On Wed, Nov 28, 2018 at 06:47:59PM +0000, Dmitry Bogatov wrote: Hi,
sorry, didn't look at bug mail for a while. > > However, whenever the getty-run package is installed in a vserver, I have to > > manually remove the /service/getty-tty* symlinks. > > > > Can you please modify the postinst script so it only installs getty services > > for /dev/tty* devices that are actually there? > > I do not like maintainer scripts. They are pain to get right. I can > propose you to pre-provision your servers with > `/etc/sv/getty{1-6}-run/down' file. See runsv(8). That would still leave the runsv processes around and clutter the output of "sv status /service/*". The following postinst snippet should work: export NAME='getty-tty1' if [ -c /dev/tty1 ]; then export ENABLE='yes' else export ENABLE='no' fi # Unlike postrm, I can be sure, that runit-helper is present on # postinst. /lib/runit-helper/runit-helper postinst "$@" ... and so on for the other ttys. (A lesser man would have used a for loop. :) (Alternatively, the getty run scripts could start with something like this: [ -c /dev/ttyX ] || rm /etc/service/getty-ttyX and /etc/runit/1 could re-create these symlinks, just to be absolutely sure. I don't like this approach; there is too much going on automatically.) Or, you could add a debconf question with low priority, defaulting to "yes", on whether to add the getty service symlinks. I could pre-seed debconf in vservers with "no". > > Or can we come up with a way to help people avoid shooting themselves in the > > foot while not requiring me to install getty-run in vservers? For example, > > runit-init could depend on "getty-run | some-way-to-log-in-interactively", > > and "some-way-to-log-in-interactively" could be provided by an empty > > "runit-no-getty" package as well as an "ssh-run" package that sets up a > > runit service for ssh. > > If it would help you, I can add dependency on 'getty-run | access-run'. > You are free to provide `access-run' in whatever way you like. That would work for me if you also build a "runit-no-getty" or similar (empty) package that provides "access-run". It should be in Debian; we shouldn't force every container user to build their own fake empty "access-run" package. > I am fine with `bin:unsafe-no-tty-run' package too, but not now. I do not > want to get stuck in NEW before freeze. Sure, it can wait until the freeze starts. (I almost always use sid anyway.) Thanks! AndrĂ¡s -- What is life but a sexually transmitted disease with a 100% mortality rate?