From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.5 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: from alyss.skarnet.org (alyss.skarnet.org [95.142.172.232]) by inbox.vuxu.org (Postfix) with SMTP id 5A6CF2F386 for ; Thu, 19 Sep 2024 19:51:53 +0200 (CEST) Received: (qmail 64991 invoked by uid 89); 19 Sep 2024 17:52:19 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm Sender: Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Received: (qmail 64984 invoked from network); 19 Sep 2024 17:52:19 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmx.de; s=s31663417; t=1726768310; x=1727373110; i=janbraun@gmx.de; bh=RVBDqs99as5kYa8pIn5wTjGk6GwXuWC57QLg3aj1YA0=; h=X-UI-Sender-Class:Date:From:To:Cc:Subject:Message-ID:References: MIME-Version:Content-Type:In-Reply-To:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=HfSuygxOWxnj2YAh0OPxXS5vnFSUhwkS9onzBUTBuDXV2c1HISMH2Tv+s+wO/+pd 9R9nLeLKu+hf8O9m+3Vykkt9wBqKi6XwfTl1lVGIZ8CrmMEBlgG8SkaSUIgYP4Q+b HjAbA0IrYnlEhK/cNEJGm6Ih86LjjZNiP1TtmEc00hEmE5OUD8DyOCk3fPyr+zazS 9VAPfPp6H/+MC1AKkyUAmwbdIoNwPdC7MqTVGka2FXsz8FGYzGAKJYe3eHGeqJjsk pW5dItez7cTA4sM4Y2Ww+oH7PGDTRPGgJiB4cIQjS3I0ApcLUx+RmDIkEdvBwvPhl cVMLh1cnuo45HQPWuw== X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a Date: Thu, 19 Sep 2024 19:51:50 +0200 From: Jan Braun To: Paul Sopka Cc: supervision@list.skarnet.org Subject: Re: s6/s6-rc policy for Gentoo: config files for service scripts Message-ID: Mail-Followup-To: Paul Sopka , supervision@list.skarnet.org References: <442f0112-3120-4609-8a87-c4d9f7119868@sopka.ch> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="nn3mrMelKHJLdUcf" Content-Disposition: inline In-Reply-To: X-GPG-Fingerprint: 1736 D50F 170B 70A6 9223 BC15 295E 703E 6D1D 2FCF X-GPG-Encryption-Welcome: always X-Provags-ID: V03:K1:YYsvH3ewtTSdpOOPpCt4Rx3+7JxyZvAbZnbdNPzaTq4sKs1Vi+3 JV2lmieXL3xP3QqvfRNcnDHcL+s3XV/8ByTJcobNhC0lrq8OeGrulg0pimswrNRWdev+nAd f2hPNTX99/9HcxTgL7fw43Vs2SGnNWLEuFZtlYibUPWckKB6qRJwP9RIrgdaW4jpdek0OSr 14FlV9fWHfPUlg1zHSHPw== UI-OutboundReport: notjunk:1;M01:P0:UOiV90v9K8A=;DqrCDVIN5V1HTltlMDwkw9k1frq nFNBZM/m9yoQ7a6Ic7IQS3oakNkbdjwMFGke05jIy5MZvgV7vSaB4ekqNF5QqWFyrWazVdpI5 tbeeHchyqEQlPhBmrchYBQcA+iTUbBseSP+2L9QiABRXcVC/Sc8n7GwwcM6A+S38qb5+YEYvr oM5snZWbCH/FkCgn6KWVsFKTgPQk6GB93TDbnpnFHwwRkMj4QmsrA4JmgLyG0VRu3GrWx7avK W/gAHvdXctJW1i9Z/5jyErLcybsgxqGT5zBAN6M2eRsmLgfpwwA9rYslCdVCiZUBTjGGgNCuO +aINBhehdR6hd8fZU0jy7ZrMzgGuKcAT+mAFiFa2otJg5AN/kgHGz8XdiWPo8Fz7NwdzBOgR3 R7gIeo7Ken6+HQv+BQOs7fBiTNZ7JESA9r7aG6ytVNrlDJXxk4GUViLSXIkt0VZRQJ19R48aY K2N/dNDBPkxQR66ukhBwO0Fcl2JS+4uVdwJwLUnlbkOoO/qyjDr6GZHOS5inDwkv+OMKUpqye saCrOFRJw+I6YpDvVDFYgvOb0dZXohkrDBE9TfiVRWAYck9mCF2M9g0Y7yKaPFS5l1PrVLNQE