From: Alan McKinnon <alan.mckinnon@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Debian just voted in systemd for default init system in jessie
Date: Tue, 18 Feb 2014 13:17:39 +0200 [thread overview]
Message-ID: <53034153.5080408@gmail.com> (raw)
In-Reply-To: <a58d0b486c64a84242b238228dac2ebe.squirrel@www.antarean.org>
On 18/02/2014 11:52, J. Roeleveld wrote:
> On Tue, February 18, 2014 10:47, Alan McKinnon wrote:
>> On 18/02/2014 05:46, Mark David Dumlao wrote:
>>> I used to use cherokee. Fast, light, awesome, and with a web admin.
>>> The init script always failed me. /etc/init.d/cherokee stop was not a
>>> guaranteed stop to all forked cherokee processes - the parent pid
>>> dies, but some forked process or something, usually related to
>>> rrdtool, doesn't. Or the parent does exit and erases the pid file but
>>> it returns control immediately and its not yet done exiting. Something
>>> like that or other. Point is, I've several times had to ps aux|grep
>>> ... kill; zap; start - on production servers.
>>
>>
>> Valid point. Other than vixie-cron (damn thing just never seems to die
>> properly on any platform so restarts always fail) I don't really run
>> into these issues
>
> Interesting, I have never had issues with restarting vixie-cron using the
> supplied init-scripts.
>
>> What I do run into is daemons that drop privs on start up, like
>> tac_plus. Unwary new sysadmins always try start/stop it as root, causing
>> an unholy mess. Root the owns the log and pid files, when tac_plus drops
>> privs it can't record it's state so continues to service requests but
>> fails to log any of them. For an auth daemon, that's a serious issue.
>
> Shouldn't sysadmins use the init-scripts for that?
> If done correctly, permissions should not be an issue.
It's a little more complex than just that. It's an auth service and user
are frequently added, removed and modified. The daemon does syntax
checking on it's config file at startup or after being HUP'ed but that
only finds static errors. It catches things like adding people to a grop
instead of to a group, but misses dynamic mistakes like adding users to
groups that don't exist.
It's exactly analogous to compile-time vs runtime errors, compilers
can't catch the latter.
Despite this all being run out of cron with wrapper scripts to check
validity, automated additions and safety checks between all three
daemons, plus being fully documented on the internal wiki and in bold
blinking red caps in the login motd, people still find ways to do stuff
things in an attempt to fix it.
The daemon also tries to log these errors, by writing to a log file it
has no write permissions on.
There is nothing I can do about the quality of sysadmins, I have no
input into the HR process and damagement think cheaper is always better,
including skills. What I can do, is find ways to make the software more
