[Freeipa-devel] [PATCH] krb 1.12's OTP-Over-RADIUS
Simo Sorce
simo at redhat.com
Wed Apr 10 19:56:28 UTC 2013
On Wed, 2013-04-10 at 15:46 -0400, Rob Crittenden wrote:
> Simo Sorce wrote:
> > On Wed, 2013-04-10 at 15:35 -0400, Rob Crittenden wrote:
> >> My problem with systemd is that it seems to make things more opaque.
> >> It
> >> is hard to do even simple things like an strace on process startup
> >> because the shell is completely detached from execution. Which means
> >> that your logging needs to be top-notch so when things go wrong we
> >> can
> >> look somewhere and say "aha, it's X"
> >>
> >
> > Actually with systemd logging has become easier.
> > All you need to do is spit stuff to stdout (of course you must avoid
> > closing stdout if the daemon does so as they used to do to cope with
> > sysv init madness :)
>
> Yes, it is a mixed bag. Doesn't replace the sweetness of strace
> /etc/init.d/service start to find startup permission issues. If your
> daemon doesn't log that it is failing because it can't open some file
> then you're in deep.
OTOH strace /etc/init.d/service start will almost certainly run
unconfined, so if the access issue is due to selinux policy you'll be
left with a fist of flies anyway.
That said I think you can change the systemd unit file to run a shell
script with strace /usr/bin/myexec in it, have not tried that one yet
though.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list