[Nix-dev] [NixOS/nixos] a5969: sshd: Do detach into the background

[Eelco Dolstra]

Hi,

On 07/10/12 13:22, Peter Simons wrote:

>  > Commit: a5969634f4da94f85ffbce2ce81f760fd73c67e5
>  >
>  > Log Message:
>  > -----------
>  > sshd: Do detach into the background
>  >
>  > This is necessary to ensure that jobs that need to start after sshd
>  > work properly.
> 
> this seems counter-intuitive to me. How is running sshd asynchronously
> going to make the service more reliable for dependent jobs that start
> after it? A synchronous start-up feels more predictable to me. What am I
> missing?

With "Type=simple", systemd will consider the unit "Started" as soon as it has
started the unit's main process, and will begin to start other units that are
ordered after it right away.  This is almost never correct, because the process
in question typically has to do some initialisation (such as to start listening
on ports/sockets).  So you get random failures in the dependent units.

With "Type=forking", the unit is only considered "Started" as soon as it has
forked into the background, which is presumably after it's really ready.  And
with "PIDFile=...", systemd will wait until the service has written its PID
file.  So this should be more reliable.  However, the most reliable way is to
use socket-based activation or startup notification (sd_notify()), but these
require modifying the daemon.

However, this commit was something of a brainfart on my part, because the unit
in question (print-host-key in modules/virtualisation/ec2-data.nix) really only
depends on the preStart script of the sshd unit.  It doesn't actually care
whether sshd is running.

-- 
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/