[systemd-devel] systemd enables custom service units on firstboot
Daan De Meyer
daan.j.demeyer at gmail.com
Sat Apr 29 15:43:45 UTC 2023
Systemd does a preset on first boot when there's no machine ID yet. If no
preset from a preset file applies, the default is to enable it. Since
debian does not ship a 99-disable.preset with disable * in it, all services
are enabled on firstboot on Debian.
Cheers,
Daan
On Sat, 29 Apr 2023, 17:27 Martin Petzold, <martin.petzold at tavla.de> wrote:
> Dear Paul,
>
> Am 29.04.23 um 17:13 schrieb Paul Menzel:
> > Dear Martin,
> >
> >
> > Am 29.04.23 um 16:12 schrieb Martin Petzold:
> >
> >> we are building our OS with debootstrap (Debian bullseye). Our image
> >> shall be flashed on embedded devices. In order to get a unique
> >> machine-id we removed '/etc/machine-id' as instructed in [1] and also
> >> removed '/var/lib/dbus/machine-id' as instructed in [2]) from the
> >> golden image.
> >>
> >> After we flash the image and boot it, new machine-ids are created and
> >> identical.
> >>
> >> However, now we realized that some of our systemd service units added
> >> to '/lib/systemd/system' are enabled and starting on boot. We did not
> >> enable them, we just copied them to that location at the end of our
> >> rootfs build. They are just there to be used in some special test cases.
> >>
> >> We already checked '/lib/systemd/system-preset/*'. But there is only
> >> a single file '90-systemd.preset' and there is no rule which matches
> >> our service units.
> >>
> >> 1. Why are our service units placed in '/lib/systemd/system' enabled?
> > Sorry, you provide not enough information.
> >
> > Please provide an example `systemctl status X` and `systemctl cat X`
> > for service X, that is started but does not. Does that happen with all
> > services you add?
> =========================================
>
> tavla at tavla:~$ sudo systemctl status tavla-test
>
> × tavla-test.service - TAVLA Platform OS Tester Service
> Loaded: loaded (/lib/systemd/system/tavla-test.service; enabled;
> preset: enabled)
> Active: failed (Result: signal) since Sat 2023-04-29 15:52:12
> CEST; 17min ago
> Process: 388 ExecStart=/opt/tavla/bin/test (code=killed, signal=HUP)
> Main PID: 388 (code=killed, signal=HUP)
> CPU: 118ms
>
> Apr 29 15:52:12 tavla systemd[1]: Starting tavla-test.service - TAVLA
> Platform OS Tester Service...
> Apr 29 15:52:12 tavla systemd[1]: tavla-test.service: Main process
> exited, code=killed, status=1/HUP
> Apr 29 15:52:12 tavla systemd[1]: tavla-test.service: Failed with result
> 'signal'.
> Apr 29 15:52:12 tavla systemd[1]: Failed to start tavla-test.service -
> TAVLA Platform OS Tester Service.
>
> =========================================
>
> tavla-test.service is 'enabled' (and started), but I never enabled it.
> It was enabled after I removed machine-id and did a reboot. Before that,
> it was disabled. The service unit
> ('/lib/systemd/system/tavla-test.service') was copied to this location
> during image build after debootstrap and apt installation of systemd.
>
> Here is the only preset ('90-systemd.preset'):
>
> =========================================
>
> enable remote-fs.target
> enable remote-cryptsetup.target
> enable machines.target
>
> enable getty at .service
> enable systemd-timesyncd.service
> enable systemd-networkd.service
> enable systemd-network-generator.service
> enable systemd-resolved.service
> enable systemd-homed.service
> enable systemd-userdbd.socket
> enable systemd-pstore.service
> enable systemd-boot-update.service
>
> disable console-getty.service
> disable debug-shell.service
>
> disable halt.target
> disable kexec.target
> disable poweroff.target
> enable reboot.target
> disable rescue.target
> disable exit.target
>
> disable systemd-networkd-wait-online.service
> disable systemd-time-wait-sync.service
> disable systemd-boot-check-no-failures.service
> disable proc-sys-fs-binfmt_misc.mount
>
> disable syslog.socket
>
> disable systemd-journal-gatewayd.*
> disable systemd-journal-remote.*
> disable systemd-journal-upload.*
>
> =========================================
>
> >
> >> Platform:
> >>
> >> systemd 252.5-2~bpo11+1 (from bullseye-backports)
> >> systemd-resolved and systemd-networkd with iwd (all from
> >> bullseye-backports)
> >> Custom Debian bullseye (with some packages from bullseye-backports)
> >> Custom Kernel 5.10
> >> U-Boot
> >>
> >> [1] https://systemd.io/BUILDING_IMAGES/
> >> [2] https://wiki.debian.org/MachineId
>
> Best regards,
>
> Martin
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20230429/1b4f1fa1/attachment.htm>
More information about the systemd-devel
mailing list