search

trezor / trezord-go

:smiling_imp: Trezor Communication Daemon (written in Go)
GNU Lesser General Public License v3.0
241 stars 146 forks source link

Moved the creation of logfile from pre-install package script to systemd init script #246

Closed hegjon closed 2 years ago

hegjon commented 2 years ago

I have not tried to build the a new rpm/deb, but replacing the existing systemd init script and running systemctl daemon-reload on Fedora 35 works. 

$ systemctl status trezord.service
● trezord.service - Trezor Bridge
     Loaded: loaded (/usr/lib/systemd/system/trezord.service; enabled; vendor preset: disabled)
     Active: active (running) since Mon 2022-05-23 15:40:15 CEST; 5s ago
    Process: 309481 ExecStartPre=/usr/bin/touch /var/log/trezord.log (code=exited, status=0/SUCCESS)
    Process: 309482 ExecStartPre=/usr/bin/chown trezord:trezord /var/log/trezord.log (code=exited, status=0/SUCCESS)
    Process: 309483 ExecStartPre=/usr/bin/chmod 660 /var/log/trezord.log (code=exited, status=0/SUCCESS)
   Main PID: 309484 (trezord)
      Tasks: 8 (limit: 23797)
     Memory: 1.9M
        CPU: 40ms
     CGroup: /system.slice/trezord.service
             └─309484 /usr/bin/trezord

May 23 15:40:15 fedora systemd[1]: Starting Trezor Bridge...
May 23 15:40:15 fedora systemd[1]: Started Trezor Bridge.
May 23 15:40:15 fedora trezord[309484]: 2022/05/23 15:40:15 trezord v2.0.27 is starting.

Systemd init script requires full path to the executable, so it might break some special systems where the binaries are not in /usr/bin.

Fedora 35:

$ whereis -b touch chown chmod
touch: /usr/bin/touch
chown: /usr/bin/chown
chmod: /usr/bin/chmod
hegjon commented 2 years ago

Fixes #245

triceo commented 2 years ago

Thank you, @hegjon! If you can build the RPM, I can test it on my system, @prusnak .

hegjon commented 2 years ago

Sounds fragile to maintain a list of the different paths for chmod/chown

hegjon commented 2 years ago

Looks like I do not need full path for chmod/chown on my system.... not sure if it is because of newer systemd or some kind of whitelist?

But ExecStartPre will run as the trezord user.... might cause problems:

$ sudo chown root:root /var/log/trezord.log
$ sudo systemctl restart trezord.service
Job for trezord.service failed because the control process exited with error code.
See "systemctl status trezord.service" and "journalctl -xeu trezord.service" for details.
$ sudo systemctl status trezord.service
× trezord.service - Trezor Bridge
     Loaded: loaded (/usr/lib/systemd/system/trezord.service; enabled; vendor preset: disabled)
     Active: failed (Result: exit-code) since Mon 2022-05-23 18:12:32 CEST; 9s ago
    Process: 318199 ExecStartPre=touch /var/log/trezord.log (code=exited, status=1/FAILURE)
        CPU: 4ms

May 23 18:12:32 fedora systemd[1]: Starting Trezor Bridge...
May 23 18:12:32 fedora touch[318199]: touch: cannot touch '/var/log/trezord.log': Permission denied
May 23 18:12:32 fedora systemd[1]: trezord.service: Control process exited, code=exited, status=1/FAILURE
May 23 18:12:32 fedora systemd[1]: trezord.service: Failed with result 'exit-code'.
May 23 18:12:32 fedora systemd[1]: Failed to start Trezor Bridge.
hegjon commented 2 years ago

Closing for now, I were not able to find a non-hackish way to fix this issue