Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
howto:systemd [2020/01/31 12:04] – Clean-up. Provide download link to sbbs.service in CVS. Use wildcards in setcap command. digital manhowto:systemd [2020/11/24 02:04] – Remove the setcap stuff (performed at build time now) digital man
Line 21: Line 21:
   Group=sbbs   Group=sbbs
   PermissionsStartOnly=true   PermissionsStartOnly=true
-  ExecStartPre=/sbin/setcap 'cap_net_bind_service=+ep' /sbbs/src/sbbs3/gcc.linux.*.exe.*/sbbs 
   ExecStart=/sbbs/exec/sbbs d   ExecStart=/sbbs/exec/sbbs d
   ExecReload=/bin/kill -HUP $MAINPID   ExecReload=/bin/kill -HUP $MAINPID
Line 37: Line 36:
    * **User/Group**. **Remove these** if you would like sbbs to start as root and then drop privileges to the User & Group configured in your sbbs.ini. Possibly remove **PermissionsStartOnly** and **ExecStartPre** as well, as they would be unnecessary.   If you leave these in, ensure the User/Group settings in sbbs.ini are commented out.    * **User/Group**. **Remove these** if you would like sbbs to start as root and then drop privileges to the User & Group configured in your sbbs.ini. Possibly remove **PermissionsStartOnly** and **ExecStartPre** as well, as they would be unnecessary.   If you leave these in, ensure the User/Group settings in sbbs.ini are commented out.
    * **PermissionsStartOnly**. This one tells systemd to execute ExecStartPre as root, but ExecStart as the user and group declared in User,Group.  Can be removed if you remove the User/Group lines.    * **PermissionsStartOnly**. This one tells systemd to execute ExecStartPre as root, but ExecStart as the user and group declared in User,Group.  Can be removed if you remove the User/Group lines.
-   * **ExecStartPre**. Capabilities are lost from the sbbs executable every time it is recompiled. It is possible to mitigate the effect by running setcap just before the daemon is ran. The binding won't fail anymore using this. Please notice you can't point to a symlink here). 
    * **ExecStart**. If you don't want to get syslog entries duplicated you will have to run SBBS in daemonized mode, so the "d" parameter is used. Syslog is implicit when daemonized, so there is no need for additional parameters.     * **ExecStart**. If you don't want to get syslog entries duplicated you will have to run SBBS in daemonized mode, so the "d" parameter is used. Syslog is implicit when daemonized, so there is no need for additional parameters. 
    * **RestartSec**. It's advisable to wait some secs before attempting restarting in case of failure, just to give some time for binding release.    * **RestartSec**. It's advisable to wait some secs before attempting restarting in case of failure, just to give some time for binding release.
Line 56: Line 54:
       Docs: man:sbbs       Docs: man:sbbs
    Process: 12364 ExecStart=/sbbs/exec/sbbs d (code=exited, status=0/SUCCESS)    Process: 12364 ExecStart=/sbbs/exec/sbbs d (code=exited, status=0/SUCCESS)
-   Process: 12356 ExecStartPre=/sbin/setcap cap_net_bind_service=+ep /sbbs/src/sbbs3/gcc.linux.x64.exe.release/sbbs (code=exited, status 
   Main PID: 12374 (sbbs)   Main PID: 12374 (sbbs)
      Tasks: 11      Tasks: 11
howto/systemd.txt · Last modified: 2023/04/07 12:28 by digital man
Back to top
CC Attribution 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0