[systemd-devel] Cleaning up transient scopes
Lennart Poettering
lennart at poettering.net
Tue May 19 10:00:11 PDT 2015
On Thu, 05.03.15 10:12, Alexander Larsson (alexl at redhat.com) wrote:
> See, even when the sleep command died the scope still exists, and is
> even ACTIVE.
This appears to work fine here on git. There were some fixes to
systemd-run made, but it would be cool if you could verify that this
works for you.
> Also, while we're on the topic of scopes. Is there any way to hang some
> random metadata off a unit during creation, that can be read back? For
> xdg-app I'd like to put information like the app id, the exact version,
> the security level, etc into the scope. Then anyone talking to the app
> could go:
> getpeercred => cgroup => scope => unfakable (by the app) data about
> the application.
Well, there are cgroup xattrs, but they are not accessible (neiher for
read nor write) to unprivileged processes.
You can embedd X- fields in unit files and even [X-Sections] in it, to
add whatever you like to unit files. These fields will be ignored, and
are supposed to be used for extending files with arbitrary fields of
your choice. There's a TODO list item to then expose these fields on
the bus for each unit, but that's not implemented right now, which
means you need to read the unit files manually, and parse them
again...
So, nope, I have no nice answer for you...
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list