Supervise critical services
If any of the core services (e.g. Tor) crashes, a clueless user will have to reboot after realising that "Internet won't come back". That can be quite frustrating.
Supervising these services would be nice.
Given we'll move to an init system (#5821) that knows how to baby-sit services once Tails is based on Jessie, we can use it and find / adapt / write systemd unit files for the services we want to supervise.
Most of the work should be done in Debian and upstream first.
#5 Updated by intrigeri almost 5 years ago
- Description updated (diff)
- Type of work changed from Code to Debian
Here are the daemons we currently run from SysV initscripts in Tails/Jessie:
- Tor: we should test the unit file from upstream Git in Tails; for it to load the AppArmor profile, we need either one of:
- renaming the
usr.sbin.tor: should work, highly Tails-specific but so trivial that it's no big deal -- and we can get rid of this hack in Tails/Stretch
- wrapping the tor daemon's startup with aa-exec
- a more recent systemd than Jessie's one, hopefully from jessie-backports, compiled with AppArmor support (which is the case since 218-4 in Debian experimental)
- rebuilding Jessie's systemd with AppArmor support (I've been using that for months)
- renaming the
- ekeyd, spice-vdagent, ttdnsd: not exactly critical?
#10 Updated by intrigeri about 4 years ago
- Status changed from Confirmed to In Progress
- % Done changed from 0 to 10
- Tor: we should test the unit file from upstream Git in Tails;
feature/jessie now installs Tor 0.2.7.x packages that have the systemd unit file, but I think this is still true:
for it to load the AppArmor profile, we need either one of: [...]
#11 Updated by intrigeri about 4 years ago
- Status changed from In Progress to Resolved
- Assignee deleted (
- % Done changed from 10 to 100
On current feature/jessie, Tor is managed by email@example.com, which restarts the daemon if it dies (tested with
kill -9; this brings a regression in a different area, that is tracked separately as #10528).
I think that supervising tor was the last blocker, since:
- on Jessie, most other services we run are managed by systemd already;
- the remaining services started with sysvinit (
systemctl | grep LSB) are not critical;
=> I'm calling this done.