From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from tb-mx1.topicbox.com (localhost.local [127.0.0.1]) by tb-mx1.topicbox.com (Postfix) with ESMTP id 2B10F1E20D22 for ; Fri, 26 Jul 2024 11:56:06 -0400 (EDT) (envelope-from jorge+ml@blackdot.be) Received: from tb-mx1.topicbox.com (localhost [127.0.0.1]) by tb-mx1.topicbox.com (Authentication Milter) with ESMTP id 5436BD22CC3; Fri, 26 Jul 2024 11:56:06 -0400 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=topicbox.com; s=arcseal; t= 1722009365; b=FoUWF2/t4GZuARM6ucSiYZpZy2VRbXbyqx4fdFa3UBtYdaStX8 3jyLORdrrBDKt00BGRjy8Va7UMZ/Dg3VRd++CEM9rb5ou7LVQrLQd1RT6Bunp4tg MQfM7FrjqEnrw/zcsn0Mrj/ViADHznDmrssSSA08xOqIHgN+xNb3O31WFzp0V58l Lt6fjOOGvIIVby+vShwVbqFS/Aa59nV/l7FPRjxygpaEdRF/O8ZxJWtq6X1+KnQi ohPr4RbCK8nIkSe+c9R8YDiPBoB/gt4k7vzpUkhIl9XR4+IUcoDzMzJ0jqxL9jnB M/va2VEiOGDzTxt1QrJJHxLaYPcgoZnFRydw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d= topicbox.com; h=content-type:content-transfer-encoding:from :mime-version:subject:date:message-id:references:in-reply-to:to; s=arcseal; t=1722009365; bh=NdD/zW9DuKCZlpTfxxN5SLE6cI/x9vkNFIF T6SIX/dE=; b=Pv2LZgUVHuCK7nU2XO7LI14TWOTLHquqHgGL9YBWbOohrXq17mo Ys4coD9SNx2Ejx15tYeQWRyxMsaNhS1pbkENrXdpCw+ErskP0X+N61Y/6w7h64ay k/uEpja7GwpggozOfUgHMQW4e6tg7z2RKabR3qdJ3M+JARXWJVWvdtYZF4U1IZWR qGRL+k+iOtUxFk0Gq3XtCWc7fqws/NbtUuW3mUzcseb0xMFcUlp5MIW/wukgBXNq yXa+VfhBxglcUwdc552OEqJkNjiD32R4uzLxVUaoCimnpc1j7hnInSzMyNVYRZyB Nsga77lOw6iQ+PEGvJLHNkIunvWHxTxY7FQ== ARC-Authentication-Results: i=1; tb-mx1.topicbox.com; arc=none (no signatures found); bimi=none (No BIMI records found); dkim=pass (4096-bit rsa key sha256) header.d=blackdot.be header.i=@blackdot.be header.b=p6a+NxPL header.a=rsa-sha256 header.s=sign19 x-bits=4096; dmarc=pass policy.published-domain-policy=reject policy.applied-disposition=none policy.evaluated-disposition=none (p=reject,d=none,d.eval=none) policy.policy-from=p header.from=blackdot.be; iprev=pass smtp.remote-ip=65.108.48.22 (mail.blackdot.be); spf=pass smtp.mailfrom=jorge+ml@blackdot.be smtp.helo=mail.blackdot.be; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=mail.blackdot.be policy.ptr=mail.blackdot.be; x-return-mx=pass header.domain=blackdot.be policy.is_org=yes (MX Records found: mail.blackdot.be); x-return-mx=pass smtp.domain=blackdot.be policy.is_org=yes (MX Records found: mail.blackdot.be); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 Authentication-Results: tb-mx1.topicbox.com; arc=none (no signatures found); bimi=none (No BIMI records found); dkim=pass (4096-bit rsa key sha256) header.d=blackdot.be header.i=@blackdot.be header.b=p6a+NxPL header.a=rsa-sha256 header.s=sign19 x-bits=4096; dmarc=pass policy.published-domain-policy=reject policy.applied-disposition=none policy.evaluated-disposition=none (p=reject,d=none,d.eval=none) policy.policy-from=p header.from=blackdot.be; iprev=pass smtp.remote-ip=65.108.48.22 (mail.blackdot.be); spf=pass smtp.mailfrom=jorge+ml@blackdot.be smtp.helo=mail.blackdot.be; x-aligned-from=pass (Address match); x-me-sender=none; x-ptr=pass smtp.helo=mail.blackdot.be policy.ptr=mail.blackdot.be; x-return-mx=pass header.domain=blackdot.be policy.is_org=yes (MX Records found: mail.blackdot.be); x-return-mx=pass smtp.domain=blackdot.be policy.is_org=yes (MX Records found: mail.blackdot.be); x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES256-GCM-SHA384 smtp.bits=256/256; x-vs=clean score=0 state=0 