resistant to errors than it already is.
>
> Restarting services without keeping file ownership into account will
> always cause issues. Regardless of the init-system used.
>
> And tac_plus not checking if it is allowed to write to the log during the
> initialization phase should be considered a bug.
>
> --
> Joost
>
>
>
>
--
Alan McKinnon
alan.mckinnon@gmail.com
next prev parent reply other threads:[~2014-02-18 11:18 UTC|newest]
Thread overview: 314+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-15 15:16 [gentoo-user] Debian just voted in systemd for default init system in jessie Tanstaafl
2014-02-15 17:01 ` Tanstaafl
2014-02-15 17:32 ` Canek Peláez Valdés
2014-02-15 20:23 ` Mick
2014-02-15 20:32 ` Canek Peláez Valdés
2014-02-15 20:34 ` Daniel Campbell
2014-02-15 20:46 ` [gentoo-user] " eroen
2014-02-15 20:47 ` [gentoo-user] " Canek Peláez Valdés
2014-02-16 15:46 ` Tanstaafl
2014-02-16 16:41 ` Alan McKinnon
2014-02-16 18:11 ` Samuli Suominen
2014-02-16 21:28 ` Alan McKinnon
2014-02-17 5:22 ` Samuli Suominen
2014-02-17 16:52 ` [gentoo-user] " »Q«
2014-02-17 15:29 ` [gentoo-user] " Stroller
2014-02-17 19:53 ` Alan McKinnon
2014-02-18 3:46 ` Mark David Dumlao
2014-02-18 9:47 ` Alan McKinnon
2014-02-18 9:52 ` J. Roeleveld
2014-02-18 11:17 ` Alan McKinnon [this message]
2014-02-18 12:16 ` J. Roeleveld
2014-02-18 23:06 ` Alan McKinnon
2014-02-19 7:07 ` J. Roeleveld
2014-02-18 11:54 ` Mark David Dumlao
2014-02-18 12:07 ` J. Roeleveld
2014-02-18 22:43 ` Alan McKinnon
2014-02-18 15:08 ` Andrew Savchenko
2014-02-16 16:50 ` Canek Peláez Valdés
2014-02-16 18:31 ` Mick
2014-02-16 19:56 ` Canek Peláez Valdés
2014-02-16 18:59 ` Volker Armin Hemmann
2014-02-16 20:08 ` Canek Peláez Valdés
2014-02-16 20:58 ` Volker Armin Hemmann
2014-02-16 21:16 ` Canek Peláez Valdés
2014-02-17 17:52 ` Andrew Savchenko
2014-02-17 19:52 ` Tanstaafl
2014-02-17 20:17 ` Andrew Savchenko
2014-02-18 11:41 ` Tanstaafl
2014-02-18 0:35 ` Canek Peláez Valdés
2014-02-18 2:05 ` Gevisz
2014-02-18 5:30 ` Canek Peláez Valdés
2014-02-18 13:56 ` Gevisz
2014-02-18 18:53 ` the
2014-02-19 10:37 ` Gevisz
2014-02-21 8:41 ` the
2014-03-20 16:39 ` Tom Wijsman
2014-02-18 17:06 ` Andrew Savchenko
2014-02-18 17:22 ` Canek Peláez Valdés
2014-02-18 18:07 ` Andrew Savchenko
2014-02-18 18:14 ` Canek Peláez Valdés
2014-02-18 18:31 ` Tanstaafl
2014-02-18 18:54 ` Canek Peláez Valdés
2014-02-18 19:09 ` Tanstaafl
2014-02-18 19:34 ` Canek Peláez Valdés
2014-02-18 21:33 ` wabenbau
2014-03-20 16:55 ` Tom Wijsman
2014-02-19 7:04 ` Daniel Campbell
2014-02-19 7:55 ` Canek Peláez Valdés
2014-02-19 9:02 ` Neil Bothwick
2014-02-19 10:34 ` Daniel Campbell
2014-02-19 10:50 ` Neil Bothwick
2014-02-19 10:54 ` Daniel Campbell
2014-02-19 20:14 ` Neil Bothwick
2014-02-19 9:06 ` Gevisz
2014-02-19 10:19 ` thegeezer
2014-02-19 12:13 ` Andrew Savchenko
2014-03-20 18:42 ` Tom Wijsman
