From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 761ED1FF170 for ; Thu, 15 May 2025 10:27:02 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id CAB6C1CC8F; Thu, 15 May 2025 10:27:23 +0200 (CEST) Message-ID: <25ae1887-aac1-4791-9cdc-fe3c5d121923@proxmox.com> Date: Thu, 15 May 2025 10:26:45 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: Thomas Lamprecht , Proxmox VE development discussion References: <20250513105652.67403-1-f.ebner@proxmox.com> <20250513105652.67403-2-f.ebner@proxmox.com> Content-Language: en-US From: Fiona Ebner In-Reply-To: X-SPAM-LEVEL: Spam detection results: 0 AWL -2.534 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_SOMETLD_ARE_BAD_TLD 5 .bar, .beauty, .buzz, .cam, .casa, .cfd, .club, .date, .guru, .link, .live, .monster, .online, .press, .pw, .quest, .rest, .sbs, .shop, .stream, .top, .trade, .wiki, .work, .xyz TLD abuse RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [proxmox-ve-default.link] Subject: Re: [pve-devel] [PATCH manager 1/4] add tpmfiles.d config to create /run/pve directory X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Am 14.05.25 um 20:08 schrieb Thomas Lamprecht: > Am 13.05.25 um 12:56 schrieb Fiona Ebner: >> The pve-lxc-syscalld systemd service currently uses /run/pve as a >> runtime directory. This means, that when the service is restarted, the >> directory will be recreated. But the /run/pve directory is not just >> used as the runtime directory of this service, but also for other >> things, e.g. storage tunnel and mtunnel sockets, container stderr logs >> as well as pull metric cache and lock, which will be lost when the >> service is restarted. >> >> The plan is to give the service its own runtime directory that is only >> used for that purpose and nothing else. However, this means the >> /run/pve directory will not get created automatically anymore (e.g. >> pull metric relies on the existence already). Add this tmpfiles.d >> configuration to create it automatically again. Note that the >> permissions/owner are different now. As the runtime directory, it was >> created with 0755 root:root. This tmpfiles.conf configuration >> aligns the permissions/owner with the ones /run/pve-cluster has, i.e. >> 0750 root:www-data. >> >> Signed-off-by: Fiona Ebner >> --- >> >> We could also opt for 0750 root:root, not sure. > > Would indeed better match the currently used /run/pve ownership. Okay, then I'll go for this, can always be extended to www-data if the need arises in the future. >> >> configs/Makefile | 1 + >> configs/pve-tmpfiles.conf | 2 ++ >> 2 files changed, 3 insertions(+) >> create mode 100644 configs/pve-tmpfiles.conf >> >> diff --git a/configs/Makefile b/configs/Makefile >> index fa586e28..36f4f75a 100644 >> --- a/configs/Makefile >> +++ b/configs/Makefile >> @@ -14,6 +14,7 @@ install: country.dat vzdump.conf pve-sources.list pve-initramfs.conf pve-blackli >> install -D -m 0644 pve-initramfs.conf $(DESTDIR)/etc/initramfs-tools/conf.d/pve-initramfs.conf >> install -D -m 0644 country.dat $(DESTDIR)/usr/share/$(PACKAGE)/country.dat >> install -D -m 0644 proxmox-ve-default.link $(DESTDIR)/usr/lib/systemd/network/99-default.link.d/proxmox-mac-address-policy.conf >> + install -D -m 0644 pve-tmpfiles.conf $(DESTDIR)/usr/lib/tmpfiles.d/pve-tmpfiles.conf > > You can use dh_installtmpfiles [0] for this and just add the relevant config in > a "debian/package.tmpfiles" file. With debhelper compat level 13 that helper > will be run by default [1], and as level 13 is the recommended level for Trixie, > I plan to switch all packages over to that anyway. > > 0: https://manpages.debian.org/trixie/debhelper/dh_installtmpfiles.1.en.html > 1: https://manpages.debian.org/testing/debhelper/debhelper-compat-upgrade-checklist.7.en.html#v13 > Good to know! Will change it in v2. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel