From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 15718 invoked from network); 25 Aug 2021 12:20:07 -0000
Received: from alyss.skarnet.org (95.142.172.232)
  by inbox.vuxu.org with ESMTPUTF8; 25 Aug 2021 12:20:07 -0000
Received: (qmail 18513 invoked by uid 89); 25 Aug 2021 12:20:28 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
Sender: <supervision@list.skarnet.org>
Precedence: bulk
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Id: <supervision.list.skarnet.org>
Received: (qmail 18506 invoked from network); 25 Aug 2021 12:20:27 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=umbrellix.net;
	s=umbrellix.net; t=1629893998;
	bh=+1+F/XYExmxRdoQF9bEHQysLELZyPAvYFAEwC2w5b3Q=;
	h=Date:From:To:Subject:In-Reply-To:References;
	b=bJExBAKXRV58nP+fQzY1aXQOqPupgwrNWUgGu/sgBuzV9Co45Da9pdcrcA1rxRWtH
	 j98mAL0yh1m0SLzzRxBoWbjurEr3BJv0+QSH9zrhLOVJSYrgxWWrdaEvTdW5h5F1KG
	 0+MXcSLVSm/b4izabTZ5CflVBSenKxZglfS74d/s=
Date: Wed, 25 Aug 2021 12:19:54 +0000
From: Ellenor Bjornsdottir <ellenor@umbrellix.net>
To: supervision@list.skarnet.org
Subject: =?US-ASCII?Q?Re=3A_First_time_caller_to_the_show_-_am_I?= =?US-ASCII?Q?_understanding_the_fifo_trick_correctly=3F?=
User-Agent: K-9 Mail for Android
In-Reply-To: <em94f287eb-7715-45b2-a9bf-538ac6825a48@elzian>
References: <202108250806.17P86E1p031259@invictus.wa.us.umbrellix.net> <em94f287eb-7715-45b2-a9bf-538ac6825a48@elzian>
Message-ID: <1C375DE4-A780-473D-8F34-8E0CA1F171EF@umbrellix.net>
MIME-Version: 1.0
Content-Type: multipart/alternative;
 boundary=----9P5K944KYMWPB8BNMCOVCJC7AZCZGA
Content-Transfer-Encoding: 7bit

------9P5K944KYMWPB8BNMCOVCJC7AZCZGA
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: quoted-printable

Personally, I'm ~banging my head against the wall by~ writing a fork of Fre=
eBSD init which, instead of moving to its read_ttys stage, achieves what s6=
-l-i does with spawning runcom2 and (s6-)svscan (but does so in a sufficien=
tly generic manner that you don't have to do the blocking fifo trick during=
 runcom2 if you don't want to)=2E

On 25 August 2021 11:57:11 UTC, Laurent Bercot <ska-supervision@skarnet=2E=
org> wrote:
>>Forgiving privilege separation failures and minor grammatical mistakes, =
does it look as if I understand the fifo trick's application in practice?
>
>  Hi Ellenor,
>  Yes, I think you have the right idea=2E
>
>  The goal here is to redirect s6-svscan's own stdout and stderr to
>the stdin of the catch-all logger process, so that the supervision
>tree's messages, and the messages from every service that lacks a
>dedicated logger, go to the catch-all logger instead of /dev/console=2E
>(Because /dev/console is a terrible default place to send logs and
>should only be used for very critical messages such as kernel panics,
>or, in our userland case, for catch-all logger failures=2E)
>
>  The problem is that we want the catch-all logger to run as a service
>under the supervision tree, so the s6-log process does not exist yet
>when we exec into s6-svscan: it will be spawned later as a grandchild
>of s6-svscan (with an s6-supervise intermediary)=2E So we cannot use an
>anonymous pipe for this=2E
>
>  We use a fifo instead: we can redirect init's stdout and stderr to
>a fifo, and later on, when the catch-all logger starts, we can
>instruct it (in its run script) to read from the fifo=2E
>
>  But the Unix fifo semantics say that we *cannot* open a fifo for
>writing while there is no reader: open() would either block (default
>flags) or return -1 ENXIO (with O_NONBLOCK)=2E So the "fifo trick" is:
>1=2E open the fifo for reading
>2=2E open it for writing, which now works
>3=2E close the reading end
>
>At this point, any write() to the fifo will fail with -1 EPIPE=2E That is
>not a problem per se, except it will also generate a SIGPIPE, so in
>order to avoid crashing and burning, it is important to ignore SIGPIPE
>at the very least - or, better, to make sure that no process writes to
>the fifo until the catch-all logger is up=2E This is the case for=20
>s6-svscan
>and s6-supervise, so our system structure is safe; but we need to make
>sure that no other process starts before the catch-all logger is up,
>else they will just eat a SIGPIPE and die=2E
>
>  In the s6-l-i model, s6-svscan is executed as soon as possible, on a
>very minimal supervision tree that only contains the catch-all logger
>and a few other essential "early services" (such as the shutdown daemon
>and an early getty)=2E All the rest of the initialization is done in
>"stage 2 init", which is a script run as a child of s6-l-i's=2E
>So the end of the "fifo trick" uses the Unix fifo semantics as a
>synchronization mechanism:
>4=2E fork
>5=2E In the child, close our fd to the fifo
>6=2E In the child, open the fifo for writing once again,
>    *without* O_NONBLOCK=2E
>
>  This last open() will block until the fifo has a reader=2E That
>ensures the child will only resume once the parent has completed
>its work and executed into s6-svscan, and the supervision tree has
>started and the catch-all logger is running=2E Then the child can exec
>into stage 2 init and perform the rest of the work with the guarantee
>that the supervision tree is operational and all the stdout and stderr
>messages go to the catch-all logger by default=2E
>
>  To see exactly how to implement stage 1 init and the fifo trick as
>an execline script, you can checkout (or download) any version of
>s6-l-i *prior to* 1=2E0=2E0=2E0; try version 0=2E4=2E0=2E1, downloadable =
from
>skarnet=2Eorg if you type the URL by hand, and accessible via the
>v0=2E4=2E0=2E1 tag in git=2E It is very different from what it is now, as=
 in
>there is no sysv compatibility at all, but stage 1 should be
>understandable=2E
>
>  A few months ago, I tried adding a few conditional compilation options
>to s6-l-i to make it work under FreeBSD, but unfortunately the
>organization of the FreeBSD init is so different from Linux's,
>especially shutdown-wise, that my attempt only succeeded in turning
>the package into an unholy plate of spaghetti=2E At some point in the
>future, however, a similar-but-separate s6-freebsd-init package may
>make sense=2E
>
>--
>  Laurent
>

--=20
Sent from my Android device with K-9 Mail=2E Please excuse my brevity=2E
------9P5K944KYMWPB8BNMCOVCJC7AZCZGA--