contrib: replace deprecated PermissionsStartOnly in systemd init #16994

pull setpill wants to merge 1 commits into bitcoin:master from setpill:fix-deprecated-permissionsstartonly changing 1 files +1 −2
  1. setpill commented at 10:12 am on September 30, 2019: contributor

    PermissionsStartOnly is deprecated (but not yet removed); its functionality replaced by special executable prefixes. The ! prefix allows the prefixed command to be run with unrestricted User and Group. This is necessary to ensure group ownership is set correctly to the configuration directory.

    Followup on @hebasto’s comment on #16556

  2. laanwj added the label Scripts and tools on Sep 30, 2019
  3. laanwj renamed this:
    Systemd replace deprecated PermissionsStartOnly
    contrib: replace deprecated PermissionsStartOnly in systemd init
    on Sep 30, 2019
  4. hebasto commented at 11:31 am on September 30, 2019: member

    ACK 36030e0a07b8adac990b38a0b544f54cb150904f, I have not tested the code, but I have reviewed it and it looks OK, I agree it can be merged. Concept ACK. Will test.

    See: Special executable prefixes

    PermissionsStartOnly is deprecated since systemd v240.

    Systemd versions:

    • Debian:
      • jessie: 215-17+deb8u13
      • stretch (via backports): 241-5~bpo9+1
      • buster: 241-7~deb10u1
    • Ubuntu:
      • xenial: 229-4ubuntu21.21
      • bionic: 237-3ubuntu10.29
    • Fedora 30: 241-12.git1e19bcd.fc30
  5. in contrib/init/bitcoind.service:23 in 36030e0a07 outdated 
    19@@ -20,8 +20,7 @@ ExecStart=/usr/bin/bitcoind -daemon \
20                             -datadir=/var/lib/bitcoind
21 
22 # Make sure the config directory is readable by the service user
23-PermissionsStartOnly=true
24-ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin
25+!ExecStartPre=/bin/chgrp bitcoin /etc/bitcoin
    hebasto commented at 12:06 pm on September 30, 2019: 
    0ExecStartPre=!/bin/chgrp bitcoin /etc/bitcoin
    setpill commented at 12:52 pm on September 30, 2019:
    Good catch :grimacing:
  6. Systemd replace deprecated PermissionsStartOnly 
    PermissionsStartOnly is deprecated (but not yet removed); its
functionality replaced by special executable prefixes. The `!` prefix
allows the prefixed command to be run with unrestricted User and Group.
This is necessary to ensure group ownership is set correctly to the
configuration directory.
    bd8d659c7f
  7. setpill force-pushed on Sep 30, 2019
  8. hebasto commented at 12:54 pm on September 30, 2019: member

    ACK bd8d659c7f944406865ba2937cab7fad2e88c614, tested on Linux Mint 19.2

    0hebasto@linux-511:~$ systemctl start bitcoind.service
1hebasto@linux-511:~$ stat /etc/bitcoin | grep id
2Access: (0710/drwx--x---)  Uid: (    0/    root)   Gid: ( 1002/ bitcoin)
  9. ryanofsky commented at 3:26 pm on September 30, 2019: contributor

    Do we know what version the prefix syntax was introduced, and if there are operating systems where the current file works but would be broken by this change?

    https://github.com/systemd/systemd/pull/10802#issuecomment-439446299 says they don’t have plans to drop support for PermissionsStartOnly

  10. hebasto commented at 3:47 pm on September 30, 2019: member

    Do we know what version the prefix syntax was introduced..?

    https://github.com/systemd/systemd/pull/6577, since v235.

    So, jessie and xenial do not comply.

  11. setpill commented at 7:08 am on October 1, 2019: contributor
    Since this file is mostly a suggestion for packagers/sysadmins, would a comment suffice to address pre-v235 situations?
  12. setpill commented at 7:10 am on October 1, 2019: contributor
    Then again, if there’s no immediate plans for systemd to drop PermissionsStartOnly, perhaps it’s better to revisit this PR when pre-v235 systems are EOL.
  13. laanwj commented at 12:09 pm on October 1, 2019: member

    Then again, if there’s no immediate plans for systemd to drop PermissionsStartOnly, perhaps it’s better to revisit this PR when pre-v235 systems are EOL.

    Tend to agree here, if there’s no hurry, and everything else is the same, staying with the old configuration option for now will result in the least surprises.

  14. laanwj commented at 10:34 am on October 30, 2019: member

    Then again, if there’s no immediate plans for systemd to drop PermissionsStartOnly, perhaps it’s better to revisit this PR when pre-v235 systems are EOL.

    Can you close this until then, please?

  15. setpill closed this on Oct 30, 2019
  16. laanwj added this to the milestone Future on Oct 30, 2019
  17. bitcoin locked this on Dec 16, 2021
  18. maflcko removed this from the milestone Future on Jul 23, 2025
  19. fanquake commented at 1:35 pm on July 23, 2025: member
    PIcked up in #33044.


setpill hebasto ryanofsky laanwj fanquake

Labels
Scripts and tools

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-08-08 15:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me