From owner-freebsd-rc@FreeBSD.ORG Sun Dec 1 21:13:22 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C204DA7A; Sun, 1 Dec 2013 21:13:22 +0000 (UTC) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4D0CB1ABC; Sun, 1 Dec 2013 21:13:22 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [81.2.117.99]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.7/8.14.7) with ESMTP id rB1LDHlX076565 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Sun, 1 Dec 2013 21:13:17 GMT (envelope-from m.seaman@infracaninophile.co.uk) DKIM-Filter: OpenDKIM Filter v2.8.3 smtp.infracaninophile.co.uk rB1LDHlX076565 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1385932397; bh=XQe4f1NxJAd/ajWh0qW2FZleK1odyVHMwsUsc/JNerM=; h=Date:From:To:Subject:References:In-Reply-To; z=Date:=20Sun,=2001=20Dec=202013=2021:13:09=20+0000|From:=20Matthew =20Seaman=20|To:=20Daniel=20Gerzo =20,=20freebsd-rc@freebsd.org|Subject:=20Re:=2 0devfs=20and=20late=20file=20systems|References:=20<52900DA8.30901 02@FreeBSD.org>|In-Reply-To:=20<52900DA8.3090102@FreeBSD.org>; b=Ezk5Jea7R4lksMzyTa8uP2cTnFkhXBEH2knAtl8vKznMPHLgArAs776M1VXf2+xfF JMymL/xoFXVHdywFb9ZeZD4zWTEBROr+inl25zq8TZK/FT9L+vjd5kXgsA/yUFEFzt GpVp4o65LtczdnfbKNN60ICzNHr1kHIfuW50syso= Message-ID: <529BA665.7040703@infracaninophile.co.uk> Date: Sun, 01 Dec 2013 21:13:09 +0000 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:24.0) Gecko/20100101 Thunderbird/24.1.1 MIME-Version: 1.0 To: Daniel Gerzo , freebsd-rc@freebsd.org Subject: Re: devfs and late file systems References: <52900DA8.3090102@FreeBSD.org> In-Reply-To: <52900DA8.3090102@FreeBSD.org> X-Enigmail-Version: 1.6 OpenPGP: id=E7F39EBF Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ijglIrJfjr9lWO5l1tchxdHPBI060RbXM" X-Virus-Scanned: clamav-milter 0.98 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.5 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Dec 2013 21:13:22 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ijglIrJfjr9lWO5l1tchxdHPBI060RbXM Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 23/11/2013 02:06, Daniel Gerzo wrote: > Hello, >=20 > I am using a root on zfs setup with mounts handled by zfs itself (i.e. > not legacy mountpoints through fstab). Furthermore I am using service > jails to separate things. I am running named in one of such jails. > Obviously I need devfs, and therefore I have added this to my fstab: >=20 > devfs /jails/named/var/named/dev devfs rw,late 0 0 >=20 > I had to add the late keyword to fstab because without it the system > wouldn't boot because fstab mounts (mountcritlocal rc.d script) are > handled just before zfs and as such the system wouldn't have such path > available yet. >=20 > Moreover, named needs only a few dev entries and as such I wanted to > apply my devfs ruleset, so I added this to rc.conf: >=20 > devfs_set_rulesets=3D"/jails/named/var/named/dev=3Ddevfsrules_named" >=20 > However, this fails during system startup because when the devfs rc.d > script is run, the filesystems marked as late are not mounted yet. >=20 > There are two obvious options to fix this issue: > - we can either move zfs before mountcritlocal which would also fix thi= s > issue with having to use the late filesystems in fstab, or > - we can move mountlate before devfs. >=20 > I guess the second option is safer (just add mountlate to REQUIRE: line= > of devfs) but I may be missing something. Can someone fix this in src, > or should I? >=20 > Thank you! >=20 > PS: I am not subscribed to this list so please keep me cc:ed >=20 Assming your jail is tagged as 'named' in rc.conf, create a file /etc/fstab.named with your devfs mount details in there. Then add jail_mount_enable=3D"YES" (applies to all jails) or jail_named_mount_enable=3D"YES" (just for that jail) /etc/rc.d/jail will mount the contents of /etc/fstab.named at jail startup time, which is well after all the zfs mounts have happened. See rc.conf(5) for details. =09 Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey JID: matthew@infracaninophile.co.uk --ijglIrJfjr9lWO5l1tchxdHPBI060RbXM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJ8BAEBCgBmBQJSm6ZtXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2NTNBNjhCOTEzQTRFNkNGM0UxRTEzMjZC QjIzQUY1MThFMUE0MDEzAAoJELsjr1GOGkATOrAQAI5zFzTf7Oc5yyy54m1oiR3H eUkIrDl4bQFZJ0CeDeUiDmtIeLbXBCWs7BOS8Y7DQaVULnGgZa22G7/QKSVQILx6 nCYV2ktCWFzhJ0ccTBSGdEYtlqPiOhbsi9brvgZ/TgGrYrXiOMjCxk0OT2l4eIgb QbmHewYgXOn/3mXlWCGYKy+I9MSdgkaKmefbhxZi9hcErlvtCeN9QXq5GsrzoQUW dXqCBhtC9gpoKuTTPJMMvBGL1eqfMJNGxu3tJxzyMP7M3S7ITPtyt0PnAKqvST3L SSoEMXkIITLoScgE0wXOjrMqbD89U+lxdMlPsYbFrBDS/tV6arGM/c4OW7izhArn kDD70VCg8yqPge7439eIiMTzCJWKAOp0b6MwXlJazdDN139JErWzqMjJ4pP0ZXmP dLylAdKF/NOGnCS2HqtQ0x3d8Cj7SwYPp43cxwM3Rq+gciv83Bo+V41FSr0UjKaR NSU+eaWgZmaUm2cK6YxMmuPaaiuKgxQpte28LpbkYQP0npho/fXVftE6kVdCrPBk Xt2Am4dtRmoPZjc1RUcXp7TSCA/imoNAo3ECXUBk8jkt0Sas/3/xPzdBo2pLJMlu oyWwozOVMbIRwskdgBMRLeG8OtWQwlhkTor7LYF4vObQKBwKI8mbHUoVWdSr16LO tbt9i0mZkTFjptlAalAf =JIia -----END PGP SIGNATURE----- --ijglIrJfjr9lWO5l1tchxdHPBI060RbXM-- From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 02:20:46 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1E1CFF8F for ; Mon, 2 Dec 2013 02:20:46 +0000 (UTC) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id A60F41679 for ; Mon, 2 Dec 2013 02:20:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:subject:content-type; s=smtpapi; bh=1zLLwnoUsZ529IgdekXGBGaQyxg=; b=Xyoa/fOgkbF4I8oyDdWKADcAKmQdq V/V9reqMErTCchiMTAyY9ZcH+Ym/FeP/OLyRhA3dsK/OF+iTMlppetrtxUfKbtSW IWcXPQoD9ycEheXTZvHa0OeItn13Kcg+Sm0cSkhROFiY54EXxH7Oz+I52rDGJD0D CHu1Lii6+f0qdU= Received: by mf159.sendgrid.net with SMTP id mf159.3669.529BEE765 Mon, 02 Dec 2013 02:20:38 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.15]) by mi59 (SG) with ESMTP id 142b11b8035.4d5d.409239 for ; Sun, 01 Dec 2013 20:20:38 -0600 (CST) Received: (qmail 99131 invoked from network); 2 Dec 2013 02:20:37 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 2 Dec 2013 02:20:37 -0000 Received: (qmail 19497 invoked from network); 2 Dec 2013 02:18:03 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 2 Dec 2013 02:18:03 -0000 Message-ID: <529BEDDB.8010003@freebsd.org> Date: Sun, 01 Dec 2013 18:18:03 -0800 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: freebsd-rc@FreeBSD.org Subject: RFC: support for re-sourcing /etc/rc.conf X-Enigmail-Version: 1.5.2 Content-Type: multipart/mixed; boundary="------------020807080703050704060006" X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqWf2aG9kWJFKMP/Upunl2C6On6SSqj0OBHkEYpxNfWxkdt/8K0uF/6qb3Nf5OA7evBtU7j96KRSECvNaj+41b+jp1SfFx9gyb6D8/Uac7E7B7+/1G+6H2AzujvBPw+Tdzg= X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 02:20:46 -0000 This is a multi-part message in MIME format. --------------020807080703050704060006 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Hi all, I'd like to commit the attached patch to /etc/rc. When SIGALRM is received, it reloads /etc/rc.conf; this makes it possible for an rc.d script to perform first-boot system configuration and have it reflected by other rc.d scripts. In particular, this will allow me to provide EC2 user-data of >>/etc/rc.conf firstboot_pkgs_enable="YES" firstboot_pkgs_list="apache22" to an image with the sysutils/ec2-scripts and sysutils/firstboot-pkgs ports installed, and have a system running with apache22 installed moments later. The first signal which came to mind for this was SIGHUP, since that's used by many daemons for "reload configuration file", but for some reason that signal never arrives at /etc/rc -- so I switched to SIGALRM, which works just fine. I'd like to get this into the tree as soon as possible in order to maximize my odds of convincing re@ that "rc.conf can't be re-sourced after it has been modified during boot" is a bug which should be fixed in 10.0-RELEASE. Comments? -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid --------------020807080703050704060006 Content-Type: text/plain; charset=us-ascii; name="rc-sigalrm.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="rc-sigalrm.patch" Index: etc/rc =================================================================== --- etc/rc (revision 258085) +++ etc/rc (working copy) @@ -71,6 +71,11 @@ . /etc/rc.subr load_rc_config 'XXX' +# If we receive a SIGALRM, re-source /etc/rc.conf; this allows rc.d +# scripts to perform "boot-time configuration" including enabling and +# disabling rc.d scripts which appear later in the boot order. +trap "_rc_conf_loaded=false; load_rc_config 'XXX'" ALRM + skip="-s nostart" if [ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]; then skip="$skip -s nojail" --------------020807080703050704060006-- From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 06:12:36 2013 Return-Path: Delivered-To: freebsd-rc@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6043E115; Mon, 2 Dec 2013 06:12:36 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 31EE0143E; Mon, 2 Dec 2013 06:12:36 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rB26Catg033739; Mon, 2 Dec 2013 06:12:36 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rB26CZpf033738; Mon, 2 Dec 2013 06:12:36 GMT (envelope-from linimon) Date: Mon, 2 Dec 2013 06:12:36 GMT Message-Id: <201312020612.rB26CZpf033738@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-rc@FreeBSD.org From: linimon@FreeBSD.org Subject: Re: conf/184355: [rc.firefall] [patch] ipfw failed to restart if tables are used X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 06:12:36 -0000 Old Synopsis: ipfw failed to restart if tables are used New Synopsis: [rc.firefall] [patch] ipfw failed to restart if tables are used Responsible-Changed-From-To: freebsd-bugs->freebsd-rc Responsible-Changed-By: linimon Responsible-Changed-When: Mon Dec 2 06:11:48 UTC 2013 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=184355 From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 11:06:53 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 317CCBA6 for ; Mon, 2 Dec 2013 11:06:53 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 1C16F195D for ; Mon, 2 Dec 2013 11:06:53 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rB2B6qOs007852 for ; Mon, 2 Dec 2013 11:06:52 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rB2B6q5h007850 for freebsd-rc@FreeBSD.org; Mon, 2 Dec 2013 11:06:52 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 2 Dec 2013 11:06:52 GMT Message-Id: <201312021106.rB2B6q5h007850@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-rc@FreeBSD.org Subject: Current problem reports assigned to freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 11:06:53 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/184355 rc [rc.firefall] [patch] ipfw failed to restart if tables o conf/181625 rc [patch] add rc.d/ script for freebsd-update o conf/180183 rc [rc.d] rc.d allows scripts without rcvar set to start o conf/179828 rc [rc.d] [PATCH] rc.d/syslogd link socket to /dev/log fa o conf/177217 rc [patch] rc.d/ddb -- squelch warning when ddb_enable=ye o conf/177089 rc ntpd startup script does not work well o conf/176347 rc [rc.conf] [patch] Add support for firewall deny lists o conf/176181 rc [rc.subr] rc.subr emitting warnings for non-defined xx o conf/175311 rc [patch] add "dump" fs type support to rc.d/dumpon o conf/175105 rc /etc/rc.d/* and more: syntax 'return_boolean_cmd && do o conf/175079 rc [rc.subr] [patch] rc.subr poorly handles recursive run o bin/173153 rc [rc.d] [patch] $netwait_ip should be more parallel o conf/172787 rc [rc.conf] FreeBSD 9.x broken alias syntax on vlan inte o conf/172532 rc [rc] [patch] service routing restart always fails o conf/169047 rc [rc.subr] [patch] /etc/rc.subr not checking some scrip p bin/168544 rc [patch] [rc]: addswap-mounted swapfiles cause panic on o conf/167566 rc [rc.d] [patch] ipdivert module loading vs. ipfw rc.d o o conf/166484 rc [rc] [patch] rc.initdiskless patch for different major o conf/165769 rc [rc][jai][ipv6] IPv6 Initialization on external iface o conf/164393 rc [rc.d] restarting netif with static addresses doesn't o conf/163508 rc [rc.subr] [patch] Add "enable" and "disable" commands o conf/163488 rc Confusing explanation in defaults/rc.conf o conf/163321 rc [rc.conf] [patch] allow _fib syntax in rc.conf o conf/162642 rc .sh scripts in /usr/local/etc/rc.d