- Earlier PrivateTmp=no is set freedombox-privileged.service in
4140d3b4444d2fd55ac682d066fd859cb2f034b5 and the fix was not properly tested.
Similar change was needed in plinth.service and it was not done.
- Complete the fix but this time enable private tmp and join namespaces for the
two daemons.
- This will cause issues with file uploading when plinth is run from command
line (for development purposes). This will be addressed separately.
Tests:
- Apply the change and reload systemd and restart service. Don't run plinth on
command line and run it as service.
- Uploading libraries to kiwix works
- Uploading backup tarballs works.
- Uploading TiddlyWiki and Feature Wiki wiki files works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- The privileged service will stop by itself if left idle for 5 minutes.
However, if someone is viewing a reloading page such as during manual software
update, the privileged service is never idle.
- When freedombox package is updated to a newer version, the old version of
privileged daemon could run for a long time but newer version of freedombox
service might be running by then. This would cause protocol mismatch
problems (unless backwards compatibility is provided which is unnecessarily
hard).
- Adding PartOf=.socket in .service file means that if .socket unit is stopped
or restarted, the .service unit will be stopped or restarted too. We still don't
want the dh_installsystemd script to be starting the .service unit, so this is
ideal.
Tests:
- During fresh install of freedombox package, freedombox-privilged.socket is
started but freedombox-privileged.service is not. It is started due to socket
activation (as seen in journal logs of privileged daemon).
- During removal of freedombox package, .service is stopped when .socket unit is
stopped.
- During reinstall of freedombox package, .service is restarted when .socket
unit is restarted.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Running make install installs to /usr/lib/freedombox. Non-privileged users
don't find it in the path. root user does.
- New service file contains path to /usr/lib/freedombox/. Actions works as
expected.
- Build and install the debian package. Privileged daemon runs as expected and
first setup steps complete as expected. First wizard works as expected.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- Files from web service are uploaded to /var/tmp/ directory. They need to
accessible to privileged daemon to that it can move them to a target location.
So, if /var/tmp is isolated for privileged daemon, it can't see those files as a
separate tmpfs filesystem is mounted on that folder.
- Ideally, we should have PrivateTmp=yes and
JoinsNameSpacesOf=freedombox-privileged.service set on plinth.service. However,
this requires further changes to the way developer execution is done command
line. This is done in future.
Tests:
- Uploading a backup works.
- Uploading a kiwix archive works.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Tests:
- Daemon starts up with uid/gid set to root.
- Daemon does not run by default if a request is not received. Socket file is
created with 666 permissions and root:root ownership. Socket file parent directory
is created with 755 permissions and root:root ownership.
- Daemon starts if a request is sent to the socket using nc.
- If there an exception in daemon starting, then restart is done every second to
5 seconds, forever.
- Build a Debian package.
- Install it on fresh trixie Debian VM. Ensure that setup works and privileged
daemon is auto-enabled.
- Start a fresh trixie Debian VM and install freedombox from Debian repos.
Upgrade to the built package. Privileged daemon works and is auto-enabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
- From the default 90 seconds (system-wide). This is better when systems are
slow during bootup or have really slow disk IO.
Tests:
- When running 'systemctl start plinth' add a sleep of 120 seconds in main
before notification. The service stays in 'activating' state for 2 minutes but
then succeeds and becomes active.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Run as a Type=notify service with systemd service.
- Notify systemd just before blocking in the main thread.
- This allows systemd to catch any errors with startup of the service and log
appropriately. This also allows clients depending on making DBus calls etc. to
know that service is ready to serve requests.
- This will increase the boot time slightly as systemd will wait until
FreedomBox service to become active.
Tests:
- Raise an exception in main() during startup. Run 'systemctl start plinth'. No
error is thrown without this patch. With the patch, an error is shown.
- After 'systemctl start plinth', service shows in 'active' state.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
1. Set temporary directory to /var/tmp
2. Drop MemoryFileUploadHandler
Tests:
- During upload notice that file are in /var/tmp/system-private... folder
instead of /var/tmp.
- Upload a file but rename with another extension instead of moving to
destination through changes in code. Notice that the file is available in
/var/tmp/systemd-private... directory after the upload operation is completed.
Stop the service and notice that the file has been deleted. Folder is empty
after the service starts again.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Add PrivateTmp=yes in plinth.service file]
[sunil: Update comments]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
This is now the preferred location in Debian. See:
https://lintian.debian.org/tags/systemd-service-in-odd-locationhttps://bugs.debian.org/992465https://bugs.debian.org/987989d70caa69c6https://lists.debian.org/debian-devel/2021/08/msg00275.html
Tests:
- Lintian no longer shows errors:
E: freedombox: systemd-service-in-odd-location lib/.../calibre-server-freedombox.service
- Comparing the old .deb and newly generated .deb with these changes. All the
systemd files show that they are moved from /lib to /usr/lib/systemd.
- After upgrading the deb from older version to a version these changes,
services installed by the package are available (tested after restart with
wordpress and claibre). Services tweaked by the package have the changed
configuration reflected as shown by systemctl show
{service-name}.service (tested after restart with quassel).
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
