[systemd-devel] One of my fundamental problems with systemd...

[Lennart Poettering]

On Fri, 26.10.12 18:39, Michael H. Warfield (mhw at WittsEnd.com) wrote:

> My most fundamental problem with systemd is its insistence in hiding and
> obfuscating errors in ways that makes debugging almost impossible.
> Almost every upgrade problem I've had in Fedora has been related to
> systemd's failure to provide comprehendable error messages to things
> like errors in fstab (#1 fsck up).

We have been trying hard to make the boot of systemd actually as
understandable as possible, and are still working on that. The main
reason why the journal exists is that we can collect stdout/stderr of
all services cleanly.

We also are working hard on making system boot cleanly in containers. In
fact, the systemd test system will create an OS image that we boot up
both in a KVM and a linux container, and verify that it boots up
cleanly.

Now, it's of course disappointing when that work didn't really bcome
visible to you yet. But a couple of notes on that:

a) of course, the more recent versions of systemd will have the most
complete support for these things, so, please before reporting issues,
check if things are fixed already, there's a very good chance they are.

b) For containers we focus on systemd-nspawn and libvirt-lxc as
container managers (which is entirely different from LXC, actually, and
shares no code, just the name!), but not 'classic' LXC. The non-libvirt
LXC tool set is a very low-level tool-set that gives you plenty of rope
to hang yourself with, you can use it to set up containers, but you need
to know a lot of things for that, about low-level system stuff in
systemd and elsewhere. We tried to remove a lot of complexity in this
area, which is why we came up with the container iface doc i already
linked. The requirements are implemented implicitly in nspawn and
libvirt-lxc, but if you use raw LXC then you have to do this yourself,
which is why we documented that stuff.

c) LXC made a couple of questionnable choices that are not compatible
with the way systemd expects things. For example, the attempt of
redirecting for /dev/tty1 (and friends), and /dev/console is a bit
mislead if I may say so. The latter is problematic, since /dev/tty1 is
just one interface to a kernel object that is visible in other ways too,
and used that way, for example in /sys, /dev/vcs1, and so on. Just
redirecting one part of the iface will break stuff that tries to do more
than just the most basic things on TTYs, which systemd actually tries to
do. It also has the effect that things like $TERM are incorrectly
initialized. Now, the existing guidelines for LXC ignore these issues
and sysvinit due to its static design works well enough on that, but
systemd doesn't. That doesn't mean LXC was generally incompatible with
systemd, but you probably need to do more stuff manually, that will work
out-of-the-box with the other container managers.

Anyway, please have a look at the newer versions of systemd, and
possibly nspawn or libvirt-lxc. Things might already work much better if
you use those.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.