get executed, not s o conf/161107 rc [rc] stop_boot in mountcritlocal usage is incorrect. o conf/160403 rc [rc] [patch] concurrently running rc-scripts during bo o conf/160240 rc rc.d/mdconfig and mdconfig2 should autoset $_type to v o conf/159846 rc [rc.conf] routing_stop_inet6() logic doesn't handle ip o conf/158557 rc [patch] /etc/rc.d/pf broken messages o conf/158127 rc [patch] remount_optional option in rc.initdiskless doe o conf/153666 rc [rc.d][patch] mount filesystems from fstab over zfs da o conf/153200 rc post-boot /etc/rc.d/network_ipv6 start can miss neighb o conf/153123 rc [rc] [patch] add gsched rc file to automatically inser o conf/150474 rc [patch] rc.d/accounting: Add ability to set location o o conf/149867 rc [PATCH] rc.d script to manage multiple FIBS (kern opti o conf/149831 rc [PATCH] add support to /etc/rc.d/jail for delegating Z o conf/148656 rc rc.firewall(8): {oip} and {iip} variables in rc.firewa o conf/147685 rc [rc.d] [patch] new feature for /etc/rc.d/fsck o conf/147444 rc [rc.d] [patch] /etc/rc.d/zfs stop not called on reboot o conf/146053 rc [patch] [request] shutdown of jails breaks inter-jail o conf/145399 rc [patch] rc.d scripts are unable to start/stop programs o conf/145009 rc [patch] rc.subr(8): rc.conf should allow mac label con o conf/143637 rc [patch] ntpdate(8) support for ntp-servers supplied by o conf/143085 rc [patch] ftp-proxy(8) rc(8) with multiple instances a conf/142973 rc [jail] [patch] Strange counter init value in jail rc o conf/142434 rc [patch] Add cpuset(1) support to rc.subr(8) o conf/142304 rc rc.conf(5): mdconfig and mdconfig2 rc.d scripts lack e o conf/141909 rc rc.subr(8): [patch] add rc.conf.d support to /usr/loca o conf/141678 rc [patch] A minor enhancement to how /etc/rc.d/jail dete o conf/140440 rc [patch] allow local command files in rc.{suspend,resum o conf/140261 rc [patch] Improve flexibility of mdconfig2 startup scrip p conf/138208 rc [rc.d] [patch] Making rc.firewall (workstation) IPv6 a o conf/137271 rc [rc.d] Cannot update /etc/host.conf when root filesyst o conf/136624 rc [rc.d] sysctl variables for ipnat are not applied on b o conf/134918 rc [patch] rc.subr fails to detect perl daemons o conf/134660 rc [patch] rc-script for initializing ng_netflow+ng_ipfw o conf/134333 rc PPP configuration problem in the rc.d scripts in combi o conf/133890 rc [patch] sshd(8): add multiple profiles to the rc.d scr o conf/128299 rc [patch] /etc/rc.d/geli does not mount partitions using o conf/126392 rc [patch] rc.conf ifconfig_xx keywords cannot be escaped o conf/124747 rc [patch] savecore can't create dump from encrypted swap o conf/124248 rc [jail] [patch] add support for nice value for rc.d/jai o conf/123734 rc [patch] Chipset VIA CX700 requires extra initializatio o conf/123222 rc [patch] Add rtprio(1)/idprio(1) support to rc.subr(8). o conf/122968 rc [rc.d] /etc/rc.d/addswap: md swapfile multiplication a o conf/122477 rc [patch] /etc/rc.d/mdconfig and mdconfig2 are ignoring o conf/122170 rc [patch] [request] New feature: notify admin via page o o kern/121566 rc [nfs] [request] [patch] ethernet iface should be broug a conf/119874 rc [patch] "/etc/rc.d/pf reload" fails if there are macro o conf/119076 rc [patch] [rc.d] /etc/rc.d/netif tries to remove alias a o bin/118325 rc [patch] [request] new periodic script to test statuses f conf/118255 rc savecore never finding kernel core dumps (rcorder prob f conf/117935 rc [patch] ppp fails to start at boot because of missing f conf/113915 rc [ndis] [patch] ndis wireless driver fails to associate o conf/108589 rc rtsol(8) fails due to default ipfw rules o conf/106009 rc [ppp] [patch] [request] Fix pppoed startup script to p f conf/105689 rc [ppp] [request] syslogd starts too late at boot f conf/105145 rc [ppp] [patch] [request] add redial function to rc.d/pp f conf/104549 rc [patch] rc.d/nfsd needs special _find_processes functi o conf/102700 rc [geli] [patch] Add encrypted /tmp support to GELI/GBDE o conf/93815 rc [patch] Adds in the ability to save ipfw rules to rc.d f conf/92523 rc [patch] allow rc scripts to kill process after a timeo o conf/89870 rc [patch] [request] make netif verbose rc.conf toggle a conf/88913 rc [patch] wrapper support for rc.subr o conf/85819 rc [patch] script allowing multiuser mode in spite of fsc o kern/81006 rc ipnat not working with tunnel interfaces on startup o conf/77663 rc Suggestion: add /etc/rc.d/addnetswap after addcritremo o conf/73677 rc [patch] add support for powernow states to power_profi a conf/58939 rc [patch] dumb little hack for /etc/rc.firewall{,6} f conf/56934 rc [patch] rc.firewall rules for natd expect an interface f conf/13775 rc multi-user boot may hang in NIS environment 91 problems total. From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 12:14:56 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 716BA54D for ; Mon, 2 Dec 2013 12:14:56 +0000 (UTC) Received: from relay.ibs.dn.ua (relay.ibs.dn.ua [91.216.196.25]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DB7721E83 for ; Mon, 2 Dec 2013 12:14:55 +0000 (UTC) Received: from ibs.dn.ua (relay.ibs.dn.ua [91.216.196.25]) by relay.ibs.dn.ua with ESMTP id rB2CALcA040738; Mon, 2 Dec 2013 14:10:22 +0200 (EET) Message-ID: <20131202141021.40736@relay.ibs.dn.ua> Date: Mon, 02 Dec 2013 14:10:21 +0200 From: "Zeus Panchenko" To: "Matthew Seaman" Subject: Re: rc dependencies ... In-reply-to: Your message of Mon, 16 Sep 2013 21:41:35 +0100 <52376CFF.60009@infracaninophile.co.uk> References: <20130916114741.99386@relay.ibs.dn.ua> <52374988.7030901@infracaninophile.co.uk> <20130916223753.73555@relay.ibs.dn.ua> <52376CFF.60009@infracaninophile.co.uk> Organization: I.B.S. LLC X-Mailer: MH-E 8.3.1; GNU Mailutils 2.99.98; GNU Emacs 24.0.93 X-Face: &sReWXo3Iwtqql1[My(t1Gkx; y?KF@KF`4X+'9Cs@PtK^y%}^.>Mtbpyz6U=,Op:KPOT.uG )Nvx`=er!l?WASh7KeaGhga"1[&yz$_7ir'cVp7o%CGbJ/V)j/=]vzvvcqcZkf; JDurQG6wTg+?/xA go`}1.Ze//K; Fk&/&OoHd'[b7iGt2UO>o(YskCT[_D)kh4!yY'<&:yt+zM=A`@`~9U+P[qS:f; #9z~ Or/Bo#N-'S'!'[3Wog'ADkyMqmGDvga?WW)qd=?)`Y&k=o}>!ST\ MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Cc: freebsd-rc@freebsd.