[Dnsmasq-discuss] systemd service improvements

Kurt H Maier khm at sciops.net
Thu Jun 30 22:10:33 BST 2016


On Thu, Jun 30, 2016 at 10:58:56AM -0400, Craig Andrews wrote:
> I'd like to propose a couple changes in terms of systemd in dnsmaq.
> First, dnsmasq should always install a systemd unit so all 
> distributions/users can use it (if a user/distro doesn't use systemd, 
> the unit will be simply be ignored - no harm done).

Incorrect. Aside from the uselessness of spamming systemd files onto
inappropraite OSes, systemd has very specific location requirements
for where these files may be installed -- which means a 'default'
installation of dnsmasq may wind up trying to create directories on a
partition it may not have write permission to, and a DESTDIR or PREFIX
installation may wind up putting service files in places not even
systemd would look for them.

Further, the systemd service file format has no specification and is
subject to arbitrary change.  It is not fair to mandate the dnsmasq
maintainers (or any not-systemd-maintainer) track these changes and 
try to keep up with them. 

Finally, while I consider it very kind of Simon to include things like
this in contrib/, the face remains that systemd only runs on a subset of
linux distributions, the majority of which already have dnsmasq packages
available.  Lots of people run dnsmasq on openbsd, freebsd, etc -- and
of course systemd unit files will do no good there.

This sort of idea makes sense for a very specific use case, but I am
certain it would only make the build process more complicated than it's
worth.

> is only part of the Debian packaging. Dnsmaq may want to include an 
> alternate unit in the Debian packaging and a generic, for-all-distros 
> version in the default installation.

Debian should be responsible for their own init scripts.  Not just
Debian -- all packagers should be handling init in the manner
appropriate to their software environment.  This is the *only* way to be
sure that the init method matches the process supervisor's requirements
and keeps up with configuration mandates therefrom.

> Second, the systemd unit should be improved a bit to feature hardening 
> and not running as root. Here's my proposed dnsmasq.service:

This should go to the packagers of your operating system.

Respectfully,
khm



More information about the Dnsmasq-discuss mailing list