From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/2550 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Jeff Newsgroups: gmane.comp.sysutils.supervision.general Subject: interesting claims Date: Mon, 29 Apr 2019 21:19:58 +0200 Message-ID: <11997211556565598@myt6-27270b78ac4f.qloud-c.yandex.net> Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="162415"; mail-complaints-to="usenet@blaine.gmane.org" To: supervision Original-X-From: supervision-return-2140-gcsg-supervision=m.gmane.org@list.skarnet.org Mon Apr 29 21:20:04 2019 Return-path: Envelope-to: gcsg-supervision@m.gmane.org Original-Received: from alyss.skarnet.org ([95.142.172.232]) by blaine.gmane.org with smtp (Exim 4.89) (envelope-from ) id 1hLBoq-000g7P-G9 for gcsg-supervision@m.gmane.org; Mon, 29 Apr 2019 21:20:04 +0200 Original-Received: (qmail 7423 invoked by uid 89); 29 Apr 2019 19:20:28 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm Original-Sender: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Original-Received: (qmail 7416 invoked from network); 29 Apr 2019 19:20:28 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.com; s=mail; t=1556565598; bh=u9YMAWSRCYrhvsV7o5Eh9dQOK08Q9Xir1AZvSLpi3pw=; h=Message-Id:Date:Subject:To:From; b=Q5p9ryQxI7tYPEOX507f8bngZiZoVBtV2wi+3k/+g1dUscU/xb/BcNMJ2Kc9FtNUT zwkpoGBt8cOXDDNIhTL1Nr/LyZkDNVCxi4ug2vjdmqMBNA318mf0wpzr/o/XExL/5d vQSAGFAwLks6ICqX9huA8MYhi0qb8PYB6JzGbEl4= Authentication-Results: mxback17o.mail.yandex.net; dkim=pass header.i=@yandex.com X-Mailer: Yamail [ http://yandex.ru ] 5.0 Xref: news.gmane.org gmane.comp.sysutils.supervision.general:2550 Archived-At: i came across some interesting claims recently. on http://skarnet.org/software/s6/ it reads "suckless init is incorrect, because it has no supervision capabilities, and thus, killing all processes but init can brick the machine." a rather bold claim IMO ! where was the "correct" init behaviour specified ? where can i learn how a "correct" init has to operate ? or is it true since s6-svscan already provides such respawn capabilities ? ;-) there is actually NO need for a "correct" working init implementation to provide respawn capabilities at all IMO. this can easily done in/by a subprocess and has 2 advantages: - it simplyfies the init implementation - process #1 is the default subprocess reaper on any unix implementation and hence a lot of terminated zombie subprocesses get assigned to it, subprocesses that were not started by it. if it has respawn capabilities it has to find out if any of this recently assigned but elsewhere terminated subprocesses is one of its own childs to be respawned. if it has lots of services to respawn this means lots of unnecessary work that could be also done in/by a suprocess aswell. when do you kill a non supvervised process running with UID 0 "accidently" ? when calling kill ( -1, SIGTERM ) ? the kernel protects special/important processes in this case from being killed "accidently", that's true. but where do we usually see that ? in the shutdown stage, i guess. and that's exactly where one wants to kill all process with PID > 1 (sometimes excluding the calling process since it has to complete more tasks). or when going into single user mode. so this looks like a rather artificial and constructed argument for the necessity of respawn functionality in an init implementation IMO.