The officially official Devuan Forum!

Geoff 42

Member

Registered: 2016-12-15

Posts: 461  

Upgrading to Daedalus running runit-init

My Chimaera system has been running for a long time and has used runit and runit-init.
I was going to upgrade to Daedalus while having runit and not reverting to SysV init.
I simply followed the standard instructions.

https://www.devuan.org/os/documentation … o-daedalus

apt update
apt upgrade
apt full-upgrade
apt autoremove

edit /etc/apt/sources.list - adding non-free-firmware as well as changing chimaera to daedalus

deb http://deb.devuan.org/merged daedalus main non-free-firmware non-free contrib
deb http://deb.devuan.org/merged daedalus-updates main non-free-firmware non-free contrib
deb http://deb.devuan.org/merged daedalus-security main non-free-firmware non-free contrib
# deb http://deb.devuan.org/merged daedalus-backports main non-free-firmware non-free contrib

apt update

Now kill xscreensaver. The suggested "killall xscreensaver" did not work so I resorted to ps to get the pid and then :-

kill -TERM 24860 # in this case!

apt upgrade
apt full-upgrade

It asks about stopping and restarting some processes. Of these vsftpd failed to restart. This was due to an historic misconfiguration!

I think that it took about 1.5 to 2 hours to finish. Then the tidy up.

apt autoremove --purge
apt autoclean

df -h / reported :-

20G 15G 4.2G 78%

before the upgrade and now

20G 17G 2.7G 86%

This seems to imply that Daedalus is taking up 1.5G more than Chimaera.
This will of course depend on what you have installed! I have Flightsimulator which does take up a bit of disk space!

I rebooted and it worked.
A had to do bit of fiddling with my dual monitors, but that is not really to do with Daedalus or runit.

runsvdir command line errors
===================

When I ran "ps axjf" I noticed that the command line of runsvdir was not the expected line of dots, but was carrying some error messages.

ps axjf|grep runsvdir reports :-

runsvdir -P /etc/service log: tional log directories. svlogd: warning: unable to lock directory: /var/log/runit/ssh: access denied svlogd: fatal: no functional log directories. svlogd: warning: unable to lock directory: /var/log/runit/ssh: access denied svlogd: fatal: no functional log directories. svlogd: warning: unable to lock directory: /var/log/runit/acpid: access denied svlogd: fatal: no functional log directories.

in /var/log/runit current and lock were both owned by "_runit-log adm" in the subdirectories acpid/ and ssh/
This was probably some historic set up error, but :-

cd /var/log/runit
chown runit-log:runit-log acpid/current 
chown runit-log:runit-log acpid/lock 
chown runit-log:runit-log ssh/current 
chown runit-log:runit-log ssh/lock 

soon had that fixed and after the next reboot the runsvdir command line contains the expected, clean line of dots.

NTP
===

ntp has been replaced by ntpsec.

After the upgrade my set up started ntpsec and then runit tried to start ntp and failed, but looped when it noticed that an ntp service was already running (and was logging it...)

I needed to sort out ntpsec and disable init.d/ntp. I stopped ntp until I had it sorted.

I edited /etc/sv/ntp/run to contain :-

#!/bin/sh -eu
exec 2>&1

sv start dbus || exit 1

DAEMON=/usr/sbin/ntpd
NTPD_USER="ntpsec:ntpsec"
NTPD_OPTS="-n -N -g -u $NTPD_USER"
NTPD_OPTS="-c /etc/ntpsec/ntp.conf $NTPD_OPTS"

exec $DAEMON $NTPD_OPTS

This now runs happily...

sv up ntp
sv status ntp
run: ntp: (pid 15388) 1101s; run: log: (pid 1935) 6879s

To stop the init.d versions getting started (my runit service is called "ntp" so I disabled both ntp and ntpsec) :-

update-rc.d ntp disable
update-rc.d ntpsec disable

The ntp service is now running smoothly under runit.

I will report success with postgresql separately.

Geoff

Lorenzo

Member

Registered: 2020-03-03

Posts: 36  

Re: Upgrading to Daedalus running runit-init

Hi Geoff,

in /var/log/runit current and lock were both owned by "_runit-log adm" in the subdirectories acpid/ and ssh/
This was probably some historic set up error, but :-

cd /var/log/runit
chown runit-log:runit-log acpid/current
chown runit-log:runit-log acpid/lock
chown runit-log:runit-log ssh/current
chown runit-log:runit-log ssh/lock

soon had that fixed and after the next reboot the runsvdir command line contains the expected, clean line of dots.

Actually, 'runit-log' is being dropped and the '_runit-log' user is the right one. According to Debian policy users created by
packages should begin with _ to avoid confusion with real (uman) users. I thought I got this right but evidently I've missed
something, sorry
I recommend to update the log/run script of acpid and ssh with the one that is currently shipped (instead of changing permission
of current/lock), for example

cat /etc/sv/ssh/log/run

#!/bin/sh
chown _runit-log:adm '/var/log/runit/ssh'
chmod 750 '/var/log/runit/ssh'
exec chpst -u _runit-log svlogd -tt '/var/log/runit/ssh'

and then do

sv e ssh

to fix the error

Geoff 42

Member

Registered: 2016-12-15

Posts: 461  

Re: Upgrading to Daedalus running runit-init

Thank you for that.

I also had to sort out the ownership of the files themselves, current and lock, but it is now running happily.

Someone here had worked out a run file that needed very little customisation between services, so my log/run file now looks like :-

#!/bin/sh

NAME=ssh
LOG="/var/log/runit/$NAME"
USER="_runit-log"
GROUP="adm"

chown "$USER:$GROUP" "$LOG"
chmod 750 "$LOG"

exec chpst -u "$USER" svlogd -tt "$LOG"

Maybe that should be 'chown -R "$USER:$GROUP" "$LOG"' to sort out the log files themselves, as well as the directory?

Geoff

Lorenzo

Member

Registered: 2020-03-03

Posts: 36  

Re: Upgrading to Daedalus running runit-init

Maybe that should be 'chown -R "$USER:$GROUP" "$LOG"' to sort out the log files themselves, as well as the directory?

it was like that (chown -R) but the recursive option was removed due to symlink attacks [1] risk. But anyway I think the underlying issue is that I can't force a change in the log runscript (it's a conffile under /etc/) so there will always be a chance of a mismatch.
I'll drop an entry as NEWS file for runit to warn users.

Lorenzo
[1] For example https://github.com/OpenRC/opentmpfiles/issues/4