HtGSpPqiBRX886COB2lh9IANLl2j1iMD85NyfLT7ZbvPd0WVG3R9s20urvQ2q2WsWq16txEV9 9izR5njtA797M706bCxWcb1pBB5YUorv3jh4e5lK5c+Kk/Kuo5+KDmZ/Ogofz6nrh1+xkfPjN R0NsTG6yIyQ/obMn4iusBdYtq8YpWQ68mRqvy872kn1Set9gbdpCRNw2ibPmSDsxRKbGVA0fS c2nDaXslSxiNcIhvYEdN0IYw== --nn3mrMelKHJLdUcf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Paul Sopka schrob: > I am not sure if I understand correctly, the files under > /usr/share/s6-rc/{user,system} > are to be there only as a reference, not to be edited. > Are you trying to say that the non-edited files should be symlinked rather > than copied? I was indeed trying to say that. But on second thought: you should do whatever Gentoo usually does with such configuration files. Consistency trumps any minor advantages any particular approach might have. > Although it has to be done a bit differently when using execline > [...] > Would turn into: >=20 > | #!/bin/execlineb -P > | fdmove -c 2 1 > | importas -SD /etc/s6-rc S6CONFIGDIR > | tryexec ${S6CONFIGDIR}/system/config/seatd > | seatd -n3 -u root -g seatd That's a more reasonable size than your first example. Although this ... > Allowing the sysadmin to completely override the service. > Unfortunately this also forces the sysadmin to override the service for > every so little change, =2E.. then begs the question: what's the advantage of having the ${S6CONFIGDIR}/system/config/seatd entry point at all? How much effort does this save the admin over creating their own my_seatd service and disabling the one you provide? (Honest question, I don't fully grok s6.) Being able to easily add custom services is a necessity anyway. So maybe don't allow any customization (besides disabling) at all, ship | #!/bin/execlineb -P | fdmove -c 2 1 | seatd -n3 -u root -g seatd and teach users to create new services with the 3rd line changed to whatever they need. HTH, Jan --nn3mrMelKHJLdUcf Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFzbVDxcLcKaSI7wVKV5wPm0dL88FAmbsZJcACgkQKV5wPm0d L8+gcw/8D6AodoOphyGjBhejaRsAUU3NpW9QkZfAQvzokYjikU6Ili56rZWDjD74 Fead0b882o3tlnIwokV1sh74Mq7UuuVnDxzMxWe1pAJz2HvzQSWfni3MzKzsByEN cw3p4Kb0HZEIXUclUnGaznOG+6xjfPTVFBGI0ETaQK/uG7zeEeqYW8E5nMfnG+x4 D0MtRkYYbrVcLJKD+LoI5nlVCI5doG6fzmpZIKXKLnDE8bAOLNQ6Fxp3V+ss07B4 gWNe8Qhvtxh2n4MetAiEuYVvZf2+u1dWYeMcyaHzUMOjNjD0kjYc5CYV633TJfRr xNqTFTSZ6LjHFdx37+ermhF2JOtFDiIxK4nVVmHAUXE3p0tb3wpEmZW3abPENvQB 0mmeXqqArLGfA5h4G8pBc9ASqH9HJUhOVlw6g0ZbxMiMfkZ3bWSgdGhHNHAGtgBK wrUs4iPEdlOrMlGyJOFQr4u4mDEjxtFEqSvMReYHjvxnQRdQGg9xYMAx0yWXarjn vBw9LtCnE1oi4O8u8cd+m30TIpyaneUPTvAihmuVELOsKfSzIkkO1mtuu+XGmG7k dB6Zmwf1X7xnfNLOR+RNWEgnJ7I+AAfD64JaUHt8MFMNrEF4GYHPLXpXo+s5HSB7 ohRnSOOrhnP/c49ywzHFi7TKYjP4PgK6bW/yWWRLtuHPZwEHbt0= =mxnz -----END PGP SIGNATURE----- --nn3mrMelKHJLdUcf--