FS#50224 - [dnscrypt-proxy] service file broken without warning in upgrade
Attached to Project:
Community Packages
Opened by rdeckard (rdeckard) - Monday, 01 August 2016, 12:06 GMT
Last edited by Eli Schwartz (eschwartz) - Thursday, 05 April 2018, 02:40 GMT
Opened by rdeckard (rdeckard) - Monday, 01 August 2016, 12:06 GMT
Last edited by Eli Schwartz (eschwartz) - Thursday, 05 April 2018, 02:40 GMT
|
Details
Upgrading dnscrypt-proxy 1.6.1-1 -> 1.7.0-1 results in
the dnscrypt-proxy.service file being changed without
warning. The service file is now not usable on its own and
is simply a template. Simply running "systemctl
daemon-reload" and "systemctl restart dnscrypt-proxy"
results in a failed service. The install file for the
package should at least warn the user of this.
To get the previous behavior a user should edit a systemd drop-in file for the service with the following contents: [Service] ExecStart= ExecStart=/usr/bin/dnscrypt-proxy \ -R dnscrypt.eu-nl |
This task depends upon
Closed by Eli Schwartz (eschwartz)
Thursday, 05 April 2018, 02:40 GMT
Reason for closing: Won't implement
Additional comments about closing: FS#57027
obsoletes this
Thursday, 05 April 2018, 02:40 GMT
Reason for closing: Won't implement
Additional comments about closing:
IMO the systemd units should be installed to /usr/share/doc/ rather than /usr/lib/systemd/ since they don't work by default.
I filed this bug because there is no warning that manual intervention is required.
My comment wasn't meant as a workaround. It was meant as a possible fix for the service unit (by explicitly providing a resolver-name, say dnscrypt.eu-nl, and providing a user, say dnscrypt-proxy which could be created via systemd-user).
This would be preferred over what @lahwaacz suggests.
I think upstream agrees with me, otherwise they would not make the change in the first place :)
As for creating a new system user, that's tracked in
FS#49881.Perhaps the proper way is to use a dnscrypt-proxy@profile.service
EDIT: here's what I mean: https://gist.github.com/lolilolicon/0fd732edb3fdeddacf521b9b08717025
To use the resolver "cisco", simply `systemctl enable dnscrypt-proxy@cisco.service`
Edit: I don't know how to make socket activation work with this, so --local-address can be removed...
FS#57027?