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Zeus Panchenko List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 12:14:56 -0000 =2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matthew Seaman wrote: > > is it correct? > Hmmm... doesn't look right. Check what the PROVIDES lines in isc-dhcpd > [*] and slapd actually say -- usually they're the same as the name of > ... > I figured it out that I need it look this way: #> cat /usr/local/etc/rc.d/1order #!/bin/sh # # Make isc-dhcpd start after openvpn and slapd # PROVIDE: precedence # REQUIRE: slapd openvpn # BEFORE: dhcpd it resolves to this scenary: #> rcorder /etc/rc.d/* /usr/local/etc/rc.d/* ... /etc/rc.d/yppasswdd /usr/local/etc/rc.d/openvpn /usr/local/etc/rc.d/slapd /usr/local/etc/rc.d/1order /usr/local/etc/rc.d/isc-dhcpd /usr/local/etc/rc.d/smartd /etc/rc.d/LOGIN ... so, now another question: where to can I set `sleep 2' to wait for a 2 seco= nds after openvpn but before slapd start?=20 since openvpn inteface starts not instantly I have to be sure slapd will be able to find master for replication, which is behind openvpn interface. =2D --=20 Zeus V. Panchenko jid:zeus@im.ibs.dn.ua IT Dpt., I.B.S. LLC GMT+2 (EET) =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlKceK0ACgkQr3jpPg/3oyr7AACdGVHU74l6ZYNkZSo4Pwo4EED8 ZT0An1Ihq9QfiALGljthCBacB6Ch0dFV =3D2Me0 =2D----END PGP SIGNATURE----- From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 12:49:21 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 071ADE36; Mon, 2 Dec 2013 12:49:21 +0000 (UTC) Received: from mail.allbsd.org (gatekeeper.allbsd.org [IPv6:2001:2f0:104:e001::32]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id DEE9510AC; Mon, 2 Dec 2013 12:49:16 +0000 (UTC) Received: from alph.d.allbsd.org (p4181-ipbf1307funabasi.chiba.ocn.ne.jp [123.225.173.181]) (authenticated bits=128) by mail.allbsd.org (8.14.5/8.14.5) with ESMTP id rB2CmvSh073639 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 2 Dec 2013 21:49:08 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0) by alph.d.allbsd.org (8.14.7/8.14.5) with ESMTP id rB2CmuhM009062; Mon, 2 Dec 2013 21:48:57 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Mon, 02 Dec 2013 21:48:53 +0900 (JST) Message-Id: <20131202.214853.1540734630471865242.hrs@allbsd.org> To: cperciva@FreeBSD.org Subject: Re: RFC: support for re-sourcing /etc/rc.conf From: Hiroki Sato In-Reply-To: <529BEDDB.8010003@freebsd.org> References: <529BEDDB.8010003@freebsd.org> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.5 on Emacs 24.3 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Mon_Dec__2_21_48_53_2013_854)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.4 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (mail.allbsd.org [133.31.130.32]); Mon, 02 Dec 2013 21:49:08 +0900 (JST) X-Spam-Status: No, score=-99.1 required=13.0 tests=CONTENT_TYPE_PRESENT, SPF_SOFTFAIL,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on gatekeeper.allbsd.org Cc: freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 12:49:21 -0000 ----Security_Multipart(Mon_Dec__2_21_48_53_2013_854)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Colin Percival wrote in <529BEDDB.8010003@freebsd.org>: cp> Hi all, cp> cp> I'd like to commit the attached patch to /etc/rc. When SIGALRM is received, cp> it reloads /etc/rc.conf; this makes it possible for an rc.d script to perform cp> first-boot system configuration and have it reflected by other rc.d scripts. cp> cp> In particular, this will allow me to provide EC2 user-data of cp> >>/etc/rc.conf cp> firstboot_pkgs_enable="YES" cp> firstboot_pkgs_list="apache22" cp> to an image with the sysutils/ec2-scripts and sysutils/firstboot-pkgs ports cp> installed, and have a system running with apache22 installed moments later. cp> cp> The first signal which came to mind for this was SIGHUP, since that's used cp> by many daemons for "reload configuration file", but for some reason that cp> signal never arrives at /etc/rc -- so I switched to SIGALRM, which works cp> just fine. cp> cp> I'd like to get this into the tree as soon as possible in order to maximize cp> my odds of convincing re@ that "rc.conf can't be re-sourced after it has been cp> modified during boot" is a bug which should be fixed in 10.0-RELEASE. cp> cp> Comments? I am not familiar with sysutils/firstboot-pkgs and its use case, but is it correct that packages are installed during /etc/rc and then rc.conf will be updated before rc.d scripts for the installed packages run from /etc/rc? Where and when SIGALRM is sent from? -- Hiroki ----Security_Multipart(Mon_Dec__2_21_48_53_2013_854)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (FreeBSD) iEYEABECAAYFAlKcgbUACgkQTyzT2CeTzy2mEQCg1zl2wm9ehmgs7nFLcpy0hGKl nicAn38Jt0gHhaYmfE0g/zYPF0GnhtS0 =V1pk -----END PGP SIGNATURE----- ----Security_Multipart(Mon_Dec__2_21_48_53_2013_854)---- From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 13:37:02 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ACD42223 for ; Mon, 2 Dec 2013 13:37:02 +0000 (UTC) Received: from services.syscare.sk (services.syscare.sk [188.40.39.36]) by mx1.freebsd.org (Postfix) with ESMTP id 69CE013B6 for ; Mon, 2 Dec 2013 13:37:02 +0000 (UTC) Received: from services.syscare.sk (services.syscare.sk [188.40.39.36]) by services.syscare.sk (Postfix) with ESMTP id B5849C6B7; Mon, 2 Dec 2013 14:36:54 +0100 (CET) X-Virus-Scanned: amavisd-new at rulez.sk Received: from services.syscare.sk ([188.40.39.36]) by services.syscare.sk (services.rulez.sk [188.40.39.36]) (amavisd-new, port 10024) with ESMTP id gVaxeAKp1-1Q; Mon, 2 Dec 2013 14:36:52 +0100 (CET) Received: from hosting.syscare.sk (hosting [188.40.39.37]) by services.syscare.sk (Postfix) with ESMTP id 57709C6AF; Mon, 2 Dec 2013 14:36:52 +0100 (CET) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Mon, 02 Dec 2013 14:36:52 +0100 From: Daniel Gerzo To: Matthew Seaman Subject: Re: devfs and late file systems Organization: The FreeBSD Project In-Reply-To: <529BA665.7040703@infracaninophile.co.uk> References: <52900DA8.3090102@FreeBSD.org> <529BA665.7040703@infracaninophile.co.uk> Message-ID: X-Sender: danger@FreeBSD.org User-Agent: Roundcube Webmail/0.7.2 Cc: freebsd-rc@freebsd.