIbnubbkxm7BwonRuAlLSSueJXeoEv9PNQk6Majxru
1pEueyM9RZDC3QJuIhOK2vyA0jl6Qa0yaDhSy1TDrMudQOlPgv44r0NZoVwjV+dX
iJHQB+YMwCsfoXtzCPrOFJlS9CbVI2A75wONMKGXVHwgm3VqbomW+1bfEbLpyNw4
aG+fJEw4y8/JmtMLHA1G3aRAmAbBS4gZX31wiUNTggoQbUDj4EjxfP553WmFtFwB
39CP7hd871kNDF/+lQuG8dCZGz5gOhipbNEfR3kn1Cmzz0g1zCBkLjYryD00tbSs
WEbyDfjU3m3lyh2UIMSRFcdENJJE/aeMvxOmFVq16MpH4IdW83QekkoDJIB+JBoJ
4t2NOhN76scaCs13vw+VX4FHPrHSlkc1uDEVfVYE4muPSfFY4d9WLEE13JFLDkJN
Xnb841a4ZREqjtou4kollm0lXUzJBo6dkY9TfjMbv2H6oNjHlHnH/fpAqa5ADrzK
1sBTU4vfoo6b2G57U6jd
=Haqf
-----END PGP SIGNATURE-----