[systemd-devel] Newbie systemd-related question - how to run a service w/o anything but network?
Mike Kazantsev
mk.fraggod at gmail.com
Thu Aug 16 07:05:42 PDT 2012
On Thu, 16 Aug 2012 15:33:29 +0300
Ciprian Dorin Craciun <ciprian.craciun at gmail.com> wrote:
> On Thu, Jul 26, 2012 at 1:09 PM, Peter Lemenkov <lemenkov at gmail.com> wrote:
> > Hello All.
> > I'm trying to write a systemd service for epmd (Erlang Port Mapper
> > Daemon, if someone is curious). its only purpose is to open a TCP port
> > 4369 at 0.0.0.0 and act as a simple messaging (very simple actually)
> > bus between erlang nodes. I'd like to run it w/o anything and under a
> > most restricted system account. So far I'm using this service:
>
>
> (Notice: Slightly off topic for systemd, but very on topic for EPMD...)
>
> Please be aware that starting `epmd` under a service monitoring
> system like systemd (or others) is not 100% possible under the current
> circumstances. For a detailed explanation please see the following
> thread on the Erlang mailing list:
> http://erlang.org/pipermail/erlang-questions/2011-October/061802.html
>
> The summary is that if someone starts an Erlang application before
> your `epmd` instance starts you'll end up with your `epmd` dieing and
> being restarted by systemd in a continuous loop, because each Erlang
> application tries to start its own `epmd` instance. (Thus there is a
> race condition here.) In the thread above I've found a workaround for
> this issue but it's not quite "documented"...
>
> On the other hand if you would modify `epmd` to use socket
> activation at least the issue will be less likely to happen. (It can
> still happen if someone starts the Erlang application even before
> systemd.)
>
Other workarounds might be one of the recent patches proposed here on
the list - either the one that controls "failure" exit code (provided
epmd returns "special" code on such conflicts) or the one that stops
restarts after some time, though I guess latter might be undesirable,
since if epmd gets started along with some service, it might also be
killed along with it at some point.
Another semi-fix might be just rate-limiting the restarts, which should
already be possible.
Whole problem seem to be at least a bit superficial though - if every
erlang daemon has Require=epmd.service, the only way to create it is by
starting erlang stuff and epmd from some user session, which is also a
way to break pretty much every other daemon which can only have one
instance (e.g. starting mysqld by hand will break mysqld.service).
--
Mike Kazantsev // fraggod.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20120816/84e7f156/attachment-0001.pgp>
More information about the systemd-devel
mailing list