2014-03-22 13:00 ` thegeezer
2014-03-22 13:09 ` thegeezer
2014-03-22 14:43 ` Tom Wijsman
2014-02-19 12:38 ` Tanstaafl
2014-02-20 5:43 ` Canek Peláez Valdés
2014-02-20 12:53 ` Tanstaafl
2014-02-20 15:55 ` Canek Peláez Valdés
2014-02-20 18:18 ` Tanstaafl
2014-02-20 18:36 ` Canek Peláez Valdés
2014-02-20 20:06 ` Tanstaafl
2014-02-20 21:04 ` Canek Peláez Valdés
2014-02-20 21:22 ` Tanstaafl
2014-02-20 21:38 ` Canek Peláez Valdés
2014-02-20 23:37 ` Michael Higgins
2014-02-21 0:16 ` Michael Higgins
2014-02-21 1:46 ` Canek Peláez Valdés
2014-02-21 1:40 ` Canek Peláez Valdés
2014-02-21 21:37 ` Michael Higgins
2014-02-21 22:44 ` Canek Peláez Valdés
2014-02-21 14:32 ` Providing a path for systemd on gentoo - 'profiles', or 'eselect module'? - WAS " Tanstaafl
2014-02-21 21:58 ` Neil Bothwick
2014-02-22 16:37 ` Tanstaafl
2014-02-22 17:46 ` Alan McKinnon
2014-03-20 18:57 ` Tom Wijsman
2014-03-20 20:22 ` Alan McKinnon
2014-03-20 20:33 ` Tom Wijsman
2014-03-20 21:24 ` Alan McKinnon
2014-03-20 22:55 ` Neil Bothwick
2014-02-25 10:03 ` [gentoo-user] " Nicolas Sebrecht
2014-02-26 7:16 ` Canek Peláez Valdés
2014-02-26 8:07 ` Nicolas Sebrecht
2014-03-20 19:45 ` Tom Wijsman
2014-02-21 17:33 ` [gentoo-user] " thegeezer
2014-02-21 18:07 ` Tanstaafl
2014-02-21 20:33 ` J. Roeleveld
2014-02-22 13:21 ` thegeezer
2014-02-22 13:26 ` thegeezer
2014-03-20 19:53 ` Tom Wijsman
2014-02-21 3:36 ` Mark David Dumlao
2014-02-21 4:59 ` Dale
2014-02-21 5:53 ` Andrew Savchenko
2014-03-20 20:00 ` Tom Wijsman
2014-03-20 20:27 ` Andrew Savchenko
2014-03-20 21:15 ` Tom Wijsman
2014-03-20 21:48 ` [gentoo-user] " »Q«
2014-03-21 10:37 ` Tanstaafl
2014-03-21 11:06 ` Tom Wijsman
2014-03-25 20:08 ` »Q«
2014-03-25 22:25 ` Alan McKinnon
2014-03-25 23:34 ` »Q«
2014-03-26 0:28 ` Alan McKinnon
2014-03-20 21:23 ` [gentoo-user] " Tanstaafl
2014-03-21 11:08 ` Tom Wijsman
2014-02-21 14:02 ` Tanstaafl
2014-02-21 14:28 ` Mark David Dumlao
2014-02-21 14:50 ` Tanstaafl
2014-03-20 20:14 ` Tom Wijsman
2014-03-20 21:25 ` Tanstaafl
2014-03-21 11:13 ` Tom Wijsman
2014-03-21 12:10 ` Dale
2014-03-21 12:45 ` Tom Wijsman
2014-03-21 17:41 ` Dale
2014-03-21 18:32 ` Tom Wijsman
2014-03-22 0:29 ` Dale
2014-03-25 15:38 ` [gentoo-user] " Nicolas Sebrecht
2014-03-25 15:35 ` Nicolas Sebrecht
2014-03-25 17:15 ` J. Roeleveld
2014-03-26 8:49 ` Nicolas Sebrecht
2014-03-26 9:13 ` Mark David Dumlao
2014-03-21 12:27 ` [gentoo-user] " Neil Bothwick
2014-03-21 12:49 ` Tom Wijsman
2014-03-21 13:13 ` Poison BL.
2014-03-21 13:29 ` Tom Wijsman
2014-03-21 21:57 ` Walter Dnes
2014-03-21 22:34 ` Alan McKinnon
2014-03-21 23:46 ` Tom Wijsman
2014-03-22 10:34 ` Alan McKinnon
2014-03-22 10:57 ` Matti Nykyri
2014-03-22 11:08 ` Dale
2014-03-22 12:18 ` Tom Wijsman
2014-03-22 12:15 ` Tom Wijsman
2014-03-22 12:56 ` Neil Bothwick
2014-03-22 14:50 ` Tom Wijsman
2014-03-22 15:28 ` luis jure
2014-03-22 15:38 ` Tom Wijsman
