-
-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tmpfiles: remove old ICE and X11 sockets at boot #6979
Conversation
When not using tmpfs based /tmp, leftover sockets might prevent X startup. Ensure directory is clean at boot time.
hmm, wouldn't it be better to change the three top-level lines from "d" to "D" instead? (i.e. create + empty instead of just create?) |
(also, this really should move to some X11 package sooner or later) |
Updated with using D! this is much cleaner this way |
we usually merged only "perfect" PRs, i.e. where each individual commit in the PR is a logical step, and not a historical one. Hence, next time, please squash patches like yours. Since this specific one is a very simple case we can do that when merging, but for the next time please keep this in mind |
Agreed. We had this discussion in Debian a while ago to move those rules over to a X11 specific package. Our first idea was x11-common (https://packages.debian.org/sid/x11-common). Unfortunately this is Debian specific and we'd really like this to go upstream. Any ideas this should be added? |
@mbiebl i figure that's for the X11 folks to figure out, I don't know X11 well enough to make an informed suggestion which package should take that best. |
@whot any chance you know where best to file a bug regarding this? i.e. which X11 package might want to take this tmpfiles.d snippet over? (we are talking about this file: https://github.com/systemd/systemd/blob/master/tmpfiles.d/x11.conf that should be dropped in /usr/lib/tmpfiles.d/ and currently is shipped with systemd but probably shouldn't be) |
I'd say the X server itself, that creates the X11-unix socket and the rest are misc things effectively related to the server as well. I've got this on my todo list now, but no promises as to when this will happen, sorry |
I upgraded to 235 and noticed that Does this commit account for bind mounts into the host? |
According to manpage: |
Should I open a new issue? |
On second thought, I think proactively clearing old X sockets on boot to account for a non-default case in which the user does not use tmpfs on /tmp is going a bit too far. The Deleting files within these directories, however, is strictly a matter of convenience and breaks a simple and common method for booting a machine that communicates with the host X server. I think this PR should be reconsidered. After all, this really is an issue that X itself should handle. |
Well the files are not removed they are just isolated from the rest of the filesystem. But I fully agree with you. I used that |
Well. Thats a general problem of making host things available to the container in a writable way. Quite frankly the right way to fix this is to use --bind-ro= instead of --bind= so that the container payload cannot modify what you pass in. That should fix your issue robustly and safely. |
Ah, I was under the impression that |
@poettering Sorry to say this but |
tmpfiles: remove old ICE and X11 sockets at boot When not using tmpfs based /tmp, leftover sockets might prevent X startup. Ensure directory is clean at boot time. (cherry picked from commit 4a1f92c)
When not using tmpfs based /tmp, leftover sockets
might prevent X startup. Ensure directory is clean at boot time.