(make it live) |
m (Add trackers) |
||
(6 intermediate revisions by 3 users not shown) | |||
Line 2: | Line 2: | ||
= Preset All Systemd Units on First Boot = | = Preset All Systemd Units on First Boot = | ||
== Summary == | == Summary == | ||
Systemd will execute the equivalent of '''systemctl preset-all''' when an unconfigured system is booted ([https://www.freedesktop.org/software/systemd/man/machine-id.html#First%20Boot%20Semantics "First Boot"] condition). This means that units will be enabled or disabled according to the preset configuration. We currently do the equivalent of '''systemctl preset-all --preset-mode=enable-only''', and this will be extended to also disable units, i.e. '''systemctl preset-all --preset-mode=full'''. Any units which are manually symlinked but presets say they shouldn't (which is against the packaging guidelines for packaged units) will be disabled. | Systemd will execute the equivalent of '''systemctl preset-all''' when an unconfigured system is booted ([https://www.freedesktop.org/software/systemd/man/machine-id.html#First%20Boot%20Semantics "First Boot"] condition). This means that units will be enabled or disabled according to the preset configuration. We currently do the equivalent of '''systemctl preset-all --preset-mode=enable-only''', and this will be extended to also disable units, i.e. '''systemctl preset-all --preset-mode=full'''. Any units which are manually symlinked but presets say they shouldn't (which is against the packaging guidelines for packaged units) will be disabled. | ||
Note that this applies to "first boot" only, i.e. to boot from an image without ''/etc'' fully populated. In does not apply to systems that were installed | Note that this applies to "first boot" only, i.e. to boot from an image without ''/etc'' fully populated. In does not apply to systems that were installed using Anaconda. | ||
== Owner == | == Owner == | ||
Line 15: | Line 13: | ||
This should link to your home wiki page so we know who you are. | This should link to your home wiki page so we know who you are. | ||
--> | --> | ||
* Name: [[User:jlebon| Jonathan Lebon]] | * Name: [[User:jlebon| Jonathan Lebon]], [[User:Zbyszek| Zbigniew Jędrzejewski-Szmek]] | ||
<!-- Include you email address that you can be reached should people want to contact you about helping with your change, status | <!-- Include you email address that you can be reached should people want to contact you about helping with your change, status | ||
is requested, or technical issues need to be resolved. If the change proposal is owned by a SIG, please also add a primary contact person. --> | is requested, or technical issues need to be resolved. If the change proposal is owned by a SIG, please also add a primary contact person. --> | ||
Line 22: | Line 19: | ||
== Current status == | == Current status == | ||
[[Category: | [[Category:ChangeAcceptedF37]] | ||
<!-- When your change proposal page is completed and ready for review and announcement --> | <!-- When your change proposal page is completed and ready for review and announcement --> | ||
<!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | <!-- remove Category:ChangePageIncomplete and change it to Category:ChangeReadyForWrangler --> | ||
Line 39: | Line 36: | ||
ON_QA -> change is fully code complete | ON_QA -> change is fully code complete | ||
--> | --> | ||
* FESCo issue: | * [https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/WZPGHEZROC4DKDAEIZTT4XO7KDFMMZIH/ devel thread] | ||
* Tracker bug: | * FESCo issue: [https://pagure.io/fesco/issue/2835 #2835] | ||
* Release notes tracker: | * Tracker bug: [https://bugzilla.redhat.com/show_bug.cgi?id=2114065 #2114065] | ||
* Release notes tracker: [https://pagure.io/fedora-docs/release-notes/issue/867 #867] | |||
== Detailed Description == | == Detailed Description == | ||
Our [https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd guidelines] say that units that are packaged in rpms must be enabled through macros (''%systemd_post'') and the preset system. Almost all packages conform to this, so effectively their enablement state follows the preset config. When the system is installed, or more precisely when ''systemd.rpm'' is installed, we do ''preset-all''. But for historical reasons, when booting an unconfigured system ("first boot") we only 'enable' units in this fashion. In Fedora and RHEL CoreOS, some symlinks are created in the golden image, but should be disabled in the local image after local preset configuration has been inserted. To make this work, the call in systemd will be changed to execute the equivalent of ''preset-all --preset-mode=full'', making enablement during "first boot" more like enablement during | Our [https://docs.fedoraproject.org/en-US/packaging-guidelines/Scriptlets/#_systemd guidelines] say that units that are packaged in rpms must be enabled through macros (''%systemd_post'') and the preset system. Almost all packages conform to this, so effectively their enablement state follows the preset config. When the system is installed, or more precisely when ''systemd.rpm'' is installed, we do ''preset-all''. But for historical reasons, when booting an unconfigured system ("first boot") we only 'enable' units in this fashion. In Fedora and RHEL CoreOS, some symlinks are created in the golden image, but should be disabled in the local image after local preset configuration has been inserted. To make this work, the call in systemd will be changed to execute the equivalent of ''preset-all --preset-mode=full'', making enablement during "first boot" more like enablement during an Anaconda installation. | ||
== Feedback == | == Feedback == | ||
Line 60: | Line 58: | ||
** build systemd with this mode changed to ''--preset-mode=full'' | ** build systemd with this mode changed to ''--preset-mode=full'' | ||
** provide pull requests for two packages which have been identified to not use the preset system for enablement to conform to the packaging guidelines (https://bugzilla.redhat.com/show_bug.cgi?id=2070862, https://bugzilla.redhat.com/show_bug.cgi?id=2070726) | ** provide pull requests for two packages which have been identified to not use the preset system for enablement to conform to the packaging guidelines (https://bugzilla.redhat.com/show_bug.cgi?id=2070862, https://bugzilla.redhat.com/show_bug.cgi?id=2070726) | ||
** https://github.com/systemd/systemd/issues/17898 is time permits | |||
* Other developers: review and merge the pull requests | * Other developers: review and merge the pull requests | ||
