Re: design of process #1 programs

2014-10-24 Thread Jonathan de Boyne Pollard 

The Wanderer:

At a glance at the sysvinit source, it doesn't look to me like
/sbin/init itself does service management, in the starting, stopping
and monitoring services form; at most, it seems to handle some subset
of the monitoring part, in the form of noticing when something has
died abnormally. (Which goes well beyond just services, when necessary.)


I see that Russ Allbery has already addressed the error here.

The Wanderer:

If that's correct, and if the systemd PID 1 binary handles service
management, then that's something it's doing which the init daemon
itself has not traditionally done. Which doesn't automatically mean that
it shouldn't, but which does seem to eliminate the argument that it
only does what [the init daemon is] supposed to do.


Notions of what process #1 is supposed to do are by their natures 
subjective.  A meaningful objective design criterion is what process #1 
at minimum _must_ do.  The kernel imposes several requirements on it.  
And there are always some operating-system-specific things of various 
kinds that it has to do. When it comes to what process #1 has 
_traditionally_ done, then we are not at that minimum and never really 
have been.


Sadly, tradition usually isn't what people say it to be, moreover. Too 
many people (a) think that the world begins and ends with Linux, (b) 
have little knowledge of history, or (c) get rc and init mixed up.  For 
example:  System 5 init and System 5 rc date to System 5, which was 
almost as far after the first UNIX as we are now (say) after the first 
version of Linux-Mandrake.  1st Edition UNIX only had init.  It did not 
have rc.  The 1st Edition assembly language init spawned and respawned 
12 getty processes, mounted 3 hardwired filesystems, and directly ran a 
program from the home directory of a user named mel.  The getty table 
was directly in the program image.


The Wanderer:

Looking at the sysvinit source for this, and thinking about the
differences in relation to systemd, has led me to come up with some
ideas in regard to possible init-system-et-al. design which I think may
be interesting enough to be worth pursuing or at least discussing.


Really, if that's all that you've read, you have a lot more to read.  
System V init/rc and systemd don't even cover half of what there is to 
know.  There's been a lot of work in the area of init system design (for 
Linux and the BSDs) that has happened in the past two decades alone.  
All sorts of engineering decisions have been discussed, made, designed, 
and implemented.


These include: a more human-readable configuration file for init 
(http://troglobit.com/finit.html); filesystem-is-the-database 
configuration, small memory footprints, and start/stop dependencies 
(http://www.fefe.de/minit/); dependencies, named targets, multiple 
configuration files, and a more flexible configuration syntax with a 
whole load more settings for child processes (http://initng.org/); 
pushing all of the service management out including even the getty 
spawning and zombie reaping, and just handling operating-system-specific 
API devices/symlinks/directories and system events 
(http://homepage.ntlworld.com./jonathan.deboynepollard/Softwares/nosh.html); 
and the just spawn four shell scripts approach (http://smarden.org/runit/).


About 10 years ago, there was discussion amongst daemontools users and 
others of using svscan as process #1, which led to projects like Paul 
Jarc's http://code.dogmap.org/svscan-1/ , Gerrit Pape's 
http://smarden.org/pape/djb/daemontools/noinit.html , and Laurent 
Bercot's http://skarnet.org/software/s6/s6-svscan-1.html .


And that's just the process #1 parts.


--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/544a8cdd.9070...@ntlworld.com

Re: design of process #1 programs

2014-10-24 Thread Jonathan de Boyne Pollard 

The Wanderer:

That isn't all you gain by it;  you also gain the benefit of being

 able to use these features no matter which init system you're
 running. Which in turn helps avoid lock-in, and enable easier testing
 of (or migration to) alternatives, and prevent user surprise, and so
 forth.

Gunnar Wolf:

Yes. But it would end up  finally boiling up to having your favorite

 init spawning nothing but this newfangled ultra-process-supervisor,
 which would then start monitoring everything. That is, you'd have
 whateverinit spawn a PID 2 process, which would... Perform precisely
 systemd's tasks.

Not in fact correct.  Apart from the fact that things that already 
existed 15 years ago (namely the process supervisors that are being 
discussed) are not really newfangled or in any way hypothetical, there 
are things that process #1 must do throughout the life of the system, 
and they do not move into a child process even if daemon/service 
supervision is not done in process #1.


It's often said that process #1 is the reaper of parentless terminated 
processes.  In fact, thanks to things that really are newfangled, 
that's not really a major specific process #1 task any more.  
Ironically, it's one of the things that can move out of process #1, 
contrary to received wisdom.  systemd and upstart make use of the Linux 
kernel's new (just under 3 years old) ability to set subreapers.  
One only sees the effects of this with user service managers, because 
the system ones are still process #1. The effects are that a process 
other than process #1 can now have the task of reaping parentless 
terminated processes in its part of the process subtree.


What does remain in process #1, in contrast, is system management and 
basic initialization of API devices, directories, and symbolic links.  
The API stuff is reasonably well known.  Even BSD init mounts things 
in process #1.  The system management should be, too. There's a whole 
load of signals that other programs expect to be able to send off to 
process #1 to initiate various system state changes.  The kernel sends 
several signals to process #1, too, including SIGINT and SINWINCH.  None 
of this stuff can move out of process #1.


In a further irony, systemd has already moved one thing out of process 
#1 that is done in process #1 by System 5 init: the initctl socket.  
This is managed completely outwith process #1 by a compatibility shim in 
systemd.  Of course, systemd replaces it with a internal, not 
guaranteed, D-Bus transported systemd process API; which is part of 
the hoo-hah around systemd-shim.  But asking whether that would be done 
outwith process #1 is making the mistake of thinking that it's the right 
API to be implementing in such a system in the first place; and the API 
that is the right one to implement isn't provided by process #1 in the 
systemd package anyway.


* 
http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/debian-systemd-packaging-hoo-hah.html#systemd-shim



--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/544a9c31.9010...@ntlworld.com