Nixpkgs: services: Switch to Type=exec wherever possible with systemd 240
systemd 240 introduces a new Type=exec, which like Type=simple, but better in the sense that it communicates failures in exec() back to systemd, as opposed failures only in fork(). See
https://github.com/systemd/systemd/blob/09e5c07fbd23d098edf2e0b51fbf402f07474dae/NEWS#L5
for details.
Using Type=exec everywhere should mean that we can detect many issues earlier, increasing the reliability of systems built with NixOS, and in particular NixOps deployments.
This change might fix many problems I've encountered, where a new configuration first apparently activates successfully, only to crash shortly after.
nh2
All 3 comments
Type=exec doesn't seem useful for nix-generated services. What kind of issues have you encountered that would benefit from it?
orivej
on 2 Dec 2018
Why doesn't it seem useful? In this talk Lennart explains well what kind of edge cases are handled well in exec but not in simple https://media.ccc.de/v/ASG2018-230-systemd_in_2018#t=491
Bugs like: "the binary is absent, but the service is still reported successfully started" are caught with exec but not with simple. And those kind of bugs are bugs we ran in before. (For example, someone makes a typo in a binary name, but all the NixOS tests pass anyway because the service successfully started)
A service being generated from nix and the service's type seem like two totally orthogonal things to me. We have services of many types in Nix. From simple, oneshot, and forking.
Simple has buggy semantics but because people now might depend on the buggy semantics, systemd will introduce a new type exec which fixes these issues while keeping the old simple type as well for backwards compatibility. Exec will become the default in some later release. Switching now already seems like a good investment.
arianvp
on 3 Dec 2018
Thank you for your contributions.
This has been automatically marked as stale because it has had no activity for 180 days.
If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.
Here are suggestions that might help resolve this more quickly:
- Search for maintainers and people that previously touched the related code and @ mention them in a comment.
- Ask on the NixOS Discourse.
- Ask on the #nixos channel on irc.freenode.net.
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 3 Jun 2020
Related issues
Infinisil
路
146Comments
thoughtpolice
路
71Comments
globin
路
65Comments
timokau
路
66Comments
danykey
路
64Comments
Most helpful comment
Why doesn't it seem useful? In this talk Lennart explains well what kind of edge cases are handled well in
execbut not insimplehttps://media.ccc.de/v/ASG2018-230-systemd_in_2018#t=491Bugs like: "the binary is absent, but the service is still reported successfully started" are caught with exec but not with simple. And those kind of bugs are bugs we ran in before. (For example, someone makes a typo in a binary name, but all the NixOS tests pass anyway because the service successfully started)
A service being generated from nix and the service's type seem like two totally orthogonal things to me. We have services of many types in Nix. From simple, oneshot, and forking.
Simple has buggy semantics but because people now might depend on the buggy semantics, systemd will introduce a new type
execwhich fixes these issues while keeping the oldsimpletype as well for backwards compatibility. Exec will become the default in some later release. Switching now already seems like a good investment.