Daemons
On Void Linux, daemons are enabled by making a link from /etc/sv/
to /var/service/
. If /var/service/
is not available (for example in chroot), you can link to /etc/runit/runsvdir/default/
.
System log
See void handbook
# xbps-install socklog socklog-void
# ln -s /etc/sv/nanoklogd /var/service/
# ln -s /etc/sv/socklog-unix /var/service/
# sv start nanoklogd
ok: run: nanoklogd: (pid 4202) 13s
# sv start socklog-unix
ok: run: socklog-unix: (pid 4200) 24s
D-Bus
D-Bus allows inter-process communication. It is used for notification, single instance applications and many other things nowdays, so I just install it.
For example when you try to open a link with firefox, while it is already running and you do not have dbus:
Install dbus and start the system wide session.
# xbps-install dbus
# ln -s /etc/sv/dbus /var/service/
# sv start dbus
ok: run: dbus: (pid 1334) 54866
Add the following to ~/.xinitrc
to start user session dbus and export its environment variables:
eval "$(dbus-launch --sh-syntax)"
dbus-update-activation-environment --all
Check it. The variable DBUS_SESSION_BUS_ADDRESS should not be empty:
echo $DBUS_SESSION_BUS_ADDRESS
acpi
Acpid will listen to ACPI events (pressing brightness buttons, closing lid …) and run corresponding commands as defined in configuration files placed in /etc/acpi/events.
# ln -s /etc/sv/acpid /var/service/
# sv start acpid
ok: run: acpid: (pid 1322) 585029s
Look at my acpi handler for inspiration.
udev
Void linux uses eudev and it is installed and enabled by default.
Power management
# xbps-install tlp
# ln -s /etc/sv/tlp /var/service/
# sv start tlp
ok: run: tlp: (pid 1336) 589805s
Cron
# xbps-install dcron
# ln -s /etc/sv/dcron /var/service/
# sv start dcron
ok: run: dcron: (pid 1320) 583616s
Clock synchronization
# xbps-install chrony
# ln -s /etc/sv/chronyd /var/service/
# sv start chronyd
ok: run: chronyd: (pid 22863) 770s
Network
You have wpa_supplicant
, dhcpcd
and iptables
probably already installed.
Enable wpa_supplicant and dhcpcd:
# ln -s /etc/sv/dhcpcd /var/service/
# ln -s /etc/sv/wpa_supplicant /var/service/
Copy configured networks from another system: /etc/wpa_supplicant/wpa_supplicant.conf
To apply iptables rules at boot, install:
# xbps-install runit-iptables
Make a configuration file by copying an example one:
# cp /etc/iptables/simple_firewall.rules /etc/iptables/iptables.rules
The file contains:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p icmp -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -j REJECT --reject-with tcp-reset
-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable
-A INPUT -j REJECT --reject-with icmp-proto-unreachable
COMMIT
- reject all incoming traffic except ping, traffic on loopback interface and traffic that is part of existing connections
- reject all traffic routed through your machine
- allow all outgoing traffic
If you are using pptp vpn, you need to allow it by adding these rules:
-A INPUT -i ppp0 -j ACCEPT
-A INPUT -p tcp --dport 1723 -j ACCEPT
-A INPUT -p 47 -j ACCEPT
-A FORWARD -i ppp0 -j ACCEPT
-A FORWARD -o ppp0 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
Allow multicast DNS (for example for discovery of network printers):
-A INPUT -p udp --dport 5353 -j ACCEPT
For ipv6:
# cp /etc/iptables/simple_firewall.rules /etc/iptables/ip6tables.rules
you need to make some edits:
- icmp -> icmpv6
- icmp-port-unreachable -> icmp6-port-unreachable
- icmp-proto-unreachable does not exist, remove the line
Bluetooth
Install bluez and enable and start the daemon. add your user to bluetooth group so you can use the bluetoothctl command.
