I opened a fecso ticket here: https://pagure.io/fesco/issue/1918
and it was suggested it would be better handled via FPC - so I've created a draft.
I would appreciate feedback before I created the FPC ticket.
Adding the following paragraph to the Hardware Activation section:
https://fedoraproject.org/wiki/User:Gbcox/Packaging:Systemd#Hardware_activat...
===========
Enabling of a service by default must not be done unless provisions have been made to ensure the required hardware actually exists; otherwise the service can fail which will result in systemd entering a degraded state. This can be accomplished by utilizing the conditional functionality of systemd. If the capability to inquire about the specific condition does not exist, you must request it be created and provide the necessary criteria. If it is not possible to create a specific conditional systemd validation, you may request an exception to this guideline until such time the conditional functionality can be created.
===========
Some history here:
On Wed, Jun 20, 2018 at 9:33 AM, Gerald B. Cox gbcox@bzb.us wrote:
This isn't related to a service, but is throwing out an spurious error message. There is a patch but it hasn't made it's way yet into the Fedora kernel:
rt_cmos registration error: rhbz#1568276 Basically an error is being thrown because your system doesn't have battery backup. To their credit, it was quickly identified and patched. We now just have to wait for the patch to be applied.
However these:
The mcelog.service message is associated with rhbz#1166978 The dbxtool.service message is associated with rhbz#1508808 The rngd.service message is associated with rhbz#1490632
At least for me are the result of services being enabled by default, that should never have been enabled for my environment.
mcelog: I am using an AMD processor. This service only applies to Intel. dbxtool: I am not using SecureBoot. This service only applies to machines using SecureBoot. rngd: I am not using a machine that has a hardware RNG generator
Again, if we are apparently so concerned about a streamlined user experience, why are we starting processes that aren't needed - and in fact are not appropriate for a particular environment, and then throwing out error messages which are spurious and confusing?
In my case, this caused me to spend hours individually tracking down all these error messages to find out that there is nothing wrong with my environment. Instead the issue is these services are inappropriately started for EVERYBODY - and in one case have been languishing for years.
Last time I checked, Fedora wasn't an Intel only, SecureBoot only, mandatory hardware RNG generator environment.
"GBC" == Gerald B Cox gbcox@bzb.us writes:
To me this doesn't make much sense in the context in which you have put it. The existing hardware activation section is just this paragraph:
----- Hardware activation occurs when a service is installed but only turns on if a certain type of hardware is installed. Enabling of the service is normally done with a udev rule. At this time we do not have further guidance on how to write those udev rules. The service itself installs its .service files in the normal places and are installed by the normal systemd scriptlets. These services should never be enabled by the package as they will be enabled by udev. -----
So if it only turns on if a certain type of hardware is installed, it doesn't make sense to say "and make sure that the certain type of hardware is actually installed".
It seems to me that your problem is not with hardware activated services at all. The problem is that the services in question _should_ be hardware activated, but they aren't. They're just started at boot even when that makes no sense.
I don't disagree with the idea behind what you're proposing, but the hardware activation section is quite the wrong place to put it.
It seems to me that a far more appropriate place would be in the https://fedoraproject.org/wiki/Packaging:DefaultServices document. Add to the 'Restrictions' section a paragraph about how services which are enabled by default must not *in the course of normal operation* fail to start in such a way that system state is anything other than 'running'.
There you would mention that services which only function if certain hardware is present, or may fail if certain hardware is not present, must either be hardware activated [link to hardware activation section] or must start conditionally.
Note that in general, hardware activation is about hotpluggable things, so saned starts when you plug in a USB scanner or something like that. I honestly have no idea if it can be leveraged to autostart something like rngd if various hardware random number generators are available.
- J<
And I apologize, but I edited out, well, all of Gerald's message in my reply. I didn't quite intend to trim _all_ of the context there.
- J<
packaging@lists.fedoraproject.org