Closed inscapist closed 1 year ago
Hi! systemd-run
launches programs as transient systemd services, so you can have systemd manage them in CGroups and leave no rogue processes running behind even after the program's closed. As a bonus, you can see the resource usage in systemctl --user status run-uXX.service
, like so:
● run-u17.service - /run/current-system/sw/bin/bash -lc exec /nix/store/az8fq9vxa9da53sqhxkd6318b7df9nar-apply-hm-env wofi
Loaded: loaded (/run/user/1000/systemd/transient/run-u17.service; transient)
Transient: yes
Active: active (running) since Sat 2023-02-25 00:48:23 EET; 14h ago
Process: 3622 ExecStart=/run/current-system/sw/bin/bash -lc exec /nix/store/az8fq9vxa9da53sqhxkd6318b7df9nar-apply-hm-env wofi (code=exited, s>
Main PID: 3622 (code=exited, status=0/SUCCESS)
Tasks: 535 (limit: 18389)
Memory: 3.5G
CPU: 1h 17min 32.382s
CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/app-manual.slice/run-u17.service
├─ 3726 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/bin/.firefox-wrapped
├─ 3870 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -parentBuildID 20230218125900 -p>
├─ 3914 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsL>
├─ 3994 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsL>
├─ 3998 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsL>
├─ 4014 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsL>
├─ 4238 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsL>
├─ 4416 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 6 -isForBrowser -prefsL>
├─ 4423 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 8 -isForBrowser -prefsL>
├─ 4809 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -parentBuildID 20230218125900 -p>
├─ 4811 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -parentBuildID 20230218125900 -s>
├─ 53359 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 24 -isForBrowser -prefs>
├─ 367203 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 74 -isForBrowser -prefs>
├─ 789818 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 122 -isForBrowser -pref>
├─1391688 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 158 -isForBrowser -pref>
├─1410957 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 159 -isForBrowser -pref>
└─1502684 /nix/store/1gvgnkpflx4i3np8qnw8n0vpipd7xbl2-firefox-110.0/lib/firefox/firefox -contentproc -childID 160 -isForBrowser -pref>
Hope that clears up its usage for you!
It certainly does! Thank you
Follow-up question: Did you have issues with process leaving zombie processes around and therefore investigated systemd? Also, have you thought about using any of the sandboxing capabilities in systemd for running programs that are less trustworthy in services? Or do you have any other reasons for converting those programs to services?
I have been investigating systemd services myself for the last couple of days, and I have been thinking about where it makes sense to use it on both a desktop and on a server. I find the sandboxing and process control capabilities the most interesting.
Did you have issues with process leaving zombie processes around and therefore investigated systemd?
Not that I know of. I started using it to be able to better grasp the actual resource usage of programs.
Also, have you thought about using any of the sandboxing capabilities in systemd for running programs that are less trustworthy in services?
No. Generally I don't run non-trustworthy services on my system.
Hi @fufexan , I am learning NixOS by looking at others' dotfiles and I find yours quite advanced - especially your Hyprland's config!
I see that you are using
systemd-run
to wrap your programs (firefox & alacritty) in this piece of code and I am quite perplexed. I am hoping to learn the benefits of doing it this way.At first, I thought it is meant to run the program as "singletons" but after trying this out myself, I am ruling that out. May I be enlightened? :)