Line 69: | Line 68: | ||
* Trademark approval: N/A (not needed for this Change) | * Trademark approval: N/A (not needed for this Change) | ||
* Alignment with Objectives: | * Alignment with Objectives: | ||
== Upgrade/compatibility impact == | == Upgrade/compatibility impact == | ||
Line 79: | Line 78: | ||
== User Experience == | == User Experience == | ||
In general this change will be a noop for users, because it only applies to "first boot", i.e. to the case when a system is booted from a distributable image without local configuration and is configured when initially booted. In | In general this change will be a noop for users, because it only applies to "first boot", i.e. to the case when a system is booted from a distributable image without local configuration and is configured when initially booted. In case where Anaconda is used to install images, /etc is populated before the first boot and the "first boot" condition never applies, thus this change is irrelevant. On systems installed from a "golden image" such as Fedora CoreOS, units will follow the preset configuration more closely. Thanks to the fixes to make packages conform to packaging guidelines, users can call '''preset-all''' to return the system to defaults. | ||
== Dependencies == | == Dependencies == |
Latest revision as of 16:25, 2 August 2022
Preset All Systemd Units on First Boot
Summary
Systemd will execute the equivalent of systemctl preset-all when an unconfigured system is booted ("First Boot" condition). This means that units will be enabled or disabled according to the preset configuration. We currently do the equivalent of systemctl preset-all --preset-mode=enable-only, and this will be extended to also disable units, i.e. systemctl preset-all --preset-mode=full. Any units which are manually symlinked but presets say they shouldn't (which is against the packaging guidelines for packaged units) will be disabled.
Note that this applies to "first boot" only, i.e. to boot from an image without /etc fully populated. In does not apply to systems that were installed using Anaconda.
Owner
- Name: Jonathan Lebon, Zbigniew Jędrzejewski-Szmek
- Email: zbyszek at in.waw.pl, jlebon at redhat.com
Current status
- Targeted release: Fedora Linux 37
- Last updated: 2022-08-02
- devel thread
- FESCo issue: #2835
- Tracker bug: #2114065
- Release notes tracker: #867
Detailed Description
Our guidelines say that units that are packaged in rpms must be enabled through macros (%systemd_post) and the preset system. Almost all packages conform to this, so effectively their enablement state follows the preset config. When the system is installed, or more precisely when systemd.rpm is installed, we do preset-all. But for historical reasons, when booting an unconfigured system ("first boot") we only 'enable' units in this fashion. In Fedora and RHEL CoreOS, some symlinks are created in the golden image, but should be disabled in the local image after local preset configuration has been inserted. To make this work, the call in systemd will be changed to execute the equivalent of preset-all --preset-mode=full, making enablement during "first boot" more like enablement during an Anaconda installation.
Feedback
Benefit to Fedora
- CoreOS can insert local preset configuration through Ignition and this configuration will be applied on the first boot.
- Users can do something similar with local preset configuration on distributed images.
- The system is made a bit simpler and easier to understand, because we can say that "units are enabled/disabled after installation as specified by the preset system".
- Users can call systemctl preset-all at any time to apply preset-configuration. If no local changes to configuration have been made, preset-all would make no changes to unit state. If units have been enabled or disabled, preset-all would return unit enablement to the pristine state after installation.
Scope
- Proposal owners:
- implement patch for systemd to configure preset-all mode on first boot (https://github.com/systemd/systemd/pull/15205)
- build systemd with this mode changed to --preset-mode=full
- provide pull requests for two packages which have been identified to not use the preset system for enablement to conform to the packaging guidelines (https://bugzilla.redhat.com/show_bug.cgi?id=2070862, https://bugzilla.redhat.com/show_bug.cgi?id=2070726)
- https://github.com/systemd/systemd/issues/17898 is time permits
- Other developers: review and merge the pull requests
- Release engineering: N/A
- Policies and guidelines: none, this change is about following the guidelines more closely
- Trademark approval: N/A (not needed for this Change)
- Alignment with Objectives:
Upgrade/compatibility impact
None.
How To Test
- On a newly installed system, with arbitrary set of packages: call systemctl preset-all. This should result in no changes.
- On a system which is booted from an unconfigured image (e.g. the new Server VM image should qualify, see Changes/Supplement-server-by-kvm-vm-image): before the first boot, enable some units manually that are disabled in presets. After booting, those units should be disabled again.
User Experience
In general this change will be a noop for users, because it only applies to "first boot", i.e. to the case when a system is booted from a distributable image without local configuration and is configured when initially booted. In case where Anaconda is used to install images, /etc is populated before the first boot and the "first boot" condition never applies, thus this change is irrelevant. On systems installed from a "golden image" such as Fedora CoreOS, units will follow the preset configuration more closely. Thanks to the fixes to make packages conform to packaging guidelines, users can call preset-all to return the system to defaults.
Dependencies
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) Systemd maintainers: flip back the default in systemd, rebuild.
- Contingency deadline: N/A (not a System Wide Change) This can be done at any time up to the release.
- Blocks release? No.
Documentation
N/A (not a System Wide Change)