2014-03-22 15:52 ` Tom Wijsman
2014-03-22 19:45 ` Neil Bothwick
2014-03-22 13:07 ` thegeezer
2014-03-22 12:05 ` Tom Wijsman
2014-03-21 23:40 ` Tom Wijsman
2014-03-22 13:35 ` Tanstaafl
2014-03-22 15:10 ` Tom Wijsman
2014-03-22 17:24 ` Dale
2014-03-21 17:49 ` Dale
2014-03-21 17:43 ` Tanstaafl
2014-03-21 18:23 ` Dale
2014-03-21 19:58 ` Alan McKinnon
2014-03-22 0:28 ` Dale
2014-03-22 9:24 ` Mick
2014-03-22 9:52 ` Dale
2014-02-21 15:20 ` Gevisz
2014-02-21 16:05 ` [gentoo-user] " »Q«
2014-02-21 21:07 ` [gentoo-user] " Canek Peláez Valdés
2014-02-18 19:32 ` Neil Bothwick
2014-02-18 19:54 ` Canek Peláez Valdés
2014-03-21 11:18 ` Tom Wijsman
2014-03-20 16:52 ` Tom Wijsman
2014-02-18 16:43 ` Andrew Savchenko
2014-02-18 17:11 ` Gevisz
2014-02-18 17:13 ` Canek Peláez Valdés
2014-03-20 16:36 ` Tom Wijsman
2014-02-18 16:36 ` Andrew Savchenko
2014-02-18 17:12 ` Canek Peláez Valdés
2014-02-19 9:00 ` J. Roeleveld
2014-02-20 5:34 ` Canek Peláez Valdés
2014-02-21 20:14 ` J. Roeleveld
2014-02-21 22:40 ` Canek Peláez Valdés
2014-02-22 7:40 ` Mark David Dumlao
2014-02-22 10:38 ` Yuri K. Shatroff
2014-02-22 17:21 ` Stroller
2014-02-22 19:36 ` Yuri K. Shatroff
2014-02-22 20:22 ` Canek Peláez Valdés
2014-02-22 21:39 ` Yuri K. Shatroff
2014-02-22 15:28 ` Andrew Savchenko
2014-02-22 17:50 ` Canek Peláez Valdés
2014-03-20 16:24 ` Tom Wijsman
2014-02-18 9:54 ` J. Roeleveld
2014-02-18 14:37 ` Canek Peláez Valdés
2014-02-19 8:50 ` J. Roeleveld
2014-02-19 19:54 ` Sebastian Beßler
2014-02-20 5:24 ` Canek Peláez Valdés
2014-02-20 9:16 ` Yuri K. Shatroff
2014-02-20 11:33 ` [gentoo-user] " Nicolas Sebrecht
2014-02-20 11:53 ` Yuri K. Shatroff
2014-02-20 15:24 ` Alan McKinnon
2014-02-21 7:03 ` Yuri K. Shatroff
2014-02-21 8:48 ` Alan McKinnon
2014-02-21 9:59 ` Yuri K. Shatroff
2014-02-20 15:16 ` [gentoo-user] " Alan McKinnon
2014-02-21 21:03 ` J. Roeleveld
2014-02-20 15:52 ` Canek Peláez Valdés
2014-02-21 20:30 ` J. Roeleveld
2014-03-21 11:27 ` Tom Wijsman
2014-03-21 11:24 ` Tom Wijsman
2014-03-21 11:50 ` J. Roeleveld
2014-03-21 11:59 ` Tom Wijsman
2014-03-21 12:41 ` J. Roeleveld
2014-03-21 13:20 ` Tom Wijsman
2014-03-21 14:06 ` J. Roeleveld
2014-03-21 14:37 ` Tom Wijsman
2014-03-21 17:29 ` Dale
2014-02-16 19:00 ` Yuri K. Shatroff
2014-02-16 19:26 ` Mick
2014-02-16 19:55 ` Yuri K. Shatroff
2014-02-16 20:27 ` Canek Peláez Valdés
2014-02-16 20:56 ` Volker Armin Hemmann
2014-02-18 21:05 ` Sebastian Beßler
2014-02-18 21:32 ` Canek Peláez Valdés
2014-02-18 22:35 ` Alan McKinnon
2014-02-19 0:18 ` Canek Peláez Valdés
2014-02-19 12:57 ` Tanstaafl
2014-02-20 5:06 ` Mike Gilbert
2014-03-21 11:41 ` Tom Wijsman
2014-02-17 12:17 ` Tanstaafl
2014-02-17 12:24 ` Daniel Campbell
2014-02-17 15:00 ` Alan McKinnon
2014-02-17 17:13 ` Canek Peláez Valdés
2014-02-17 18:24 ` Andrew Savchenko
2014-02-18 0:49 ` Canek Peláez Valdés
2014-02-18 17:44 ` Andrew Savchenko
