Proposed F19 Feature: systemd features

Bill Nottingham notting at redhat.com
Thu Jan 31 15:51:45 UTC 2013 

Marcela Mašláňová (mmaslano at redhat.com) said: 
> I would say that work even before. If I should say according to
> number of bugs, not many users were using specific SElinux contexts
> for cronjob tasks.
> 
> No objection to this feature, it might be very powerful for some
> use-cases. I'm afraid of situation, when half of cronjobs will be
> converted and half stay as is. Poor admins.

So, here's where policy could be helpful. What should and shouldn't migrate?

Right now, it's used by:
- systemd itself (obviously OK)
- mrtg (optionally, not by default - in fact, this whole service is kind of
  a mess)
- inn (eh)

Current cron users are:
afraid-dyndns
amavisd-new
apt
arm4
atop
autotrust
awstats
backup-manager
bcfg2
cacti
checkdns
clamav-unofficial-sigs
clamav-update
clement
cronie
cronie-anacron
cronie-noanacron
crontabs
crypto-utils
cyrus-imapd
dbmail
denyhosts
dmraid-events-logwatch
dnf
drupal6
drupal7
dspam
dwatch
epylog
etckeeper
exim
exim-greylist
fetch-crl
freeipa-server
ghc-compiler
globus-gram-audit
glpi
glpi-mass-ocs-import
hplip
hylafax+
indefero
leafnode
libvirt-sandbox
lightsquid
limph-hostagent
logcheck
logrotate
logwatch
ltsp-server
mailman
man-db
mcelog
mdadm
mldonkey-server
mlocate
moodle
munin
newscache
nordugrid-arc-gridmap-utils
nsd
ocsinventory-agent
olpc-update
opendnssec
openshift-origin-cartridge-cron-1.4
openshift-origin-msg-node-mcollective
openvas-scanner
ovirt-engine
ovirt-node
PackageKit-cron
pam_shield
polipo
prelink
queuegraph
rancid
rkhunter
rpm-cron
safekeep-server
sagator-core
sipwitch
slrn-pull
spamassassin
squidGuard
squirrelmail
subscription-manager
sysstat
system-autodeath
sysusage
tmpwatch
tripwire
unbound-libs
vdsm
vdsm-reg
vnstat
webacula
webalizer
WebCalendar
x509watch
yum-cron
zfs-fuse

I would be tempted to say:
  "Anything running at a core system level where a dependence on a separate
cron daemon may be unwanted (or a bad idea) should be migrated, and nothing
else for now until we have a clearer perspective on the future."

Given that list that would be migration of:
mcelog
mdadm
ovirt-node
prelink (?)
tmpwatch
vdsm-*

But I'm open to other ideas.

Bill

More information about the devel mailing list