[Technology] systemd timers and service files in place of cron

I keep a daily journal in an Emacs org-mode file.  Sometimes due to clumsy keypresses in Emacs, I have temporarily deleted (!) lines or sections (!).  I think I have always caught these mistakes, but to be safe, I decided to create a git repository for it and do a daily commit.

In the past, I'd have used a cron job, but in recent years I've tried to make more and more use of systemd and timers.  Is one better than the other?  I'm going to ignore that question and proceed. :D

For this task, which I'm calling "log_git_committer" (very uninspired), I have four files:

  • log_git_committer.sh - a Bash script that handles actually committing changes
  • log_git_committer.service - a systemd service file that references the .sh file
  • log_git_committer.timer - a systemd timer file that implicitly references .service unit and describes the interval
  • Makefile - a simple make file to install and uninstall my files as I work on it

Below are some of the more interesting notes from working on it, and the systemd files. 


Some notable pieces that came up:

  • .service:
    • Type=oneshot: since I'm running this from a timer, I just want this service unit to be a "oneshot", as it's not actually a service that would keep running in the background.
    • ExecStart= and %h: I'm installing the shell script locall in my ~/.local/bin directory.  ExecStart in a .service won't accept ~/ or $HOME/ in a path, preferring absolute paths.  However, systemd has some specifiers like %h that will substitute in a user's path when a service unit is run with --user. 
  • .timer:
    • OnCalendar=: it has a lot of options that are similar to cron.  Neat. 
    • retroactively running missed timers?  Yes, if I set a timer to run at 3AM but I put my computer to sleep at 1AM and turn it back on at 8AM, the timer will then execute.  If I end up in Narnia and my computer is asleep for 3 days while I'm away (a lifetime there), it will then run the service just once to catch up.  Nice.
  • Makefile:
    • unit file syntax checking: systemd provides a command that lets you analyze your unit files to check for correctness. E.g.
      systemd-analyze verify log_git_committer.timer
      systemd-analyze verify log_git_committer.service

      so I added that to a target.
    • systemd install directory: for non-root user services and timers, the install directory is ~/.config/systemd/user/
      Some other locations on my Fedora 38 system for systemd unit files include:
      • /usr/lib/systemd/user/
      • /usr/lib/systemd/service/
      • /etc/systemd/user/
      • /etc/systemd/system/
    • systemd and reloading updated .service files: if I make a change to a .service file, systemd would like me to reload the new one from disk.  So, in my Makefile, after I copy .service and .timer files into their install directory, I call:
      systemctl --user daemon-reload


If there's interest, I can share this, but it's pretty simple and straight forward.


Description=Commit changes to a log file




Description=Do a daily commit of the log file.





[Technology] web development: TypeScript!

I used to be a snob about various technologies.  Two decades ago, I hated doing web development with JavaScript, dealing with browser quirks and what felt like deficiencies in the base standard and browser client libraries.  It felt like you couldn't write simple, safe and predictable code, especially without relying on a third party framework or library.

However, much has changed and I genuinely enjoy it now.  I still often prefer to write code without third-party libraries or frameworks if I can afford to, but I have increasingly come to rely on TypeScript.  I value type checking a lot, especially as projects grow and APIs evolve.  Managing types explicitly entails more work earlier on, but it also helps spare me from silly bugs and saves me time during refactoring or when revisiting code I wrote a while ago.  

TypeScript works by transcompiling TypeScript (in .ts files) into pure JavaScript.  Some of my favourite features include:

  • getting to set language standard targets in configuration.  E.g. setting your target to "es2016" will mean the generated JavaScript will down-compile newer syntax into syntax that exists in ECMAScript 2016.  (Note: this doesn't polyfill API functionality!)
  • easily defining interface types for simple objects with fixed property names

There's some effort to promote a native static type system in future ECMAScript, like this proposal: https://github.com/tc39/proposal-type-annotations.  I hope for this friendlier future.


[Technology] firejail: sandboxing with Linux namespaces

I am generally fairly wary of the amount of access software has on my computer.  Consequently, I like to use firejail on Linux to sandbox a lot of applications.  E.g. am I playing a single-player game from itch.io?  It doesn't need access to my mount points, my home directory (beyond the game's own directory for the program, game files and save data) or to the network.  Sometimes I am stunned by how much trust I put into random software back in 1998

It uses Linux namespace and seccomp-bfp.

An example command of what I might use would be:

$ firejail --net=none --disable-mnt --whitelist=/home/myuser/files/games/game_title/ ./game.sh
Some common programs have pre-existing profiles defined by firejail, like firefox, and those can be found in /etc/firejail.  In the case of firefox, one notable change is access to your home directory: it gets restricted to just your downloads folder!

Dieses Blog durchsuchen


#Technology #GNOME gnome gxml fedora bugs linux vala google #General firefox security gsoc GUADEC android bug xml fedora 18 javascript libxml2 programming web blogger encryption fedora 17 gdom git libgdata memory mozilla open source serialisation upgrade web development API Spain design emacs evolution fedora 16 fedora 20 fedora 22 fedup file systems friends future glib gnome shell internet luks music performance phone photos preupgrade tablet testing yum #Microblog Network Manager adb art automation bash brno catastrophe css data loss deja-dup disaster emusic errors ext4 facebook fedora 19 gee gir gitorious gmail gobject google talk google+ html libxml mail microsoft mtp namespaces nautilus php picasaweb ptp resizing rpm school selinux sms speech dispatcher systemd technology texting time management uoguelph usability video web design youtube #Tech Air Canada C Empathy Europe GError GNOME 3 GNOME Files Go Google Play Music Grimes IRC Mac OS X Mario Kart Memento Nintendo Nintendo Switch PEAP Selenium Splatoon UI VPN Xiki accessibility advertising ai albums anaconda anonymity apache apple ask asus eee top automake autonomous automobiles b43 backup battery berlin bit rot broadcom browsers browsing canada canadian english cars chrome clarity comments communication compiler complaints computer computers configuration console constructive criticism cron customisation dataloss dconf debug symbols debugging design patterns desktop summit development discoverability distribution diy dnf documentation drm duplicity e-mail efficiency email english environment estate experimenting ext3 fedora 11 festival file formats firejail flac forgottotagit freedom friendship fuse galaxy nexus gay rights gdb german germany gimp gio gitlab gjs gnome software gnome-control-center google assistant google calendar google chrome google hangouts google reader gqe graphviz growth gtest gtg gtk gvfs gvfs metadata hard drive hard drives hardware help hp humour identity instagram installation instant messaging integration intel interactivity introspection jabber java java 13 jobs kernel keyboard language languages law learning lenovo letsencrypt libreoffice librpm life livecd liveusb login macbook maintainership mario memory leaks messaging mounting mouse mysql netflix new zealand nodelist numix obama ogg oggenc oh the humanity open open standards openoffice optimisation org-mode organisation package management packagekit paint shedding parallelism pdo perl pipelight pitivi privacy productivity progress progressive web apps pumpkin pwa python quality recursion redhat refactoring repairs report rhythmbox sandboxes scheduling screenshots self-navigating car shell signal sleep smartphones software software engineering speed sql ssd synergy tabs test tests themes thesis tracker travel triumf turtles tv tweak twist typescript typing university update usb user experience valadoc volunteering vpnc waf warm wayland weather web apps website wifi wiki wireless wishes work xinput xmpp xorg xpath
Powered by Blogger.