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 13:37:02 -0000 On 2013-12-01 22:13, Matthew Seaman wrote: > On 23/11/2013 02:06, Daniel Gerzo wrote: >> Hello, >> >> I am using a root on zfs setup with mounts handled by zfs itself (i.e. >> not legacy mountpoints through fstab). Furthermore I am using service >> jails to separate things. I am running named in one of such jails. >> Obviously I need devfs, and therefore I have added this to my fstab: >> >> devfs /jails/named/var/named/dev devfs rw,late 0 0 >> >> I had to add the late keyword to fstab because without it the system >> wouldn't boot because fstab mounts (mountcritlocal rc.d script) are >> handled just before zfs and as such the system wouldn't have such path >> available yet. >> >> Moreover, named needs only a few dev entries and as such I wanted to >> apply my devfs ruleset, so I added this to rc.conf: >> >> devfs_set_rulesets="/jails/named/var/named/dev=devfsrules_named" >> >> However, this fails during system startup because when the devfs rc.d >> script is run, the filesystems marked as late are not mounted yet. >> >> There are two obvious options to fix this issue: >> - we can either move zfs before mountcritlocal which would also fix >> this >> issue with having to use the late filesystems in fstab, or >> - we can move mountlate before devfs. >> >> I guess the second option is safer (just add mountlate to REQUIRE: >> line >> of devfs) but I may be missing something. Can someone fix this in src, >> or should I? >> >> Thank you! >> >> PS: I am not subscribed to this list so please keep me cc:ed >> > > Assming your jail is tagged as 'named' in rc.conf, create a file > /etc/fstab.named with your devfs mount details in there. Then add > > jail_mount_enable="YES" (applies to all jails) > > or > > jail_named_mount_enable="YES" (just for that jail) > > /etc/rc.d/jail will mount the contents of /etc/fstab.named at jail This is actually a way to avoid the late keyword from the fstab, however this doesn't seem to solve the issue of applying the devfs rules from rc.conf. > startup time, which is well after all the zfs mounts have happened. From my quick inspection of the scripts and rcorder it seems like the devfs script which applies the devfs rules is run quite soon (before mountlate) and thus when I start my jails the devfs script is not going to be run again and thus my rules won't apply. Note that named is chrooted in the jail and needs the devfs in /var/named/dev and therefore I can't use the standard jail_example_devfs_enable="NO" jail_example_devfs_ruleset="ruleset_name" Or am I missing somethnig? -- Kind regards Daniel From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 18:47:50 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AAA85158 for ; Mon, 2 Dec 2013 18:47:50 +0000 (UTC) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 3AFC31BC1 for ; Mon, 2 Dec 2013 18:47:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=ioF5pPeiszB57n2Tx1+nhFt2Ufs=; b=ayJNB8C43YcJv6GySQ a65KMey+iPCx2TRxoJKkQScwShTOqPavlQ45gJCFnw+VMDqCotXw4By9ZSWJPhHr VVTHaxaYfB9ahi0j3E7VjCFCaDxzJKuOk4zjHMBzgXHOYl8P+SnlWG9XgKpZ1AmA 9D2M9586TSK33VH/Pn+wnlBVc= Received: by mf82.sendgrid.net with SMTP id mf82.14260.529CD5D48 Mon, 02 Dec 2013 18:47:48 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.15]) by mi65 (SG) with ESMTP id 142b4a346cd.3eb8.645f43 for ; Mon, 02 Dec 2013 12:47:48 -0600 (CST) Received: (qmail 31134 invoked from network); 2 Dec 2013 18:47:47 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 2 Dec 2013 18:47:47 -0000 Received: (qmail 24413 invoked from network); 2 Dec 2013 18:45:09 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 2 Dec 2013 18:45:09 -0000 Message-ID: <529CD535.5010903@freebsd.org> Date: Mon, 02 Dec 2013 10:45:09 -0800 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Hiroki Sato Subject: Re: RFC: support for re-sourcing /etc/rc.conf References: <529BEDDB.8010003@freebsd.org> <20131202.214853.1540734630471865242.hrs@allbsd.org> In-Reply-To: <20131202.214853.1540734630471865242.hrs@allbsd.org> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqWjJw39r1RXuPMD9Tlta9xSfN4vuTWkGgMYWhvLniBrk+GmGiAHknn2BBv1OOuPno0Ea2OKtJ7HyVUx82v70GvuzcJEQKHweKHYoLiXlwwsPV29Ii4kwpfHzu/ed+RTftY= Cc: freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 18:47:50 -0000 On 12/02/13 04:48, Hiroki Sato wrote: > Colin Percival wrote: > cp> I'd like to commit the attached patch to /etc/rc. When SIGALRM is received, > cp> it reloads /etc/rc.conf; this makes it possible for an rc.d script to perform > cp> first-boot system configuration and have it reflected by other rc.d scripts. > cp> > cp> In particular, this will allow me to provide EC2 user-data of > cp> >>/etc/rc.conf > cp> firstboot_pkgs_enable="YES" > cp> firstboot_pkgs_list="apache22" > cp> to an image with the sysutils/ec2-scripts and sysutils/firstboot-pkgs ports > cp> installed, and have a system running with apache22 installed moments later. > > I am not familiar with sysutils/firstboot-pkgs and its use case, but > is it correct that packages are installed during /etc/rc and then > rc.conf will be updated before rc.d scripts for the installed > packages run from /etc/rc? Where and when SIGALRM is sent from? No, the other way around -- a different script (part of ec2-scripts) updates /etc/rc.conf based on metadata provided at VM launch time. One use of this would be to set firstboot_pkgs_* variables to control the behaviour of the firstboot-pkgs port moments later in the boot process. So: 1. VM image is created with ec2-scripts and firstboot-pkgs installed. 2. VM image is launched with user-data saying "I want apache22". 3. Early in the boot process, ec2-scripts reads that user-data, updates /etc/rc.conf, and signals /etc/rc. 4. /etc/rc re-sources /etc/rc.conf. 5. Later in the boot process, firstboot-pkgs (having the new /etc/rc.conf settings loaded) installs the apache22 package. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 19:07:07 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D2C47A4C; Mon, 2 Dec 2013 19:07:07 +0000 (UTC) Received: from mail.allbsd.org (gatekeeper.allbsd.org [IPv6:2001:2f0:104:e001::32]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5031E1CFD; Mon, 2 Dec 2013 19:07:07 +0000 (UTC) Received: from alph.d.allbsd.org (p4181-ipbf1307funabasi.chiba.ocn.ne.jp [123.225.173.181]) (authenticated bits=128) by mail.allbsd.org (8.14.5/8.14.5) with ESMTP id rB2J6mC0017234 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 3 Dec 2013 04:06:59 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0) by alph.d.allbsd.org (8.14.7/8.14.5) with ESMTP id rB2J6mHR074161; Tue, 3 Dec 2013 04:06:48 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Tue, 03 Dec 2013 04:05:24 +0900 (JST) Message-Id: <20131203.040524.1967340345792909822.hrs@allbsd.org> To: cperciva@FreeBSD.org Subject: Re: RFC: support for re-sourcing /etc/rc.conf From: Hiroki Sato In-Reply-To: <529CD535.5010903@freebsd.org> References: <529BEDDB.8010003@freebsd.org> <20131202.214853.1540734630471865242.hrs@allbsd.org> <529CD535.5010903@freebsd.org> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.5 on Emacs 24.3 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Tue_Dec__3_04_05_24_2013_873)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.4 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (mail.allbsd.org [133.31.130.32]); Tue, 03 Dec 2013 04:06:59 +0900 (JST) X-Spam-Status: No, score=-99.1 required=13.0 tests=CONTENT_TYPE_PRESENT, SPF_SOFTFAIL,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on gatekeeper.allbsd.org Cc: freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 19:07:08 -0000 ----Security_Multipart(Tue_Dec__3_04_05_24_2013_873)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Colin Percival wrote in <529CD535.5010903@freebsd.org>: cp> On 12/02/13 04:48, Hiroki Sato wrote: cp> > Colin Percival wrote: cp> > cp> I'd like to commit the attached patch to /etc/rc. When SIGALRM is received, cp> > cp> it reloads /etc/rc.conf; this makes it possible for an rc.d script to perform cp> > cp> first-boot system configuration and have it reflected by other rc.d scripts. cp> > cp> cp> > cp> In particular, this will allow me to provide EC2 user-data of cp> > cp> >>/etc/rc.conf cp> > cp> firstboot_pkgs_enable="YES" cp> > cp> firstboot_pkgs_list="apache22" cp> > cp> to an image with the sysutils/ec2-scripts and sysutils/firstboot-pkgs ports cp> > cp> installed, and have a system running with apache22 installed moments later. cp> > cp> > I am not familiar with sysutils/firstboot-pkgs and its use case, but cp> > is it correct that packages are installed during /etc/rc and then cp> > rc.conf will be updated before rc.d scripts for the installed cp> > packages run from /etc/rc? Where and when SIGALRM is sent from? cp> cp> No, the other way around -- a different script (part of ec2-scripts) updates cp> /etc/rc.conf based on metadata provided at VM launch time. One use of this cp> would be to set firstboot_pkgs_* variables to control the behaviour of the cp> firstboot-pkgs port moments later in the boot process. cp> cp> So: cp> 1. VM image is created with ec2-scripts and firstboot-pkgs installed. cp> 2. VM image is launched with user-data saying "I want apache22". cp> 3. Early in the boot process, ec2-scripts reads that user-data, updates cp> /etc/rc.conf, and signals /etc/rc. cp> 4. /etc/rc re-sources /etc/rc.conf. cp> 5. Later in the boot process, firstboot-pkgs (having the new /etc/rc.conf cp> settings loaded) installs the apache22 package. So, if I understand it correctly, the ec2-scripts add $firstboot_pkgs_enable and $firstboot_pkgs_list into /etc/rc.conf and then send a signal to /etc/rc, and then the firstboot-pkg script runs. In this case, I think creating /etc/rc.conf.d/firstboot-pkg in ec2-scripts is simpler. Sourcing /etc/rc.conf happens only once, but sourcing /etc/rc.conf.d/ happens every time when "load_rc_config " is called. If firstboot-pkgs calls load_rc_config, it should work as expected without sending a signal. -- Hiroki ----Security_Multipart(Tue_Dec__3_04_05_24_2013_873)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (FreeBSD) iEYEABECAAYFAlKc2fQACgkQTyzT2CeTzy0V5ACcDIl1Bw8FqKa/37JYzttCam1m B84AoMPijmDLaeRyzQ98j7GyJutcBvVx =+UUj -----END PGP SIGNATURE----- ----Security_Multipart(Tue_Dec__3_04_05_24_2013_873)---- From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 19:17:55 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9934DD06; Mon, 2 Dec 2013 19:17:55 +0000 (UTC) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 5E4F91DBD; Mon, 2 Dec 2013 19:17:55 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.15]) by ltcfislmsgpa05.fnfis.com (8.14.5/8.14.5) with ESMTP id rB2JHrib012862 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 2 Dec 2013 13:17:54 -0600 Received: from LTCFISWMSGMB21.FNFIS.com ([169.254.1.7]) by LTCFISWMSGHT04.FNFIS.com ([10.132.206.15]) with mapi id 14.03.0158.001; Mon, 2 Dec 2013 13:17:52 -0600 From: "Teske, Devin" To: Colin Percival Subject: Re: RFC: support for re-sourcing /etc/rc.conf Thread-Topic: RFC: support for re-sourcing /etc/rc.conf Thread-Index: AQHO75MygMZmDpdBLUKyR2AQoGR8qA== Date: Mon, 2 Dec 2013 19:17:52 +0000 Message-ID: <9EF48D5E-2706-4628-BF7B-DBBD5D7E227F@fisglobal.com> References: <529BEDDB.8010003@freebsd.org> <20131202.214853.1540734630471865242.hrs@allbsd.org> <529CD535.5010903@freebsd.org> In-Reply-To: <529CD535.5010903@freebsd.