Afternoon all!
I use rtkbase (https://github.com/Stefal/rtkbase) which is based on a debian installation to provide RTK to local farmers. I wanted to add my own service unit so on startup, it would broadcast to a 3rd caster (the software itself only handles 2), and so far, so good, all changes done and it worked. On reboot, the new service unit and my script in /home/basegnss vanished. Also, a nohup.out I'd deleted reappeared. OK, so some sort of overlay file system or steady-state file system or something is in effect. But I can't work out what:
I was looking into where the /run stuff comes from, and it seemed to me that might be a factor (1000 is the uid for basegnss), but I'm unable to find what's putting that into effect? I read up about ProtectHome and ProtectSystem in service units, but they should only affect what processes are spawned from that unit ?
My usually-decent googling has failed me on this one - any suggestions gratefully accepted, thanks!
A
I use rtkbase (https://github.com/Stefal/rtkbase) which is based on a debian installation to provide RTK to local farmers. I wanted to add my own service unit so on startup, it would broadcast to a 3rd caster (the software itself only handles 2), and so far, so good, all changes done and it worked. On reboot, the new service unit and my script in /home/basegnss vanished. Also, a nohup.out I'd deleted reappeared. OK, so some sort of overlay file system or steady-state file system or something is in effect. But I can't work out what:
Bash:
basegnss@basegnss:~ $ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/root 29G 4.6G 23G 17% /
devtmpfs 333M 0 333M 0% /dev
tmpfs 461M 0 461M 0% /dev/shm
tmpfs 185M 1.1M 184M 1% /run
tmpfs 5.0M 4.0K 5.0M 1% /run/lock
/dev/mmcblk0p1 250M 51M 199M 21% /boot
tmpfs 93M 0 93M 0% /run/user/1000
basegnss@basegnss:/etc/systemd/system $ cat /etc/fstab
proc /proc proc defaults 0 0
PARTUUID=c3d522c2-01 /boot vfat defaults 0 2
PARTUUID=c3d522c2-02 / ext4 defaults,noatime 0 1
# a swapfile is not a swap partition, no line here
# use dphys-swapfile swap[on|off] for that
I was looking into where the /run stuff comes from, and it seemed to me that might be a factor (1000 is the uid for basegnss), but I'm unable to find what's putting that into effect? I read up about ProtectHome and ProtectSystem in service units, but they should only affect what processes are spawned from that unit ?
Bash:
basegnss@basegnss:/etc/systemd/system $ find . -exec grep -Hi protect {} \; 2>/dev/null
./dbus-org.bluez.service:ProtectHome=true
./dbus-org.bluez.service:ProtectSystem=full
./multi-user.target.wants/rsync.service:# system protection (which makes /usr, /boot, & /etc read-only) and hide
./multi-user.target.wants/rsync.service:ProtectSystem=full
./multi-user.target.wants/rsync.service:#ProtectHome=on|off|read-only
./multi-user.target.wants/ModemManager.service:ProtectSystem=true
./multi-user.target.wants/ModemManager.service:ProtectHome=true
./multi-user.target.wants/chrony.service:ProtectHome=yes
./multi-user.target.wants/chrony.service:ProtectSystem=full
./multi-user.target.wants/chrony.service:ProtectControlGroups=yes
./multi-user.target.wants/chrony.service:ProtectKernelModules=yes
./multi-user.target.wants/chrony.service:ProtectKernelTunables=yes
./dbus-org.freedesktop.ModemManager1.service:ProtectSystem=true
./dbus-org.freedesktop.ModemManager1.service:ProtectHome=true
./bluetooth.target.wants/bluetooth.service:ProtectHome=true
./bluetooth.target.wants/bluetooth.service:ProtectSystem=full
./chronyd.service:ProtectHome=yes
./chronyd.service:ProtectSystem=full
./chronyd.service:ProtectControlGroups=yes
./chronyd.service:ProtectKernelModules=yes
./chronyd.service:ProtectKernelTunables=yes
./chrony.service:ProtectHome=yes
./chrony.service:ProtectSystem=full
./chrony.service:ProtectControlGroups=yes
./chrony.service:ProtectKernelModules=yes
./chrony.service:ProtectKernelTunables=yes
./default.target.wants/e2scrub_reap.service:ProtectSystem=true
./default.target.wants/e2scrub_reap.service:ProtectHome=read-only
My usually-decent googling has failed me on this one - any suggestions gratefully accepted, thanks!
A