From owner-freebsd-rc@FreeBSD.ORG Fri Jun 9 14:31:48 2006 Return-Path: X-Original-To: freebsd-rc@FreeBSD.org Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6412E16A474 for ; Fri, 9 Jun 2006 14:31:48 +0000 (UTC) (envelope-from erdgeist@erdgeist.org) Received: from elektropost.org (elektropost.org [80.237.196.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 29B1343D7B for ; Fri, 9 Jun 2006 14:31:46 +0000 (GMT) (envelope-from erdgeist@erdgeist.org) Received: (qmail 69263 invoked by uid 0); 9 Jun 2006 14:31:39 -0000 Received: from fnord.cryptophone.de (HELO ?10.1.1.71?) (erdgeist@erdgeist.org@62.220.7.20) by elektropost.org with AES256-SHA encrypted SMTP; 9 Jun 2006 14:31:39 -0000 Message-ID: <4489864C.5020208@erdgeist.org> Date: Fri, 09 Jun 2006 16:31:40 +0200 From: Dirk Engling User-Agent: Thunderbird 1.5.0.4 (Macintosh/20060530) MIME-Version: 1.0 To: Matteo Riondato References: <448604F0.9070406@erdgeist.org> <1149638754.7125.8.camel@localhost> <20060607121545.GB968@krapfengeist> In-Reply-To: <20060607121545.GB968@krapfengeist> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: deyan.dyankov@gmail.com, freebsd-rc , Florent Thoumie Subject: Re: New feature exec_afterstart X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jun 2006 14:31:48 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matteo Riondato wrote: > Well, before committing it, I tried to imagine a situation where the > new feature would have been useful and came up to the conclusion that > someone may want to run a service (daemon) that requires another > daemon running or just want to have 2 services running in the same > jail. He has a minimal jail, with just the binaries and the required > libraries installed, and that's why sh is absent. So you cared to strip everything down to have only the libraries, /etc and users needed for your service. Then want to add another service. You carefully strip down another jail too, merge these two jails and still don't want to just copy /bin/sh into it in order to kludge another daemon onto that jail from the outside, ignoring everything the rc script set could deliver? > Why should he run another jail? IMHO using exec_afterstart is a more > linear approach than running two jails with the same jailroot/IP. I do not see the point here. I consider jailing two distinct services with no need to communicate except sharing the file system more straight forward than introducing a strange list which seems to be laid out to do very ugly things normally done by /usr/local/etc/rc.d... Further, I think, computers do count a lot better than humans do. I dislike the idea of enumerating things the way it is done there. Renumbering is a PITA, forgetting a value leads to confusing errors, in theory you can shuffle the whole list to make it unreadable at all. > What is more, I'm not sure that having the two services running in two > different jails will not interfere with their > functionality/communication with the other. I haven't examples > of such interference so I'm ready to be proved wrong. :) Having set up dozens of installations with several hundred jails I can assure you: the urge to run multiple services with the need to communicate rectifies invoking /etc/rc, if they don't need to communicate besides IP, don't put them into one jail. > I hope my poorly-written explanation was enough to convince you of the > usefulness of exec_afterstart. I am sorry. No :) But since I am not a commiter I am not the one to convince. erdgeist -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (Darwin) iD8DBQFEiYZLImmQdUyYEgkRAq0OAJ9//yxrm8x1SFyCEaeM4+PHBLEhrwCfYi86 P17ej15zS332e7ap/TNi+kg= =olG/ -----END PGP SIGNATURE-----