@@ -29,6 +29,9 @@ (define-module (gnu services monitoring)
#:use-module (gnu packages monitoring)
#:use-module (gnu packages networking)
#:use-module (gnu system shadow)
+ #:use-module ((gnu system file-systems) #:select (file-system-mapping))
+ #:use-module (gnu build linux-container)
+ #:autoload (guix least-authority) (least-authority-wrapper)
#:use-module (guix gexp)
#:use-module (guix packages)
#:use-module (guix records)
@@ -448,7 +451,7 @@ (define-configuration vnstat-configuration
@var{save-interval}..@samp{60}")
(pid-file
- (maybe-string "/var/run/vnstatd.pid")
+ (maybe-string "/var/run/vnstatd/vnstatd.pid")
"\
Specify pid file path and name to be used.")
@@ -558,17 +561,40 @@ (define (vnstat-serialize-configuration config)
(serialize-configuration config vnstat-configuration-fields)))
(define (vnstat-shepherd-service config)
- (let ((config-file (vnstat-serialize-configuration config)))
- (match-record config <vnstat-configuration> (package pid-file)
+ (match-record config <vnstat-configuration> (package database-dir pid-file use-logging)
+ (let* ((config-file (vnstat-serialize-configuration config))
+ (vnstatd (least-authority-wrapper
+ (file-append package "/sbin/vnstatd")
+ #:name "vnstatd"
+ #:mappings (append (if (eqv? use-logging 2)
+ (list (file-system-mapping
+ (source "/dev/log") ; for syslog
+ (target source)))
+ '())
+ (list (file-system-mapping
+ (source database-dir)
+ (target source)
+ (writable? #t))
+ (file-system-mapping
+ (source (dirname pid-file))
+ (target source)
+ (writable? #t))
+ (file-system-mapping
+ (source config-file)
+ (target source))))
+ #:namespaces (delq 'net %namespaces))))
(shepherd-service
(documentation "Run vnstatd.")
(requirement `(networking))
(provision '(vnstatd))
- (start #~(make-forkexec-constructor
- (list #$(file-append package "/sbin/vnstatd")
- "--daemon"
- "--config" #$config-file)
- #:pid-file #$pid-file))
+ (start #~(begin
+ (mkdir-p #$database-dir)
+ (mkdir-p (dirname #$pid-file))
+ (make-forkexec-constructor
+ (list #$vnstatd
+ "--daemon"
+ "--config" #$config-file)
+ #:pid-file #$pid-file)))
(stop #~(make-kill-destructor))
(actions
(list (shepherd-configuration-action config-file)