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgeeftddrieehgdeljecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdpuffr tefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnth hsucdlqddutddtmdenogfuuhhsphgvtghtffhomhgrihhnucdlgeelmdenqfhnlhihucho nhgvuchprghrthculdehuddmnecujfgurheptgfghfggufffkfhfjgfvofesrgejmherhh dtjeenucfhrhhomheplfhorhhgvgcuufgthhhrrghufigvnhcuoehjohhrghgvodhmlhes sghlrggtkhguohhtrdgsvgeqnecuggftrfgrthhtvghrnheptdekfedtjeeiudelteeite efudduleduueejteettdehfeduieejjedtueduvefgnecuffhomhgrihhnpehilhhluhhm ohhsrdhorhhgpdhgihhthhhusgdrtghomhdpshhshhgurdhshhdpphgvthgvrhhtrhhisg gslhgvrdgtohdruhhkpdgslhhoghhsphhothdrtghomhdpthhophhitggsohigrdgtohhm necukfhppeeihedruddtkedrgeekrddvvddpvdgrtddvmeehjeekmeegjedtfhemvddtme emuddunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepieehrddu tdekrdegkedrvddvpdhhvghlohepmhgrihhlrdgslhgrtghkughothdrsggvpdhmrghilh hfrhhomhepoehjohhrghgvodhmlhessghlrggtkhguohhtrdgsvgeqpdhnsggprhgtphht thhopedupdhrtghpthhtohepoeguvghvvghlohhpvghrsehlihhsthhsrdhilhhluhhmoh hsrdhorhhgqe X-ME-VSScore: 0 X-ME-VSCategory: clean Received-SPF: pass (blackdot.be: 65.108.48.22 is authorized to use 'jorge+ml@blackdot.be' in 'mfrom' identity (mechanism 'mx' matched)) receiver=tb-mx1.topicbox.com; identity=mailfrom; envelope-from="jorge+ml@blackdot.be"; helo=mail.blackdot.be; client-ip=65.108.48.22 Received: from mail.blackdot.be (mail.blackdot.be [65.108.48.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by tb-mx1.topicbox.com (Postfix) with ESMTPS for ; Fri, 26 Jul 2024 11:56:04 -0400 (EDT) (envelope-from jorge+ml@blackdot.be) Received: from smtpclient.apple (unknown [IPv6:2a02:578:470f:20::11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: sjorge@blackdot.be) by mail.blackdot.be (Postfix) with ESMTPSA id 555652104F for ; Fri, 26 Jul 2024 15:56:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=blackdot.be; s=sign19; t=1722009361; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NdD/zW9DuKCZlpTfxxN5SLE6cI/x9vkNFIFT6SIX/dE=; b=p6a+NxPLrUULt4CWeCV/xrhIxza9sw/Lk/fygtEs03dPSUgu85XZ0dZazfgiUSPdzmEy8h Di9tzJnrKWkU1SVDYMqDKVx/1TTSo6+J2miB2EBEKs+BZDLiZusrLmkGc3qa0zYQpJp1dg TZew2CJBQd7QqXdqdhHYhAtKFIZks5GPnDhi533yVZ4UX1hnEko5KH8y9pt3F6oWu6TMsi Yl5qAB414+pJeH6o1Rq3VkBQIIypdJVdkkx/UW+8+IPcA9CQIUzBFIyaHkjYesJwrFjNRM lSpQ5pZvqwfG6QH77MlJRIjI8X5l5SDb4J6P/6Cz5jQPWO/GG+qUKTKxA60nzSBvAq2xo5 QJqPEjYLHlTWIZftfFc5CngYFJC3BaIpJmFv1Tlj4Yz9958+oBJZgcFIJ5YKUpdI6ktJ/o shTc7LNVJL6b13ipfNKWqQUY/zi4g1kGP4z4nyg4rEaMCi+MZuZqUeeLkxzSJW6XC1u2fW Gp06ZUzU1uP5y7Q0S8LST6zzIAur5uOtF9CaqMcpcWKNH+R6mDGm92kV3WeQf3SGkLNzQh rJxwoXtTtTPXqrb4tC2/HsTd4PrOyRFKQWwbw8Au2gFqcCirCbaUewU2jHIzrCeOKYJiMD mJwEOcabSh4wsBvJHgSXTL167oHZ08CRKvOTm49ZU0LlkooB5Vj5s= Content-Type: multipart/alternative; boundary=Apple-Mail-EA41C64C-2963-46FA-AD3B-4A7F1A352F16 Content-Transfer-Encoding: 7bit From: Jorge Schrauwen Mime-Version: 1.0 (1.0) Subject: Re: [developer] Review - 15665 svc:/network/loopback exits successfully even if it fails Date: Fri, 26 Jul 2024 17:55:49 +0200 Message-Id: <3D043DE2-817C-4A22-9BB6-A673FAAFDC58@blackdot.be> References: In-Reply-To: To: illumos-developer X-Mailer: iPhone Mail (21F90) Topicbox-Policy-Reasoning: moderate: reply to existing message Topicbox-Message-UUID: 954c57b4-4b67-11ef-852d-d529ac3a4b8b --Apple-Mail-EA41C64C-2963-46FA-AD3B-4A7F1A352F16 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
This last reply from Peter made me thi= nk of the difference between requires vs after in systemd speak. 
=