# xbps-install bluez
# ln -s /etc/sv/bluetoothd /var/service/
# sv start bluetoothd
ok: run: bluetoothd: (pid 28886) 11s
# usermod -a -G bluetooth username
To start with bluetooth powered down, uncomment/add in /etc/bluetooth/main.conf:
AutoEnable=false
Polkit
Polkit is a toolkit that allows unprivileged processes to speak to privileged processes. I need it because flatpak uses it but it is also required by other tools needing priviledged actions. It requires functioning dbus.
# ln -s /etc/sv/polkitd /var/service/
# sv start polkitd
timeout: down: polkitd: 0s, normally up, want up
Oh no, polkit did not start.
Try running it manually:
# /usr/lib/polkit-1/polkitd
Successfully changed to user polkitd
Error getting login monitor: -2
23:34:09.572: Loading rules from directory /etc/polkit-1/rules.d
23:34:09.572: Loading rules from directory /run/polkit-1/rules.d
23:34:09.572: Error opening rules directory: Error opening directory */run/polkit-1/rules.d*: No such file or directory (g-file-error-quark, 4)
23:34:09.572: Loading rules from directory /usr/local/share/polkit-1/rules.d
23:34:09.572: Error opening rules directory: Error opening directory */usr/local/share/polkit-1/rules.d*: No such file or directory (g-file-error-quark, 4)
23:34:09.572: Loading rules from directory /usr/share/polkit-1/rules.d
23:34:09.573: Finished loading, compiling and executing 2 rules
Entering main event loop
Connected to the system bus
23:34:09.574: Lost the name org.freedesktop.PolicyKit1 - exiting
Shutting down
Exiting with code 1
Polkit upon installation creates new user and group for itself. Already running dbus does not know about that user and group. Solution is to restart dbus to reinitialize the user database.
# sv restart dbus
# sv start polkitd
ok: run: polkitd: (pid 1323) 585789s
CUPS
CUPS - Common Unix Printing System
Install cups, enable and start cupsd service, add user to lpadmin group.
# xbps-install cups
# ln -s /etc/sv/cupsd /var/service
# sv start cupsd
# usermod -a -G lpadmin myuser
You can access the CUPS web interface at http://localhost:631. To perform administrative actions, log in with a user that is a member of the lpadmin group (adding the group will take effect after next login).
Network printer discovery
To enable network printer discovery, install Avahi and the CUPS browsing utility:
# xbps-install avahi avahi-utils cups-browsed
# ln -s /etc/sv/avahi-daemon /var/service
# sv start avahi-daemon
Edit /etc/nsswitch.conf
so the hosts line looks like this:
hosts: mymachines mdns_minimal [NOTFOUND=return] resolve [!UNAVAIL=return] files myhostname dns
If you are using iptables, allow mDNS port:
-A INPUT -p udp --dport 5353 -j ACCEPT
Restart iptables and avahi for changes to take effect. You may also need to restart dbus:
# sv restart iptables
# sv restart dbus
# sv restart avahi-daemon
Check if printer is found:
lpinfo -v
The printer should also appear in the CUPS web interface under Administration -> Add Printer.
User’s own daemons
User wants to run something for themselves, for example mpd or devmon.
User will create a directory in their home for these services, for example ~/sv
and every service will have a directory here, that contains a run
script.
For example for devmon, there will be a file ~/sv/devmon/run
that contains:
#!/bin/sh
exec devmon
Then make a service /etc/sv/sv-username/run that will launch all services in the users directory:
#!/bin/sh
export USER="username"
svdir="/home/$USER/sv"
if [ -d $svdir ]; then
groups="$(id -Gn "$USER" | tr ' ' ':')"
exec chpst -u "$USER:$groups" runsvdir "$svdir"
fi
Don’t forget to make the run files executable.
Enable it like everything else:
# ln -s /etc/sv/sv-username /var/service/
More information: https://docs.voidlinux.org/config/services/user-services.html