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.120] Content-Type: text/plain; charset="us-ascii" Content-ID: <7564332EDB431545A8D0066267737C81@fisglobal.com> Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.72, 1.0.14, 0.0.0000 definitions=2013-12-02_03:2013-12-02,2013-12-02,1970-01-01 signatures=0 Cc: Devin Teske , FreeBSD RC X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Devin Teske List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 19:17:55 -0000 On Dec 2, 2013, at 10:45 AM, Colin Percival wrote: > On 12/02/13 04:48, Hiroki Sato wrote: >> Colin Percival wrote: >> cp> I'd like to commit the attached patch to /etc/rc. When SIGALRM is r= eceived, >> cp> it reloads /etc/rc.conf; this makes it possible for an rc.d script t= o perform >> cp> first-boot system configuration and have it reflected by other rc.d = scripts. >> cp> >> cp> In particular, this will allow me to provide EC2 user-data of >> cp> >>/etc/rc.conf >> cp> firstboot_pkgs_enable=3D"YES" >> cp> firstboot_pkgs_list=3D"apache22" >> cp> to an image with the sysutils/ec2-scripts and sysutils/firstboot-pkg= s ports >> cp> installed, and have a system running with apache22 installed moments= later. >>=20 >> I am not familiar with sysutils/firstboot-pkgs and its use case, but >> is it correct that packages are installed during /etc/rc and then >> rc.conf will be updated before rc.d scripts for the installed >> packages run from /etc/rc? Where and when SIGALRM is sent from? >=20 > No, the other way around -- a different script (part of ec2-scripts) upda= tes > /etc/rc.conf based on metadata provided at VM launch time. One use of th= is > would be to set firstboot_pkgs_* variables to control the behaviour of the > firstboot-pkgs port moments later in the boot process. >=20 sysrc(8) in 9.2+ base comes to mind. NB: Available as a port for older releases 4.8+ (sysutils/sysrc) > So: > 1. VM image is created with ec2-scripts and firstboot-pkgs installed. > 2. VM image is launched with user-data saying "I want apache22". "bsdconfig startup_rcvar" in 9.2+ base comes to mind. NB: Avaiable as a port for older releases 9.0+ (sysutils/bsdconfig) > 3. Early in the boot process, ec2-scripts reads that user-data, updates > /etc/rc.conf, and signals /etc/rc. > 4. /etc/rc re-sources /etc/rc.conf. Cool. How's the signaling in #3 done to get #4? Edit: Hiroki suggests using using /etc/rc.conf.d/{name} Edit: "sysrc -f /etc/rc.conf.d/{name} firstboot_pkgs_{blah}=3Detc" comes to= mind > 5. Later in the boot process, firstboot-pkgs (having the new /etc/rc.conf > settings loaded) installs the apache22 package. >=20 /usr/share/bsdconfig/packages/packages.subr in 9.2+ base comes to mind. Library for installing packages from a script (from any media device). In 11.0-CURRENT, you have realtime API documentation: bsdconfig includes packages/packages or more specifically... bsdconfig includes -dF package_add Will display full description of the API function, f_package_add(). In 9.2-R or 9-STABLE (after SVN r252995), it uses pkg-tools. In 10.0-BETA4 or 10-STABLE (after SVN r258420) or higher, it uses pkgng. FYI: I like the idea of firstboot_pkgs_* I also like Hiroki's idea of stashing it all into rc.conf.d --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you. From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 19:25:37 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 205C0A9 for ; Mon, 2 Dec 2013 19:25:37 +0000 (UTC) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id A4BA61E62 for ; Mon, 2 Dec 2013 19:25:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=GxPL7yp0mrRzpiBYBdJxg1FBZvI=; b=CaUiEb4YuYq9sRcMxJ 0R2pfflHQTu7KNNMm3g7WBPL3GfOHM4nV1mj1iPT4OH+U08upGwc/0WKstEThroF tQWJBCQCuUjfIRgiIqDoWjXgDxaq7PFe+yzKRo++rF3xg4SDiWVpWcI19Wqqkcgc mfjKwGxnFqKPUemSFu6T51Ey4= Received: by mf135.sendgrid.net with SMTP id mf135.37289.529CDEAFA Mon, 02 Dec 2013 19:25:35 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.13]) by mi41 (SG) with ESMTP id 142b4c5dec7.2252.14e2b68 for ; Mon, 02 Dec 2013 13:25:35 -0600 (CST) Received: (qmail 32281 invoked from network); 2 Dec 2013 19:25:34 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 2 Dec 2013 19:25:34 -0000 Received: (qmail 24658 invoked from network); 2 Dec 2013 19:22:56 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 2 Dec 2013 19:22:56 -0000 Message-ID: <529CDE10.9070405@freebsd.org> Date: Mon, 02 Dec 2013 11:22:56 -0800 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Hiroki Sato Subject: Re: RFC: support for re-sourcing /etc/rc.conf References: <529BEDDB.8010003@freebsd.org> <20131202.214853.1540734630471865242.hrs@allbsd.org> <529CD535.5010903@freebsd.org> <20131203.040524.1967340345792909822.hrs@allbsd.org> In-Reply-To: <20131203.040524.1967340345792909822.hrs@allbsd.org> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqX9GJIOSIEJz3WyotblMArAbzOMsAat3gpbgTjdGNPxQrCMTV857l1tx0bwcV5C2aTjG6cCzk6eBd5agEu5Hjx+L5laTMjGlBmGIBz8tr6eoabG3Kj2CSQxdJNFosSm9tw= Cc: freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 19:25:37 -0000 On 12/02/13 11:05, Hiroki Sato wrote: > So, if I understand it correctly, the ec2-scripts add > $firstboot_pkgs_enable and $firstboot_pkgs_list into /etc/rc.conf and then > send a signal to /etc/rc, and then the firstboot-pkg script runs. s/and then/and at some point later/ The firstboot-pkgs script running isn't trigerred by the signal; it's just another rc.d script. And there's other things which could be configured by launch-time user-data, e.g., firstboot_freebsd_update_enable="NO" if someone didn't want their EC2 image to freebsd-update itself. > In this case, I think creating /etc/rc.conf.d/firstboot-pkg in ec2-scripts > is simpler. Sourcing /etc/rc.conf happens only once, but sourcing > /etc/rc.conf.d/ happens every time when "load_rc_config " is > called. If firstboot-pkgs calls load_rc_config, it should work as expected > without sending a signal. That's a workaround, but I think it's less than ideal from a usability perspective -- FreeBSD users expect to edit /etc/rc.conf, and vanishingly few people even know that /etc/rc.conf.d/ exists. The idea here is to provide a general mechanism for creating and adding to configuration files with data provided at VM launch time, and trying to explain to people that editing /etc/rc.conf won't do what they expect seems like it would be difficult. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 19:31:31 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 00F6D265 for ; Mon, 2 Dec 2013 19:31:31 +0000 (UTC) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 84A631ED7 for ; Mon, 2 Dec 2013 19:31:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=Mfv543roGn9IQRdf+AhToox4fh8=; b=tfdY9O9Ef1xz/iBvGQ KK/jY9QjZUhgWwHz4cCyrnrvk9wODv9ayH/3Y8zd6nz+Z8oOA5g5QzT4S72a6Cqs Unm1SyOCjm2vvsy9WFrrRG22a+tE14G5IubYMZT6MXrHvM1eLrGQWzG+OsmLq/lA p9oC7HXEM/QdXxQqZGRRIyzBA= Received: by mf44.sendgrid.net with SMTP id mf44.10914.529CE00A4 Mon, 02 Dec 2013 19:31:22 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.15]) by mi36 (SG) with ESMTP id 142b4cb274b.6bb.16802be for ; Mon, 02 Dec 2013 13:31:22 -0600 (CST) Received: (qmail 32466 invoked from network); 2 Dec 2013 19:31:20 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 2 Dec 2013 19:31:20 -0000 Received: (qmail 24683 invoked from network); 2 Dec 2013 19:28:37 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 2 Dec 2013 19:28:37 -0000 Message-ID: <529CDF65.7000406@freebsd.org> Date: Mon, 02 Dec 2013 11:28:37 -0800 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Devin Teske Subject: Re: RFC: support for re-sourcing /etc/rc.conf References: <529BEDDB.8010003@freebsd.org> <20131202.214853.1540734630471865242.hrs@allbsd.org> <529CD535.5010903@freebsd.org> <9EF48D5E-2706-4628-BF7B-DBBD5D7E227F@fisglobal.com> In-Reply-To: <9EF48D5E-2706-4628-BF7B-DBBD5D7E227F@fisglobal.com> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqUef0xzUKgMIZGl/E2gt58RGqEYi7G5ERXm6uiZfTYqtBLxoYmiCTsvBimEWIDn7PM5TZYsosVSOmnnKW4FKUSL6nQK6C6aK0MmPaXhD6y1PVKqPwgCjbhX6mxl4n6IVgY= Cc: FreeBSD RC X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 19:31:31 -0000 On 12/02/13 11:17, Teske, Devin wrote: > On Dec 2, 2013, at 10:45 AM, Colin Percival wrote: >> No, the other way around -- a different script (part of ec2-scripts) updates >> /etc/rc.conf based on metadata provided at VM launch time. One use of this >> would be to set firstboot_pkgs_* variables to control the behaviour of the >> firstboot-pkgs port moments later in the boot process. > > sysrc(8) in 9.2+ base comes to mind. > NB: Available as a port for older releases 4.8+ (sysutils/sysrc) I should have been clearer, the VM launch user-data could specify any files to modify; it just happens that rc.conf is a problem because it's over-aggressively cached. >> 3. Early in the boot process, ec2-scripts reads that user-data, updates >> /etc/rc.conf, and signals /etc/rc. >> 4. /etc/rc re-sources /etc/rc.conf. > > Cool. How's the signaling in #3 done to get #4? My (one line plus comments) patch teaches rc to re-source rc.conf if it receives a SIGALRM. > I like the idea of firstboot_pkgs_* Great. It's in the ports tree, sysutils/firstboot-pkgs. > I also like Hiroki's idea of stashing it all into rc.conf.d As I mentioned in reply to him, forcing people to use rc.conf.d instead of rc.conf seems like a usability challenge. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-rc@FreeBSD.ORG Mon Dec 2 19:34:18 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21C9C2FC; Mon, 2 Dec 2013 19:34:18 +0000 (UTC) Received: from mx1.fisglobal.com (mx1.fisglobal.com [199.200.24.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id D9D721F00; Mon, 2 Dec 2013 19:34:17 +0000 (UTC) Received: from smtp.fisglobal.com ([10.132.206.31]) by ltcfislmsgpa07.fnfis.com (8.14.5/8.14.5) with ESMTP id rB2JYGF5002572 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 2 Dec 2013 13:34:16 -0600 Received: from LTCFISWMSGMB21.FNFIS.com ([169.254.1.7]) by LTCFISWMSGHT03.FNFIS.com ([10.132.206.31]) with mapi id 14.03.0158.001; Mon, 2 Dec 2013 13:34:15 -0600 From: "Teske, Devin" To: Colin Percival Subject: Re: RFC: support for re-sourcing /etc/rc.conf Thread-Topic: RFC: support for re-sourcing /etc/rc.conf Thread-Index: AQHO75MygMZmDpdBLUKyR2AQoGR8qA== Date: Mon, 2 Dec 2013 19:34:15 +0000 Message-ID: <06443C9D-9E4A-431E-934C-E0A19DBAA111@fisglobal.com> References: <529BEDDB.8010003@freebsd.org> <20131202.214853.1540734630471865242.hrs@allbsd.org> <529CD535.5010903@freebsd.org> <9EF48D5E-2706-4628-BF7B-DBBD5D7E227F@fisglobal.com> <529CDF65.7000406@freebsd.org> In-Reply-To: <529CDF65.7000406@freebsd.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.132.253.120] Content-Type: text/plain; charset="iso-8859-1" Content-ID: Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.72, 1.0.14, 0.0.0000 definitions=2013-12-02_03:2013-12-02,2013-12-02,1970-01-01 signatures=0 Cc: Devin Teske , FreeBSD RC X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Devin Teske List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Dec 2013 19:34:18 -0000 On Dec 2, 2013, at 11:28 AM, Colin Percival wrote: > On 12/02/13 11:17, Teske, Devin wrote: >> On Dec 2, 2013, at 10:45 AM, Colin Percival wrote: >>> No, the other way around -- a different script (part of ec2-scripts) up= dates >>> /etc/rc.conf based on metadata provided at VM launch time. One use of = this >>> would be to set firstboot_pkgs_* variables to control the behaviour of = the >>> firstboot-pkgs port moments later in the boot process. >>=20 >> sysrc(8) in 9.2+ base comes to mind. >> NB: Available as a port for older releases 4.8+ (sysutils/sysrc) >=20 > I should have been clearer, the VM launch user-data could specify any fil= es to > modify; it just happens that rc.conf is a problem because it's over-aggre= ssively > cached. >=20 Thanks. >>> 3. Early in the boot process, ec2-scripts reads that user-data, updates >>> /etc/rc.conf, and signals /etc/rc. >>> 4. /etc/rc re-sources /etc/rc.conf. >>=20 >> Cool. How's the signaling in #3 done to get #4? >=20 > My (one line plus comments) patch teaches rc to re-source rc.conf if it r= eceives > a SIGALRM. >=20 Nice. >> I like the idea of firstboot_pkgs_* >=20 > Great. It's in the ports tree, sysutils/firstboot-pkgs. >=20 >> I also like Hiroki's idea of stashing it all into rc.conf.d >=20 > As I mentioned in reply to him, forcing people to use rc.conf.d instead of > rc.conf seems like a usability challenge. >=20 Yeah, I agree. rc.conf.d in your case raises an aspect of POLA. --=20 Devin _____________ The information contained in this message is proprietary and/or confidentia= l. If you are not the intended recipient, please: (i) delete the message an= d all copies; (ii) do not disclose, distribute or use the message in any ma= nner; and (iii) notify the sender immediately. In addition, please be aware= that any message addressed to our domain is subject to archiving and revie= w by persons other than the intended recipient. Thank you.