Re: interesting claims - Laurent Bercot

supervision - discussion about system services, daemon supervision, init, runlevel management, and tools such as s6 and runit
 help / color / mirror / Atom feed

From: "Laurent Bercot" <ska-supervision@skarnet.org>
To: supervision <supervision@list.skarnet.org>
Subject: Re: interesting claims
Date: Tue, 30 Apr 2019 08:22:50 +0000	[thread overview]
Message-ID: <emec0adab0-570f-4eae-844c-e68cba21d4e0@elzian> (raw)
In-Reply-To: <11997211556565598@myt6-27270b78ac4f.qloud-c.yandex.net>

[-- Attachment #1: Type: text/plain, Size: 2040 bytes --]

>"suckless init is incorrect, because it has no supervision capabilities,
>and thus, killing all processes but init can brick the machine."
>
>a rather bold claim IMO !
>where was the "correct" init behaviour specified ?
>where can i learn how a "correct" init has to operate ?

For instance:
https://archive.fosdem.org/2017/schedule/event/s6_supervision/
https://www.youtube.com/watch?v=I7qE43KK5bY&t=7591

https://www.reddit.com/r/linux/comments/2dx7k3/s6_skarnetorg_small_secure_supervision_software/cjxc1hj/?context=3

  Or, as Guillermo mentioned, several posts in the ML archive.

  init is a subject that little study has been put into (though it
is also the subject of a whole lot of talk, which says something
about whether people would rather talk or study). But I think you'll
find that things are different around here.

>or is it true since s6-svscan already provides such respawn
>capabilities ? ;-)

Do not mistake causes for consequences. Things are not correct
because s6 does them; s6 does things because they are correct.

>there is actually NO need for a "correct" working init implementation
>to provide respawn capabilities at all IMO.

Then you are free to use one of the many incorrect inits out there,
including sinit, Rich Felker's init, dumb-init, and others. You are
definitely not alone with your opinion. However, you sound interested
in process supervision, which is part of the more general idea that a
machine should be made as reliable as possible *at all times* and
*under any circumstances*; if you subscribe to that idea, then you
will understand why init must supervise at least 1 process.

>so this looks like a rather artificial and constructed argument for
>the necessity of respawn functionality in an init implementation IMO.

  Maybe you've never bricked a device because init didn't respawn
anything. I have. The "rather artificial and constructed argument"
happened to me in real life, and it was a significant inconvenience.

--
  Laurent

next prev parent reply	other threads:[~2019-04-30  8:22 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-04-29 19:19 Jeff
2019-04-30  2:49 ` Guillermo
2019-04-30  8:22 ` Laurent Bercot [this message]
2019-05-03  0:53   ` what init systems do you use ? Jeff
2019-05-11 18:45     ` Guillermo
2019-05-13 19:13     ` multiplexd
2019-05-13 20:36       ` Laurent Bercot
2019-05-13 21:09       ` Steve Litt
2019-05-14  2:34         ` Guillermo
2019-05-13 21:16       ` Joshua Ismael Haase Hernández
2019-05-14  5:50     ` Colin Booth
2019-05-14  7:15       ` eric vidal
2019-04-30  8:47 ` interesting claims Jonathan de Boyne Pollard
2019-05-01  7:26 ` Steve Litt
2019-05-01  7:33 ` Steve Litt
2019-05-01 18:13   ` Laurent Bercot
2019-05-15 17:22     ` Steve Litt
2019-05-15 23:22       ` Oliver Schad
2019-05-16  1:07         ` Steve Litt
2019-05-16  5:36           ` fungal-net
2019-05-16  8:32             ` Laurent Bercot
2019-05-16 17:10               ` Jeff
2019-05-17  0:23               ` Dewayne Geraghty
2019-05-17 11:21               ` fungal-net
2019-05-17 22:57                 ` Guillermo
2019-05-18  0:52                   ` Jeff
2019-05-18 16:26                     ` fungal-net
2019-05-18 20:04                       ` Guillermo
2019-05-19 11:24                         ` fungal-net
2019-05-19 12:57                           ` killall test run Jeff
2019-05-19 17:29                             ` Colin Booth
2019-05-19 20:39                             ` Guillermo
2019-05-19 23:06                               ` Laurent Bercot
2019-05-19 20:35                           ` interesting claims Guillermo
2019-05-03  1:37   ` how to handle system shutdown ? Jeff
2019-05-03 19:25     ` Laurent Bercot
2019-05-05  0:52       ` is it required to call kill() from process #1 ? Jeff

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=emec0adab0-570f-4eae-844c-e68cba21d4e0@elzian \
    --to=ska-supervision@skarnet.org \
    --cc=supervision@list.skarnet.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).