Lily Li writes: > James Carlson wrote: > > However, I do think it requires some thought. I don't agree that > > invoking the shmux "-p" option should require any special work on the > > user's part, nor do I agree that it ought to require any elevated > > privileges. > > > > > I know you want to see, ordinary user can use shmux '-p' without any > those error output caused by fping. > > So I have a question: fping cannot used by ordinary user if he/she is > not granted needed privilege, what's the worth of integrating fping to > solaris since we have ping already?
I think you're asking a great question. We made fping a "special" utility on OpenSolaris because it has options that allow pinging at a high data rate and over large numbers of hosts. There are several possible issues here: - Maybe our earlier decision about fping was wrong, and this utility is _right_ to use it. - Maybe this utility shouldn't be using fping like this and should instead be running independent short timers for pinging each host. (Using fping to ping them all means that you'll block as long as it takes to discover that the last one is down.) - Maybe it just shouldn't do anything like ping at all, and should use the connect() timers as we've suggested. My guess is the third one's correct: the use of ping here is just a hack, and isn't right. > > - The project team determines that the "-p" option doesn't actually > > do anything useful in real networks, and thus it's just removed. > > > > > - What's your "The project team" meant? project team for shmux? It means you and whoever you might be working with, perhaps including the upstream provider of the source. It's an ARC expression: it means "the team of people (perhaps just one) working on this project." > As a > package porting task in Solaris QE, I selected shmux to port, so > basically, I am the only one member of "The project team". OK. > - Checking with the source codes of shmux-1.0.2, the main purpose of > '-p' is to check if the target is alive within a shorter timer, see the > manpage info below. > > Before executing the specified /command/, *shmux* will option? > ally ping each target to ensure that it can be reached, > and/or run a dummy test /command/ to make sure that the tar? > get not only is alive, but that it is possible to cleanly > execute a command on it. Both these tests are typically > run with a fairly short timeout to quickly dismiss > unavailable targets rather than waiting for the standard > (longer) network timeout. Right. And what if that design is wrong (for all systems that use TCP/IP) and just plain conflicts with the security constraints for fping (for OpenSolaris)? -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
