[systemd-devel] proper use of /run/{user/<uid>, }/systemd/private sockets

Tue Nov 14 14:52:25 UTC 2017

On Mo, 13.11.17 19:26, aleivag (aleivag at gmail.com) wrote:

> Hi all:
> 
> hope you guys are doing great!. So i have a few questions, hope this is the
> best place for them.
> 
> I've been doing a lot of work with `sd-bus.h` (basically i've been trying
> to bind it to other languages to then interact with systemd natively).
> 
> I've been reading the man pages/blog post/general docs, but mostly the src
> code. and i stumble across
> https://github.com/systemd/systemd/blob/master/src/shared/bus-util.c#L598-L605
> and saw that you can connect to systemd using the sockets, for root would
> be `/run/systemd/private`, and for users something like
> `/run/user/<uid>/systemd/private` and this trigger lots of questions, that
> i have not been able to answer, so here they are:

Note that these sockets aren't really the official way to talk to
systemd, they are called "private" for the reason that they, well, are
"private" to systemd...

> Question 1)
> 
> what would be the advantage of connecting through dbus instead of directly
> through the socket?

They are available unconditionally as long as systemd is running, from
earliest boot to final shutdown. They are available in emergency mode,
and normal boot and really always. This is different for dbus-daemon,
which is available only during later boot, and is likely to be missing
in emergency mode, the initrd, and during shutdown.

Since systemd must take client requests at any time we thus bind to
this socket, and systemctl has some code to optionally connect to
that.

> 
> the way i connect to systemd is with `sd_bus_open_system` but i can also do
> 
> ```
> sd_bus_new(&bus);
> sd_bus_set_address(bus, "unix:path=/run/systemd/private");
> sd_bus_start(bus);
> ```
> 
> why (or when) would one be better than the other?

Generally the bus is the official way, and the private socket is only
for systemctl and very few other cases which must be able to deal with
dbus-daemon, i.e. the official bus being absent.

Note that the private socket is accessible to root only.

> question 2);
> 
> i also look that you can do the same with the user connections (and this is
> mostly true when the --user flag is given, at least on systemd-run), and
> you can connect to something like `/run/user/<uid>/systemd/private`, where
> `/run/user/<uid>` is $XDG_RUNTIME_DIR, and i guess this is really the best
> form to connect to systemd as a user, but is there any difference between
> using that socket or doing `sd_bus_open_user`. ?

systemd sucks as a bus replacement. Use the proper bus, and leave the
private sockets be, please. Unless you have a very good reason to
prefer the private socket: it's not for normal users. 

> question 3)
> 
> systemd source code is pretty clear, really easy to learn from, also
> sd-bus.h is incredible helpful and easy to use.
> 
> But the docs is good, don't get me wrong, but it could definitely use more
> love. for instance the usage of the sockets
> `/run/{user/uid,}/systemd/private`, is not documented anywhere that i could
> find. is this intentional?,

Yes, it is intentional. The name "private" is also intentional: it's a
private, internal API of systemd, and should not be considered
something people should use outside of very specific environments.

> is this because this is a implementation detail
> that may change in the future?. if so, what would be the correct way to
> connect to systemd's socket?

Don't connect directly to it. Use the official bus instead. Forget
that you know about the private connection at all...

Lennart

-- 
Lennart Poettering, Red Hat