You are not logged in.
Pages: 1
Topic closed
I noticed that avahi is now started automatically via DBus service activation:
Nov 15 07:33:13 sedna dbus[247]: [system] Activating via systemd: service name='org.freedesktop.Avahi' unit='dbus-org.freedesktop.Avahi.service'
Nov 15 07:33:13 sedna systemd[1]: Starting Avahi mDNS/DNS-SD Stack Activation Socket.
Nov 15 07:33:13 sedna systemd[1]: Listening on Avahi mDNS/DNS-SD Stack Activation Socket.
Nov 15 07:33:13 sedna systemd[1]: Starting Avahi mDNS/DNS-SD Stack...
It listens on two UDP ports:
udp 0 0 0.0.0.0:37269 0.0.0.0:* 84 77911 26781/avahi-daemon:
udp 0 0 0.0.0.0:5353 0.0.0.0:* 84 77910 26781/avahi-daemon:
Meh. I don’t use avahi anywhere and I don’t want to. Thus, I intentionally broke its config:
[server]
use-ipv4=no
use-ipv6=no
This approach sucks, but it prevents avahi from starting …
Is there a nicer or a recommended way of disabling avahi? How do you guys handle that? I can only think of the following options, none of which I consider optimal:
Compiling affected packages without support for avahi. Possibly a lot of work, maybe requires patching stuff.
Configure affected packages so that they don’t try to launch avahi. I thought I already did that. (I’m pretty sure cups is to blame.)
Try to fiddle with DBus and systemd, so avahi won’t get started automatically. Possibly unreliable.
Switch to Gentoo and hope that USE flags allow you to disable it globally.
Thanks in advance.
Last edited by Vain (2014-11-15 14:50:05)
Offline
Mask the service maybe?? TBH i don't see any harm from having it running.
Offline
Thanks! Much better.
I didn’t realize that masking also applies to DBus activation. In retrospect, it’s pretty obvious—as always.
Offline
Are you sure masking it solves the issue?
After a reboot, it is running again.
Gozer ~ # ls -la /etc/systemd/system/avahi-daemon.service
lrwxrwxrwx 1 root root 9 17 nov 16.48 /etc/systemd/system/avahi-daemon.service -> /dev/null
Gozer ~ # systemctl status avahi-daemon
● avahi-daemon.service
Loaded: masked (/dev/null)
Active: active (running) since lun 2014-11-17 16:41:04 CET; 7min ago
Main PID: 5257 (avahi-daemon)
Status: "avahi-daemon 0.6.31 starting up."
CGroup: /system.slice/avahi-daemon.service
├─5257 avahi-daemon: running [Gozer.local]
└─5258 avahi-daemon: chroot helper
Gozer ~ #
-EDIT-
Even disabling AND masking it doesn't work here.
Last edited by kokoko3k (2014-11-17 15:57:13)
Help me to improve ssh-rdp !
Retroarch User? Try my koko-aio shader !
Offline
Well, I masked them all:
$ l /etc/systemd/system/avahi*
lrwxrwxrwx 1 root root 9 11-15 15:38 │ /etc/systemd/system/avahi-daemon.service -> /dev/null
lrwxrwxrwx 1 root root 9 11-15 15:38 │ /etc/systemd/system/avahi-daemon.socket -> /dev/null
lrwxrwxrwx 1 root root 9 11-15 15:38 │ /etc/systemd/system/avahi-dnsconfd.service -> /dev/null
And I guess the socket is the important one when it comes to DBus activation:
$ journalctl | grep avahi | tail -n 1
Nov 17 17:44:02 pinguin dbus[373]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.Avahi.service': Unit avahi-daemon.socket is masked.
Offline
ok thanks, i've missed that.
Last edited by kokoko3k (2014-11-17 16:51:45)
Help me to improve ssh-rdp !
Retroarch User? Try my koko-aio shader !
Offline
I’ve avoided to explain this because it might easily turn this thread into a religious discussion.
Let me just say this: I use my notebook on public networks. As avahi binds to 0.0.0.0, lots of random strangers are able to reach it. I don’t like that.
Offline
Offline
I just ran into this on a server I'm configuring. As far as I can tell, you can't disable avahi since it auto-loads from dbus and it breaks things like Samba if you remove it or stop it from running.
Edit /etc/avahi/avahi-daemon.conf
Under [server]
allow-interfaces=<your ethernet device>
deny-interfaces=<other ethernet device>
Under [publish]
disable-publishing=yes
And then 'systemctl restart avahi-daemon.service'
According to avahi docs, this starts avahi in query-only mode. You will see scary looking error messages with 'journactl -u avahi-daemon -b -0' but avahi will start and let the things that depend on it work.
I can see a use case for a laptop where you set the 'deny-interfaces' to the wireless NIC and set the wired ethernet device under 'allow-interfaces'.
That way, no one can see your services/resources when on wireless (but you can see them - use 'avahi-browse') and then when you are at your home/office and plugged into a wired network, avahi works as expected.
In any case, the 'disable-publishing=yes' definitely "disables" avahi as best I can tell. Maybe this should be in the wiki.
Offline
Maybe I have a clean solution that's not breaking anything and not requiring any manual edit of any system file:
sudo systemctl disable avahi-daemon
sudo systemctl stop avahi-daemon
The point to me isn't whether it harms or not if you leave it running.
The point to me is that I know I don't need it and I want it not to run.
Maybe Computers Will Never Become As Intelligent
As Humans. Surely They Won't Ever Become So Stupid.
Offline
Please don't necrobump an already solved thread with a solution that has already proven to be ineffective over the course of the thread. disabling a service won't prevent it from being brought up again through socket/dbus activation.
https://wiki.archlinux.org/index.php/Co … bumping.22
Closing.
Last edited by V1del (2018-02-25 19:17:29)
Offline
Pages: 1
Topic closed