Although that is probably a lot of work as one would nee= d those feature and somehow fix all manifests that express a dependancy on l= oopback.

Admittedly I sometimes miss a more soft de= pendancy in smf in general.

=
~ sjorge

On 26 Jul 2024, at 17:16, Peter Tribble <peter.tribble@gmail.com> wr= ote:

=EF= =BB=BF


On Fri, Jul 26, 2024 at 2:50=E2=80= =AFPM Andy Fiddaman <andy@omnios.org> wrote:

= On Fri, 26 Jul 2024, Peter Tribble wrote:

> On Fri, Jul 26, 2024 at 9:21?AM Andy Fiddaman <illumos@fiddaman.net> wrote:
= >
> > Please can you review the following change?
> >
> >     15665 svc:/network/loopback exits successfully e= ven if it fails
> >     https://www.illumos.org/issues/15665<= /a>
> >     https://code.illumos.org/c/= illumos-gate/+/3610
> >
>
> When this first came up I expressed my belief that making this change i= s
> the wrong
> thing to do, and I'll express it again.

Apologies Peter. I had recalled that your objection to the original change was mostly around the addition of the extra dependency to the service, which=
I've removed in this new patch set (that is
https://www.illumos= .org/issues/15664 which remains open).

> If this service fails, I think the best thing to do is drive on so that= the
> system can come up as far as possible to maximise the chance that the s= ystem
> comes up far enough for an administrator to be able to get in and fix i= t. Not
> putting the service into maintenance is a feature, not a bug.

The impetus for this change is that over the past couple of years we've had<= br> a number of occasions where we've had to debug networking problems that
have had their root in the fact that the loopback interfaces were not create= d
for one reason or another. It happened again yesterday in a non-global zone.= In
all of these, it would have been really useful and expedited diagnosis if th= e
service had gone into maintenance. I understand the perspective of allowing t= he
system to come up as far as possible - to the point of remote access even - b= ut
it still seems wrong for a service to report success where it has not actual= ly
achieved its goal. Is there some middle ground here.

> I think generally it would be wrong for a single voice to veto any chan= ge,
> which means I would generally be uncomfortable sticking a -1 on it, but= if
> this does get into the gate it will be reverted in Tribblix.

Understood. This definitely warrants further discussion.

As I mentioned in my other reply, it seems that what we're a= fter is some way to mark
a service as having generated an erro= r without bringing the system down by going
into maintenance. S= ome sort of degraded mode.

We have a couple of SMF exit co= des that look interesting - SMF_EXIT_MON_DEGRADE
and SMF_EXIT_MON_OFFLIN= E, but I'm sure they were never implemented. There's
even an i= ssue in this area - https://= www.illumos.org/issues/7711 (which refers back to 8891
whi= ch is another case of something dropping into maintenance breaking the entir= e system).

<= div>you see the following:

# Put the service into degraded mod= e in case some of previous
# configuration tasks failed.
# W= e do not let the service enter maintenance mode, since
# we want t= o keep the system as much operating as feasible.
#
if [ $ret1 -= ne 0 ]; then
smf_method_exit $SMF_EXIT_DEGRADED "hostkey= _configuration" \
   "Failed to generate missing h= ost keys."
fi

So the equivalent of SMF_EXIT_DEGRADED= might be what we're looking for?

--
-Peter= Tribble
htt= p://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
= --Apple-Mail-EA41C64C-2963-46FA-AD3B-4A7F1A352F16--