search

fufexan / dotfiles

NixOS system config & Home-Manager user config
MIT License
744 stars 45 forks source link

This is great! Can I ask about the use of systemd-run? #6

Closed inscapist closed 1 year ago

inscapist commented 1 year ago

Hi @fufexan , I am learning NixOS by looking at others' dotfiles and I find yours quite advanced - especially your Hyprland's config!

I see that you are using systemd-run to wrap your programs (firefox & alacritty) in this piece of code and I am quite perplexed. I am hoping to learn the benefits of doing it this way.

At first, I thought it is meant to run the program as "singletons" but after trying this out myself, I am ruling that out. May I be enlightened? :)

fufexan commented 1 year ago

Hi! systemd-run launches programs as transient systemd services, so you can have systemd manage them in CGroups and leave no rogue processes running behind even after the program's closed. As a bonus, you can see the resource usage in systemctl --user status run-uXX.service, like so:

● run-u17.service - /run/current-system/sw/bin/bash -lc exec /nix/store/az8fq9vxa9da53sqhxkd6318b7df9nar-apply-hm-env wofi
     Loaded: loaded (/run/user/1000/systemd/transient/run-u17.service; transient)
  Transient: yes
     Active: active (running) since Sat 2023-02-25 00:48:23 EET; 14h ago
    Process: 3622 ExecStart=/run/current-system/sw/bin/bash -lc exec /nix/store/az8fq9vxa9da53sqhxkd6318b7df9nar-apply-hm-env wofi (code=exited, s>
   Main PID: 3622 (code=exited, status=0/SUCCESS)
      Tasks: 535 (limit: 18389)
     Memory: 3.5G
        CPU: 1h 17min 32.382s
     CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/app-manual.slice/run-u17.service
             ├─   3726 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/bin/.firefox-wrapped
             ├─   3870 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -parentBuildID 20230218125900 -p>
             ├─   3914 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsL>
             ├─   3994 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsL>
             ├─   3998 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsL>
             ├─   4014 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsL>
             ├─   4238 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsL>
             ├─   4416 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsL>
             ├─   4423 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 8 -isForBrowser -prefsL>
             ├─   4809 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -parentBuildID 20230218125900 -p>
             ├─   4811 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -parentBuildID 20230218125900 -s>
             ├─  53359 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 24 -isForBrowser -prefs>
             ├─ 367203 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 74 -isForBrowser -prefs>
             ├─ 789818 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 122 -isForBrowser -pref>
             ├─1391688 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 158 -isForBrowser -pref>
             ├─1410957 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 159 -isForBrowser -pref>
             └─1502684 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 160 -isForBrowser -pref>

Hope that clears up its usage for you!

inscapist commented 1 year ago

It certainly does! Thank you

crazyminecuber commented 1 year ago

Follow-up question: Did you have issues with process leaving zombie processes around and therefore investigated systemd? Also, have you thought about using any of the sandboxing capabilities in systemd for running programs that are less trustworthy in services? Or do you have any other reasons for converting those programs to services?

I have been investigating systemd services myself for the last couple of days, and I have been thinking about where it makes sense to use it on both a desktop and on a server. I find the sandboxing and process control capabilities the most interesting.

fufexan commented 1 year ago

Did you have issues with process leaving zombie processes around and therefore investigated systemd?

Not that I know of. I started using it to be able to better grasp the actual resource usage of programs.

Also, have you thought about using any of the sandboxing capabilities in systemd for running programs that are less trustworthy in services?

No. Generally I don't run non-trustworthy services on my system.