2014-02-18 18:09 ` Canek Peláez Valdés
2014-02-17 18:28 ` Yuri K. Shatroff
2014-02-18 1:09 ` Canek Peláez Valdés
2014-02-18 11:35 ` Andrew Savchenko
2014-02-18 15:02 ` Canek Peláez Valdés
2014-02-18 17:24 ` Yuri K. Shatroff
2014-02-18 17:46 ` Canek Peláez Valdés
2014-02-18 8:19 ` [gentoo-user] " Nicolas Sebrecht
2014-02-18 14:25 ` Canek Peláez Valdés
2014-02-18 19:24 ` gottlieb
2014-02-16 20:19 ` [gentoo-user] " Canek Peláez Valdés
2014-02-16 20:59 ` Volker Armin Hemmann
2014-02-17 7:01 ` Yuri K. Shatroff
2014-02-23 13:35 ` Mick
2014-02-23 18:18 ` Canek Peláez Valdés
2014-02-23 22:32 ` Alan McKinnon
2014-02-23 23:05 ` Canek Peláez Valdés
2014-02-23 23:12 ` Mick
2014-02-23 23:54 ` Canek Peláez Valdés
2014-02-24 20:54 ` Mick
2014-02-24 21:48 ` Canek Peláez Valdés
2014-02-24 23:15 ` Mick
2014-02-25 12:40 ` Gentoo+Gnome requires systemd, but Gnome itself does not? Why? - WAS: " Tanstaafl
2014-02-25 12:58 ` Alan McKinnon
2014-02-25 16:26 ` Canek Peláez Valdés
2014-02-24 1:07 ` Alan McKinnon
2014-02-24 2:10 ` Walter Dnes
2014-02-24 2:20 ` Canek Peláez Valdés
2014-02-24 2:49 ` Poison BL.
2014-02-24 2:30 ` Mark David Dumlao
2014-02-24 6:37 ` Yuri K. Shatroff
2014-02-24 7:11 ` Yuri K. Shatroff
2014-02-24 12:39 ` Mark David Dumlao
2014-02-24 13:42 ` Yuri K. Shatroff
2014-02-24 14:33 ` Mark David Dumlao
2014-02-24 17:42 ` Yuri K. Shatroff
2014-02-24 18:55 ` Mark David Dumlao
2014-02-24 20:13 ` Yuri K. Shatroff
2014-02-26 20:29 ` Walter Dnes
2014-02-28 6:47 ` Stroller
2014-02-28 8:05 ` Samuli Suominen
2014-02-28 13:45 ` Stroller
2014-03-01 11:29 ` Mick
2014-03-21 11:35 ` Tom Wijsman
2014-02-15 20:30 ` Daniel Campbell
2014-02-15 21:32 ` Gevisz
2014-02-16 2:09 ` [gentoo-user] " walt
2014-02-16 2:23 ` Alon Bar-Lev
2014-02-21 0:08 ` Daniel Campbell
2014-02-21 1:42 ` Canek Peláez Valdés
2014-02-21 2:39 ` Daniel Campbell
2014-02-21 2:53 ` Canek Peláez Valdés
2014-02-21 3:22 ` Daniel Campbell
2014-02-21 21:04 ` Canek Peláez Valdés
2014-02-21 13:24 ` Tanstaafl
2014-02-21 13:34 ` Daniel Campbell
2014-02-21 13:43 ` Tanstaafl
2014-02-21 13:54 ` Daniel Campbell
2014-02-21 14:03 ` Tanstaafl
2014-02-21 15:28 ` Gevisz
2014-02-21 15:56 ` OT: 'profit motive' - WAS " Tanstaafl
2014-02-21 16:23 ` hasufell
2014-02-21 16:50 ` Tanstaafl
2014-02-21 17:17 ` hasufell
2014-02-21 18:05 ` Tanstaafl
2014-02-21 19:35 ` hasufell
2014-02-21 20:02 ` Tanstaafl
2014-02-22 0:59 ` hasufell
2014-02-21 22:32 ` Gevisz
2014-02-21 22:29 ` Gevisz
2014-02-21 7:42 ` Andrew Savchenko
2014-02-21 21:32 ` Sebastian Beßler
2014-02-21 22:43 ` Canek Peláez Valdés
2014-02-26 10:05 ` Stefan G. Weichinger
2014-02-21 22:19 ` Canek Peláez Valdés
2014-02-21 13:48 ` Tanstaafl
2014-02-16 18:49 ` [gentoo-user] " Volker Armin Hemmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53034153.5080408@gmail.com \
--to=alan.mckinnon@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox