From owner-freebsd-rc@FreeBSD.ORG Sun Dec 20 18:51:49 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 129631065670; Sun, 20 Dec 2009 18:51:49 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id DBDED8FC15; Sun, 20 Dec 2009 18:51:48 +0000 (UTC) Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by cyrus.watson.org (Postfix) with ESMTPS id 7619D46B2C; Sun, 20 Dec 2009 13:51:48 -0500 (EST) Date: Sun, 20 Dec 2009 18:51:48 +0000 (GMT) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Brooks Davis In-Reply-To: <20091220183519.GB64667@lor.one-eyed-alien.net> Message-ID: References: <200912200134.nBK1YCAA048942@svn.freebsd.org> <4B2DBB51.9060002@FreeBSD.org> <4B2DD2A1.8060907@FreeBSD.org> <20091220183519.GB64667@lor.one-eyed-alien.net> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: Doug Barton , freebsd-rc@FreeBSD.org, Hajimu UMEMOTO , svn-src-all@FreeBSD.org, src-committers@FreeBSD.org, svn-src-head@FreeBSD.org Subject: Re: svn commit: r200743 - in head/usr.sbin: . service X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Dec 2009 18:51:49 -0000 On Sun, 20 Dec 2009, Brooks Davis wrote: >>> About the value this change, I think it should be same as the values at >>> boot time. I cannot imagine that someone want to restart the system >>> daemons under the user environment. >> >> dougb> I can actually, especially for ports. >> >> Yup, I often do restart the services installed from ports, too. I meant >> that I don't want that the values of user environment are inherited to the >> services which is started from the user environment. > > This is where the value of service(8) would lie for me. The ability to not > have things work by accident due to my environment and then break at reboot > would be be very helful. There are several other types of context we've historically not properly set/restored when managing service state, such as: - Full user credential context (user IDs, group IDs, etc) - Additional login class state, such as resource limits and MAC labels - User audit state With Apple's launchd, service descriptions can include user credentials that will be set before the service is started. Being able to do that here as well would be great, especially in a future where part of our supplemental user credential will be additional system privileges. Robert N M Watson Computer Laboratory University of Cambridge