From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-54163-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id E1370138010
	for <garchives@archives.gentoo.org>; Sat, 25 Aug 2012 03:58:39 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 7D52AE01F1;
	Sat, 25 Aug 2012 03:58:19 +0000 (UTC)
Received: from mail-ob0-f181.google.com (mail-ob0-f181.google.com [209.85.214.181])
	by pigeon.gentoo.org (Postfix) with ESMTP id E2F9CE0123
	for <gentoo-dev@lists.gentoo.org>; Sat, 25 Aug 2012 03:57:29 +0000 (UTC)
Received: by obbwd18 with SMTP id wd18so2663211obb.40
        for <gentoo-dev@lists.gentoo.org>; Fri, 24 Aug 2012 20:57:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=sender:date:from:to:subject:message-id:mail-followup-to:references
         :mime-version:content-type:content-disposition:in-reply-to
         :user-agent;
        bh=rAtSiwL2Bm/fKC6+J/8NFUPN9gcN9yGSR5yC2XnrcNA=;
        b=xBoStyAqC/rauWPg3HswC+/S4mv1HNmoLXonwUxZGzGITJ0515NYasxDuqPnfoLr9l
         LlQ4t4XLFA5feh3QkmC+5AYG5ovkGQAYEm16YgDKRdJTOmmJQSrpICkOiyXqXMH6q7BE
         06FbGDqCRQpuSvtSXDpL0YS1XM9tZogcNdoQdfwzARYNsbieYx9O6/milw2paZxTg4SR
         WKR/dQF3tWks1qsXjKi7Erc4ZYEX9BGJEZCLL44OvMqm6Hzq91FmGa0hS7ZXjTbgocrz
         GmSZxnBOI9B3CHQhmcDtvtFq6RqCefn+4NFuGlhg7hsjYqmnpnByXffy5cHsO8bK7aR7
         +EQw==
Received: by 10.60.20.74 with SMTP id l10mr5538295oee.19.1345867049281;
        Fri, 24 Aug 2012 20:57:29 -0700 (PDT)
Received: from linux1 (cpe-76-187-95-170.tx.res.rr.com. [76.187.95.170])
        by mx.google.com with ESMTPS id i2sm11018015obn.19.2012.08.24.20.57.26
        (version=SSLv3 cipher=OTHER);
        Fri, 24 Aug 2012 20:57:28 -0700 (PDT)
Sender: William Hubbs <w.d.hubbs@gmail.com>
Received: by linux1 (sSMTP sendmail emulation); Fri, 24 Aug 2012 22:57:26 -0500
Date: Fri, 24 Aug 2012 22:57:26 -0500
From: William Hubbs <williamh@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] rfc: OpenRC network provides revisited
Message-ID: <20120825035726.GA2354@linux1>
Mail-Followup-To: gentoo-dev@lists.gentoo.org
References: <20120824171010.GA27765@linux1>
 <86y5l3vrpw.fsf@gentoo.org>
 <20120824234820.GA1944@linux1>
 <503828C7.6000607@gentoo.org>
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="FCuugMFkClbJLl1L"
Content-Disposition: inline
In-Reply-To: <503828C7.6000607@gentoo.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Archives-Salt: 81abf2d0-b0da-4c27-b043-82bf7062ca52
X-Archives-Hash: 8ff3fb54cbb8d71b54d51a91c3960abf


--FCuugMFkClbJLl1L
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Fri, Aug 24, 2012 at 09:22:15PM -0400, Ian Stakenvicius wrote:
> I think this may again come down to the meaning of "net" -- in the
> case where rc_depend_strict="no" then "net" just means that the
> network interface infrastructure is up and running (ie net.lo); this
> should be true and imo is required for something like ssh.  When "net"
> goes beyond that and includes other interfaces (ie,
> rc_depend_strict="yes") then the 'need net' might be a bit strict; on
> the other hand if a user has things set up that way then it may very
> well be for a reason (for instance, I tend to prefer that sshd is
> started after my hotplugged iface is up and likewise goes down when
> that iface disappears.  I don't see that happening with a "use net"
> case when compared against a "need net".

We decided in a previous thread on this list that net.lo should not
provide net, and that is how it is set up in ~arch openrc. The part I
forgot to change is the network script.

We decided that the only things that provide net should be the
interfaces that support remote connections (e.g. anything besides the
loopback).

Also, consider a system where root is nfs mounted or a linux container.
If you are running services that "need net" and you have turned off all
of the "net" providers by adding something like rc_provide="!net" to
their conf.d files, the services that need net will fail hard even
though they shouldn't.

To handle your sshd case, you could always put

rc_need="net"

or, even better,

rc_need="net.iface"

in your /etc/conf.d/sshd file.

Thoughts?

William


--FCuugMFkClbJLl1L
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iEYEARECAAYFAlA4TSYACgkQblQW9DDEZThEIgCfWwgIxQrYn/DNvJiwTbrzUsbW
+QQAn0yEJmgbq+7uDnHw2oRdaUJtYE1G
=XUm3
-----END PGP SIGNATURE-----

--FCuugMFkClbJLl1L--