Bad fifo default location for systems running systemd (/tmp/snapfifo)

[tgurr]

On a typical default systemd setup /tmp is cleaned every 10d:

https://github.com/systemd/systemd/blob/master/tmpfiles.d/tmp.conf.

This caused issues for my setup as mopidy fails to create a proper fifo and always just created a regular file instead when trying to play something, resulting in my setup to stop working properly every 10 days after the cleanup happened. Probably /var/lib/snapserver/ would be a better location for the fifo to not be cleaned up regularly.

[mogwa1]

A second reason why it would be better to put it into a different location is that systems with a recent systemd version (241) have sysctl fs.protected_fifos=1 enabled by default. This prevents fifos in group writable sticky directories (like /tmp) from being written to by anyone except the owning user By default the owner is sysuser snapserver which is very likely not the user that is running the audio player to is piping into the fifo.

[badaix]

ok, understood, these are some good reasons, so what is a proper directory to use by default? /var/lib/snapserver/? or as suggested on stackoverflow /var/run/? /var/run/snapserver? /var/tmp/?

[mogwa1]

After googling around, it looks like /var/run or /var/run/snapserver are indeed good candidates. E.g. I also see other named pipes in /var/run on my systems.

Actually, on recent linux systems, it should probably be /run or /run/snapserver. See: https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard Although I don't know to which extent /run is supported across different (recent) distributions.

[tgurr]

Personally I'd go with /run/snapserver/snapfifo as neither /run/snapfifo nor /var/run/snapfifo work for me on systemd 243, fails with:

[...]
Okt 21 17:50:28 localhost snapserver[401814]: 2019-10-21 17-50-28 [Notice] StreamServer::start: failed to make fifo "/run/snapfifo": 13
Okt 21 17:50:28 localhost snapserver[401814]: StreamServer::start: failed to make fifo "/run/snapfifo": 13
[...]
Okt 21 17:51:29 localhost snapserver[401869]: 2019-10-21 17-51-29 [Notice] StreamServer::start: failed to make fifo "/var/run/snapfifo": 13
Okt 21 17:51:29 localhost snapserver[401869]: StreamServer::start: failed to make fifo "/var/run/snapfifo": 13

while it works just fine at /run/snapserver/snapfifo.

For /run/snapserver/snapfifo to work you should also ship a systemd tmpfiles.d snapserver.conf containing d /run/snapserver 0755 _snapserver _snapserver to be installed into systemd tempfiles.d directory (usually /usr/lib/tmpfiles.d) to automatically create the directory on boot, or via systemd-tmpfiles --create if you want to avoid a reboot after installing/updating.

[chiefy]

Thanks a lot for this thread, it solved my issue on Arch - I couldn't get anything to redirect to /tmp/snapfifo.

[badaix]

@tgurr thanks, do you think this can safely be integrated in the provided debian packages? In a way that it will also work for non-systemd flavors (such as devuan)? Anyone wants to volunteer adapting the debian packages?

[tgurr]

@badaix It should work well for systemd on different distributions, I can't make an assumption for devuan though. Afaik e.g. openrc on Gentoo also supports systemd tmpfiles. For the initial issue with snapcast and Mopidy I've switched to using the new TCP streams in the meantime which "just works" for me and is a huge improvement. I have another use case for which I'd probably need a fifo again but I didn't yet have much time and it also relies on the snapcast feature request to automatically switch between streams (By default select the music/mopidy stream and if the doorbell or some tts stream gets some data switch to it and then back the to music stream). That said I'm not on Debian so I have no way to test any changes there but it's quite common for packages to create their runtime stuff under /run/ these days and for systemd there's also the even newer(?) way to just specify RuntimeDirectory=snapserver in their systemd unit under [Service] which makes having a tmpfile and running systemd-tmpfiles --create after the package installation obsolete.

[timglong]

Is anyone else having issues with this using a Raspberry Pi post-Bullseye? Raspotify will no longer write to the fifo in /tmp (sysctl fs.protected_fifos=1 is enabled by default) and I can't figure out how to get snapserver to create a fifo anywhere else. Manually creating a fifo (and manually setting permissions) works, but it doesn't seem to be persistent (goes away on reboot).