[systemd-devel] Non-Stop Services in an Embedded Environment

Colin Guthrie gmane at colin.guthr.ie
Tue Sep 9 07:04:11 PDT 2014 

Hiya,

Spence, Richard (EXT-Other - DE/Ulm) wrote on 09/09/14 13:38:
> We are evolving an existing embedded product line to incorporate the use
> of systemd as a part replacement for a proprietary start-up system.
> While it is possible to handle service failures through use of the
> OnFailure directive, we have an additional requirement for which we can
> find no clean (direct) solution in systemd: applications in the system
> should not stop for any reason – any termination must be handled as a
> failure.
>  
> We have worked through the relevant manpages and have eliminated
> ExecStartPost (semantic is not appropriate) and Restart (we don’t want
> to restart the service, we want a failure notification).
> SuccessExitStatus cannot be used to turn success codes/signals into
> failures.
>  
> We can use a script in ExecStart to turn normal terminations into
> failures or we could consider some special small wrapper executable.
> These are the kind of hacks that systemd is supposed to render
> unneccessary, so we come to this list for help. Is there something we
> have missed? If not, is there any objection in principle to an extension
> to systemd to cover this requirement, perhaps a NonStop directive?

Would the RefuseManualStop (and to a lesser extent RefuseManualStart)
directive satisfy this requirement?


       RefuseManualStart=, RefuseManualStop=
           Takes a boolean argument. If true, this unit can only be
activated
           or deactivated indirectly. In this case, explicit start-up or
           termination requested by the user is denied, however if it is
           started or stopped as a dependency of another unit, start-up or
           termination will succeed. This is mostly a safety feature to
ensure
           that the user does not accidentally activate units that are not
           intended to be activated explicitly, and not accidentally
           deactivate units that are not intended to be deactivated. These
           options default to false.


If this isn't enough, perhaps you could describe the conditions where
this service might be stopped incorrectly and under what circumstances
that would occur.

Cheers

Col

-- 

Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/

Day Job:
  Tribalogic Limited http://www.tribalogic.net/
Open Source:
  Mageia Contributor http://www.mageia.org/
  PulseAudio Hacker http://www.pulseaudio.org/
  Trac Hacker http://trac.edgewall.org/

More information about the systemd-devel mailing list