tuptime icon indicating copy to clipboard operation
tuptime copied to clipboard
verified publisher icon rfmoz

systemd tmpfiles.d

Open allddd opened this issue 2 years ago • 3 comments

Hi, for distributions that use systemd, it would probably make sense to use tmpfiles.d to create and manage permissions for the /var/lib/tuptime/ directory.

This makes little difference to the user, but in combination with the already existing sysusers.d config would simplify packaging.

allddd avatar Jan 06 '24 21:01 allddd

You're right, the file tuptime.sysusers is there to preparing their addition at first level at the right time, but maybe this time is now, and probably with tmpfiles.d too.

Thaks for the suggestion.

rfmoz avatar Jan 08 '24 20:01 rfmoz

Glad to help. As the system user has been renamed in the past (tuptime to _tuptime), the following option may also be of interest:

z

Adjust the access mode, user and group ownership, and restore the SELinux security context of a file or directory, if it exists. Lines of this type accept shell-style globs in place of normal path names. Does not follow symlinks.

I have not tested it, but it seems that it could be used to ensure that tuptime.db is owned by the correct user and has the correct permissions.

allddd avatar Jan 09 '24 07:01 allddd

With the current code, it works without problem:

root@debian:~# ls -al /var/lib/tuptime/
total 68
drwxr-xr-x  2 tuptime tuptime  4096 Jan  9 19:07 .
drwxr-xr-x 22 root    root     4096 Jan  9 19:06 ..
-rw-r--r--  1 tuptime tuptime 60416 Jan  9 19:07 tuptime.db

root@debian:~# dpkg -i tuptime_5.2.3_all.deb 
Selecting previously unselected package tuptime.
(Reading database ... 43545 files and directories currently installed.)
Preparing to unpack tuptime_5.2.3_all.deb ...
Unpacking tuptime (5.2.3) ...
Setting up tuptime (5.2.3) ...
Created symlink /etc/systemd/system/timers.target.wants/tuptime-sync.timer → /lib/systemd/system/tuptime-sync.timer.
Created symlink /etc/systemd/system/multi-user.target.wants/tuptime.service → /lib/systemd/system/tuptime.service.
tuptime-sync.service is a disabled or a static unit, not starting it.
Processing triggers for man-db (2.11.2-2) ...

root@debian:~# ls -al /var/lib/tuptime/
total 68
drwxr-xr-x  2 _tuptime _tuptime  4096 Jan  9 19:09 .
drwxr-xr-x 22 root     root      4096 Jan  9 19:06 ..
-rw-r--r--  1 _tuptime _tuptime 60416 Jan  9 19:09 tuptime.db

Anyway, thanks for pointing to that option, it could have work fine in case.

rfmoz avatar Jan 09 '24 18:01 rfmoz

Finally with StateDirectory=tuptime in the unit file is enough, tmpfiles.d is not needed. The folder is created with the right permissions.

Anyway, as sysusers.d doesn't create the /var/lib/tuptime dir, it requieres StateDirectory= or tmpfiles.d for doing that.

More info: https://lists.freedesktop.org/archives/systemd-devel/2018-February/040348.html

rfmoz avatar Jul 14 '24 14:07 rfmoz