[systemd-devel] [PATCH 09/10] kmod-static-nodes: condition execution on kmod binary
Lennart Poettering
lennart at poettering.net
Wed Jul 16 07:52:57 PDT 2014
On Wed, 16.07.14 12:09, Jon Severinsson (jon at severinsson.net) wrote:
> From: Michael Biebl <biebl at debian.org>
>
> Creating the list of dead device nodes requires kmod. Inside containers
> this is not strictly required so we don't want a hard dependency on the
> kmod package. If the binary does not exist kmod-static-nodes.service
> will fail, so add a condition to check if the binary is available.
This appears unnecessary. The unit is conditionalized anyway on
CAP_SYS_MODULE, which is something a container should never ever have.
if you have a container that has CAP_SYS_MODULE, please consider simply
dropping that flag instead of adding more conditions to this unit.
Thanks,
> ---
> units/kmod-static-nodes.service.in | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in
> index 0934a87..076e316 100644
> --- a/units/kmod-static-nodes.service.in
> +++ b/units/kmod-static-nodes.service.in
> @@ -11,6 +11,7 @@ DefaultDependencies=no
> Before=sysinit.target systemd-tmpfiles-setup-dev.service
> ConditionCapability=CAP_SYS_MODULE
> ConditionPathExists=/lib/modules/%v/modules.devname
> +ConditionFileIsExecutable=@KMOD@
>
> [Service]
> Type=oneshot
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list