openrc-discuss

Am Mittwoch 02 Dezember 2009 20:16:42 schrieb Roy Marples:
> On Tuesday 01 December 2009 18:55:43 Hugo Mildenberger wrote:
> > Sorry for not using bugs.marples.name as you indicated in your Readme file,
> > but the name currently does not resolve. Similarily, your site does not
> > indicate how to file a bug report (do I need an OpenID for doing that?)
> 
> Fixed the README.
> You currently need OpenID, but I am evaluating moving all my projects into 
> Redmine as I've been suffering from a long problem with trac and pooled DB 
> connections not closing properly which my server is now struggling with.
> 
> > I would like to know if there is a runscript interface providing a service
> > dependency list for a virtual service, which could be used from within an
> >  init script.
> > 
> > Actually, you could call any script residing in /etc/init.d with parameters
> > like "iuse", "ineed", "ibefore" and so on, but you can't do that for
> >  virtual services like "net" or "logger".
> > 
> > Having such an interface available is of some interest with regard to
> >  firewall init scripts. E.g., one would  prefer not to use a "logger"
> >  prerequisite, if the  "logger" implementation actually depends on "net",
> >  or at least issue a strong warning about a likely misconfiguration.
> > 
> > Alternatively, perhaps one could already test for named virtual
> >  dependencies?
> 
> We could add a --provides net feature to rc-status.
> If I forget, open a bug :)

Roy, may I remind :-) you to get rid of OpenID? 

> 
> However, you should remember that provided services are not always fixed and 
> depend on the current state of the system, hence the option being against
> rc-status.

I should have explained the root of the problem more clearly: runscript currently does 
not handle contradictory dependencies consistently. E.g., Gentoo's shorewall rc 
script should contain a "before net" dependency (it still does not). But it also contains 
a dependency on a "logger" (or ulogd) service, which itself may add a "need net" 
dependency, depending on the local configuration of the logging service.

A test with runscript from openrc-0.5.3 showed that runscript takes in account only 
the last dependency instruction. If the depend()  function contains "before net" 
immediately followed by "after net" instruction, the service would be always started 
after net, and one does not even get a warning about this. runscript isn't excactly 
wrong here. But normally you don't want a firewall to be started after the network, 
especially if you thought to have told  openrc explicitely to run the associated scripts 
the other way round.  

Here is a related Gentoo Bug: http://bugs.gentoo.org/show_bug.cgi?id=288992

Best

Hugo