| Age | Commit message (Collapse) | Author |
|---|
|
7fb7acfc206b4bf8c296d72b66f3bd4fe342fd87 Set init stop timeout to 10 min (setpill)
Pull request description:
`bitcoind` can take a long time to flush its db cache to disk upon
shutdown. Systemd sends a `SIGKILL` after a timeout, causing unclean
shutdowns and triggering a long "Rolling forward" at the next startup.
Disabling the timeout should prevent this from happening, and does not
break systemd's `restart` logic.
Addresses #13736.
ACKs for top commit:
instagibbs:
utACK https://github.com/bitcoin/bitcoin/pull/16569/commits/7fb7acfc206b4bf8c296d72b66f3bd4fe342fd87
Tree-SHA512: 16e0ce5a9ecf0628f8d93d68db3f5a78ab36021d9bede05a90c84f144db2e87e17707a6eb910cb7c018c265ce2c81d43de2988bd79e4a2d8554515db8fb5aa36
|
|
`bitcoind` can take a long time to flush its db cache to disk upon
shutdown. Most init files send a `SIGKILL` after a timeout of 1 minute,
causing unclean shutdowns and triggering a long "Rolling forward" at the
next startup. Increasing this timeout to 10 minutes should reduce how
often this occurs, especially during IBD.
fixup! Set ProtectHome in systemd service file
|
|
Further hardening; the service should be run with as many restrictions
as possible without breaking it.
|
|
Rather than making the config dir world-readable, which potentially
leaks RPC credentials, the group of the directory is changed to the one
the service is executed as.
|
|
The phrasing seemed to indicate that the options specified in
ExecStart= could not be specified in the config file, necessitating
their inclusion in the service file. However, the options in the
config file simply get overridden by any specified in ExecStart=.
|
|
Tell systemd to create, set, and ensure the right mode for the PID,
configuration, and data directories.
Only the exec bit is set for groups for the aforementioned directories.
This is the least privilege perm that allows for the
reading/writing/execing of files under the directory _if_ the files
themselves give permission to its group to do so (e.g. when -sysperms is
specified). Note that this does not allow for the listing of files under
the directory.
|
|
|
|
|
|
|
|
Adds typical systemd hardening measurements for network services.
|
|
2f041f0e7 contrib/init: Update openrc-run filename (Luke Dashjr)
Pull request description:
OpenRC changed their program binary names in 2014 (3 years ago), and using the old names has loud warnings now
Tree-SHA512: 2b81802b21c32b8df6010142f9593c0b6cc814a052f83b7f5654f6885566e8dbcaf4da772145fa2cf5d94c16c2fb488c5d4879f71021407c4d7b3a3b7e7ed21e
|
|
OpenRC changed their program binary names in 2014 (3 years ago), and using the old names has loud warnings now
|
|
16be7dd Improve bitcoind systemd service file (Florian Schmaus)
Pull request description:
Add comment how further options can be added or existing ones
modified. Use /run/${RuntimeDirectory} for PID file.
Remove TimeoutStopSec, TimeoutStartSec, StartLimitInterval,
StartLimitBurst directives as those should be set indivdually.
Remove Group to user the bitcoin user's default group.
Changed Restart from 'always' to 'on-failure' (can also be overwritten
individually).
Tree-SHA512: f76674c11fd6e3faaf786aa05686926523d9c875aad6b776337f800108fdb716470286805c532b494f8cf713cb5eea6b735e1c7c238ffb407a5cc909dda41aa4
|
|
bitcoind should not be launched as daemon from launchctl. Otherwise, the
process cannot be stopped from launchctl.
|
|
|
|
Add comment how further options can be added or existing ones
modified. Use /run/${RuntimeDirectory} for PID file.
Remove TimeoutStopSec, TimeoutStartSec, StartLimitInterval,
StartLimitBurst directives as those should be set indivdually.
Remove Group to user the bitcoin user's default group.
Changed Restart from 'always' to 'on-failure' (can also be overwritten
individually).
|
|
afc693d contrib/init/bitcoind.openrcconf: Don't disable wallet by default (Luke Dashjr)
Tree-SHA512: 1763a9e91788485b079b96239cf09f1557b338e5045aa4ffbad3908f88c4e362b9b5d86a8a0f33734899de244e76e7ced02a6be8e52b3fb69258a5101d6445ef
|
|
It's harmless if it goes unused, and confused when a wallet is desired
|
|
|
|
|
|
This allows users to specify, e.g. raise, the default timeout of 60
seconds. Some bitcoind instances, especially long running ones on slow
hardware, require a higher timeout for a clean shut down.
Also add a comment to bitcoind.openrc's 'retry=', since it is not
obvious from the variable name what it does.
|
|
Capitalized P2P
|
|
Cryptocurrency was added to Oxford Dictionaries Online in May 2014.
|
|
723664b startup script for centos, with documentation. (joshr)
|
|
|
|
variables
|
|
|
