From owner-freebsd-hackers Mon Dec 26 05:27:22 1994 Return-Path: hackers-owner Received: (from root@localhost) by freefall.cdrom.com (8.6.9/8.6.6) id FAA25353 for hackers-outgoing; Mon, 26 Dec 1994 05:27:22 -0800 Received: from UUCP-GW.CC.UH.EDU (root@UUCP-GW.CC.UH.EDU [129.7.1.11]) by freefall.cdrom.com (8.6.9/8.6.6) with SMTP id NAA25347 for ; Mon, 26 Dec 1994 13:27:15 GMT Received: from Taronga.COM by UUCP-GW.CC.UH.EDU with UUCP id AA06318 (5.67a/IDA-1.5); Mon, 26 Dec 1994 07:10:27 -0600 Received: by bonkers.taronga.com (smail2.5p) id AA25208; 26 Dec 94 06:48:28 CST (Mon) Received: from localhost (localhost [127.0.0.1]) by bonkers.taronga.com (8.6.8/8.6.6) with SMTP id GAA25205; Mon, 26 Dec 1994 06:48:27 -0600 Message-Id: <199412261248.GAA25205@bonkers.taronga.com> X-Authentication-Warning: bonkers.taronga.com: Host localhost didn't use HELO protocol To: Joe Greco Cc: hackers@freebsd.org Subject: Re: /etc/rc.shutdown (And some free association about logging) In-Reply-To: Your message of "Mon, 26 Dec 94 00:43:23 GMT." <9412260643.AA03089@brasil.moneng.mei.com> X-Mailer: exmh version 1.4.1 7/21/94 Date: Mon, 26 Dec 1994 06:48:25 -0600 From: Peter da Silva Sender: hackers-owner@freebsd.org Precedence: bulk > > > However, I am not arguing _for_ Ollivier's changes, by any stretch of the > > > imagination. If you type "shutdown" without bothering to take down INN and > > > make sure all's well, you darn well get what you deserve. > > Hokay, I've got an Alpha based box at work that's running a hundred users > > and bunches of commercial and local packages. In fact I've got two of them. > > I don't *remember* all the stuff you have to do to shut them down right. > Write a script. I did. It's in /sbin/init.d. That way it gets run no matter WHO shuts down the system and how they shut it down. > > But, you say, you could just create a shutdown script and run that instead > > of shutdown. Hrm... I'm sorry, I'd rather keep things simple. > What, by adding functionality that forces you to write a script? Doesn't *force* you to do any bloody thing. You can go on depending on the SIGTERM+10seconds kluddge all you want. This is adding simply adding a hook for that script if you happen to have one. > Uhh, now I'm confused. I just argued _for_ this, but in the context of not > adding it to the guts of init and every other system program that deals with > shutdown. You're confused? You're confusing me... where did I say that? I just said that the standard way to shut the systems down (shutdown) should run a standard script. If you want to do an emergency shutdown that just syncs and unmounts the disks, you should have one (uadmin 2 0, in System V terms). I just don't think that the half-measure of SIGTERM+10 has any place in a modern operating system. Either kill everything, now, and clean up... or ask everything to go down and wait until they're done. If you have things that hang unreliably, then deal with that as a separate issue. Really. As a side issue, I don't think "halt" and "reboot" should be the programs that do the emergency shutdown. Why? People tend to think of them as the standard way to shut systems down. When you're setting up a system that's going to be maintained by some random power systems engineer who doesn't give a shit about computers but has a selection of O'Reilly books as a security blanket you can't depend on them following your procedures. But that's a side issue. The important thing is that there should be an official hook for local cleanup... the shutdown equivalent of /etc/rc.local. > Solaris actually does this quite well, providing > "shutdown", "halt", and "uadmin 2 0" to provide a rather fine level of > control over how one wants the box to go byebye. Much as I hate Solaris, > this is actually quite nice... one thing they did right. That's exactly what every System V box in the world does. "shutdown" is the user friendly front end with timeouts and user alerts. "halt" (or init 0, in most cases) does a normal shutdown now. "uadmin 2 0" is the emergency shutdown. > I guess I don't see a reason to move this functionality into the system at > such a fundamental level. KISS. If one's system is complex enough to > require a shutdown script (and I would argue that INN can be), one should > write a script that does the right thing. With you so far... > Make it policy to use it. One can make policies to work around every shortcoming of the operating system, but why not provide a simple hook that lets you avoid it if need be. You don't have to use it (the default "/etc/rc.shutdown" can be empty), but why not have it there for people who are worried about such things? > Rename > "shutdown" if you really damn well want to. But please don't go adding > unnecessary "features" to the system. I don't understand. What's an unnecessary feature? One you personally don't use? I personally don't use union mounts or the dosfs or support for multiple dos-level partitions (I've installed FreeBSD on the whole disk). But I'm not going to argue against them, particularly when someone else is already doing the work and are doing it in such a way that you can completely ignore it if you want. > Part of the beauty of UNIX is the > simplicity and generality. If it was something that couldn't be achieved in > other, simpler ways, maybe it would be different... I got mtools. Why do I need dosfs (or whatever it's called this week)? As for simplicity and generality, I've got a bone to pick with a lot of the BSD startup/admin/daemon model that makes things a LOT more complicated if you're not using things the vanilla way, but it's really not relevant to this list and a whole lot of work to do right. Free associating from that... I do have one question... is the 2.x syslogd significantly different from the 1.1 version? If not, I'm working on making things a little more complicated in there. (mainly, if you don't have the source it's almost impossible to figure out what you need to do with syslog.conf to monitor things like FTP traffic even after you've modified FTPD to log more stuff under -l). I've started adding code there to select on program name as well as the rather overly broad facilities... but if it's already done by some miracle I'd like to avoid reinventing the wheel. (I've also modified ftpd to log all transactions not just connects under -l if you have -DSECURITY_LOGGING. It logs it under daemon.info though which is a pain, since a while bunch of stuff gets logged under daemon.info and right now I'm using a script to grovel through a /var/log/trash file and pulling out the ftpd messages... but it'd be cleaner to have that in syslog.conf) (Any interest in a nosier ftpd?)