From: William Hubbs <williamh@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] rfc: OpenRC network provides revisited
Date: Fri, 24 Aug 2012 22:57:26 -0500 [thread overview]
Message-ID: <20120825035726.GA2354@linux1> (raw)
In-Reply-To: <503828C7.6000607@gentoo.org>
[-- Attachment #1: Type: text/plain, Size: 1576 bytes --]
On Fri, Aug 24, 2012 at 09:22:15PM -0400, Ian Stakenvicius wrote:
> I think this may again come down to the meaning of "net" -- in the
> case where rc_depend_strict="no" then "net" just means that the
> network interface infrastructure is up and running (ie net.lo); this
> should be true and imo is required for something like ssh. When "net"
> goes beyond that and includes other interfaces (ie,
> rc_depend_strict="yes") then the 'need net' might be a bit strict; on
> the other hand if a user has things set up that way then it may very
> well be for a reason (for instance, I tend to prefer that sshd is
> started after my hotplugged iface is up and likewise goes down when
> that iface disappears. I don't see that happening with a "use net"
> case when compared against a "need net".
We decided in a previous thread on this list that net.lo should not
provide net, and that is how it is set up in ~arch openrc. The part I
forgot to change is the network script.
We decided that the only things that provide net should be the
interfaces that support remote connections (e.g. anything besides the
loopback).
Also, consider a system where root is nfs mounted or a linux container.
If you are running services that "need net" and you have turned off all
of the "net" providers by adding something like rc_provide="!net" to
their conf.d files, the services that need net will fail hard even
though they shouldn't.
To handle your sshd case, you could always put
rc_need="net"
or, even better,
rc_need="net.iface"
in your /etc/conf.d/sshd file.
Thoughts?
William
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2012-08-25 3:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-24 17:10 [gentoo-dev] rfc: OpenRC network provides revisited William Hubbs
2012-08-24 17:50 ` Alexandre Rostovtsev
2012-08-24 19:58 ` William Hubbs
2012-08-24 21:01 ` Diego Elio Pettenò
2012-08-24 22:19 ` heroxbd
2012-08-25 1:17 ` Ian Stakenvicius
2012-08-25 5:14 ` [gentoo-dev] " Duncan
2012-08-24 22:40 ` [gentoo-dev] " heroxbd
2012-08-24 23:48 ` William Hubbs
2012-08-25 1:22 ` Ian Stakenvicius
2012-08-25 3:57 ` William Hubbs [this message]
2012-08-25 4:14 ` Diego Elio Pettenò
2012-08-25 6:19 ` heroxbd
2012-08-25 15:53 ` William Hubbs
2012-08-25 18:49 ` Ian Stakenvicius
2012-08-25 20:16 ` William Hubbs
2012-08-27 12:42 ` Ian Stakenvicius
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120825035726.GA2354@linux1 \
--to=williamh@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox