Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-08-15 at 16:31 -0700, Chris Gianelloni wrote: On Wed, 2007-08-15 at 14:10 +0100, Roy Marples wrote: At this point, the process freezes for a LONG time that can't be interupted because as the cable has already been unplugged it can't unmount (if anyone knows how to actually return ASAP I'd like to know that too). umount -l Didn't actually solve what I was seeing - had no visible effect. That was a few months ago, maybe I should try again. The problem that I see here is that most sane people don't allow sshd and other services to listen on * and instead force them to listen on the proper interface/IP address. With this, I would end up with sshd not starting on my remote servers after a reboot, causing me to have to call the data center and get some remote hands on my box. Something I hate to do. Trust me. I'd blame you. :P So in other words you should be putting this in /etc/conf.d/sshd RC_NEED=net.eth1 Or the interface that defines the address that sshd binds to. Thanks Roy -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-08-15 at 16:34 -0700, Chris Gianelloni wrote: I would expect it to act like any other Linux box and get a new address via dhcp, or, if I wasn't using dhcp, sit on the old address, even though it is now incorrect, until I changed it. A netplug event should trigger dhcp events, but not necessarily the services all dropping. After all, I've seen netplug do some funny things, like false positives on disconnection and such. I'd much rather my connection drop for a second and come back up, so all my packets can simply retransmit and everything continues, than have the services also decide to go down and refuse to resume any open connections when the connection comes back up. TCP has retransmission for a reason. Let's not break it if we don't have to do so. A vote for NO then? Thanks Roy -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Thu, 2007-08-16 at 07:24 +0100, Roy Marples wrote: The problem that I see here is that most sane people don't allow sshd and other services to listen on * and instead force them to listen on the proper interface/IP address. With this, I would end up with sshd not starting on my remote servers after a reboot, causing me to have to call the data center and get some remote hands on my box. Something I hate to do. Trust me. I'd blame you. :P So in other words you should be putting this in /etc/conf.d/sshd RC_NEED=net.eth1 That works for me. I guess my main concern is that when we change functionality that people depend on in our most core of packages, we need to make damn sure people are aware of any changes. Might I suggest you start writing up an article now for when this thing eventually goes for stabilization. I'd like something a few pages long, since I would post it on the front page *and* the GWN (and announce, and dev-announce, and user... and...) to make sure we catch as many people as we possibly can as a change like this can either be a great triumph for Gentoo or a complete an utter failure, putting egg on our faces for months or possibly even years to come. We do a good enough job of making ourselves look bad. This is a case where we can be surer things will go smoothly, it will just take some cooperation and work. Let me know if there is anything that I can do to help. -- Chris Gianelloni Release Engineering Strategic Lead Alpha/AMD64/x86 Architecture Teams Games Developer/Council Member/Foundation Trustee Gentoo Foundation signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Thu, 2007-08-16 at 07:25 +0100, Roy Marples wrote: On Wed, 2007-08-15 at 16:34 -0700, Chris Gianelloni wrote: I would expect it to act like any other Linux box and get a new address via dhcp, or, if I wasn't using dhcp, sit on the old address, even though it is now incorrect, until I changed it. A netplug event should trigger dhcp events, but not necessarily the services all dropping. After all, I've seen netplug do some funny things, like false positives on disconnection and such. I'd much rather my connection drop for a second and come back up, so all my packets can simply retransmit and everything continues, than have the services also decide to go down and refuse to resume any open connections when the connection comes back up. TCP has retransmission for a reason. Let's not break it if we don't have to do so. A vote for NO then? Yes, a vote for NO from me for the reasons stated above. -- Chris Gianelloni Release Engineering Strategic Lead Alpha/AMD64/x86 Architecture Teams Games Developer/Council Member/Foundation Trustee Gentoo Foundation signature.asc Description: This is a digitally signed message part
[gentoo-dev] Should hotplugged services affect dependencies by default?
OK, so whilst we're gearing up for hopefully the last baselayout-2 release candidate I thought I would pose to the list a question I've been struggling with for some time. Should hotplugged services affect dependencies by default? (Note, this is not about enabling hotplugged services by default which is another topic for debate. Want to talk about that, start a new thread - but save your breath as I have a laptop and think hotplugging is good :P) By default we've always been YES. But I'm starting now that this should be NO. Rationale for NO Services like openvpn, ssh, dns, etc don't actually care about specific interfaces or addresses as such as they just bind to *. dns may infact be configured to use a resolver that isn't libc so it should be active anway. If say you have nfs mounts, one network cable and then unplug the cable you get this :- netplug calls net.eth0 stop net.eth0 stop calls netmount stop netmount stop tries to unmount the nfs mounts At this point, the process freezes for a LONG time that can't be interupted because as the cable has already been unplugged it can't unmount (if anyone knows how to actually return ASAP I'd like to know that too). With the default to NO the act of pulling the cable simply stops net.eth0 and the services stay up and things continue nicely. For baselayout-1 users, this is the equivalent of having RC_STRICT_NET_CHECKING=lo which a lot of people I've been talking to recently have asked where it is in baselayout-2 Rationale for YES We should only start services like openvpn, ssh, dns, etc when we have a working network devices aside from the loopback. This is the nearest we get to the default baselayout-1 option for RC_STRICT_NET_CHECKING=no Thanks Roy -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
I suppose I should mention that the setting in baselayout-2 I'm talking about is RC_DEPEND_STRICT if you want to toggle it to see. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-15-08 at 14:10 +0100, Roy Marples wrote: OK, so whilst we're gearing up for hopefully the last baselayout-2 release candidate I thought I would pose to the list a question I've been struggling with for some time. Should hotplugged services affect dependencies by default? (Note, this is not about enabling hotplugged services by default which is another topic for debate. Want to talk about that, start a new thread - but save your breath as I have a laptop and think hotplugging is good :P) By default we've always been YES. But I'm starting now that this should be NO. I believe services that don't bind to a specific address should probably only depend on net.lo, not net. So then we separate this that really need the network (and probably only a specific interface and then the user should modify the script to depend on that interface) and those that use the network, but don't really need it (like sshd, etc). That said, I now use networkmanager (to be able to easily select wifi networks), I don't know how integrated into the whole baselayout-2. -- Olivier Crête [EMAIL PROTECTED] Gentoo Developer signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-08-15 at 10:09 -0400, Olivier Crête wrote: I believe services that don't bind to a specific address should probably only depend on net.lo, not net. Well, they can actually depend on a specific net service too. For example, I have this on my home server in /etc/conf.d/lighttpd RC_NEED=net.vpn You can add those RC_NEED/USE/AFTER/BEFORE directives to any conf.d/ file and it will append to the stuff in the init script. Thanks Roy -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-15-08 at 15:02 +0100, Roy Marples wrote: On Wed, 2007-08-15 at 10:09 -0400, Olivier Crête wrote: I believe services that don't bind to a specific address should probably only depend on net.lo, not net. Well, they can actually depend on a specific net service too. For example, I have this on my home server in /etc/conf.d/lighttpd RC_NEED=net.vpn You can add those RC_NEED/USE/AFTER/BEFORE directives to any conf.d/ file and it will append to the stuff in the init script. If you can do that, then well, everything else should just depend on net.lo (and not wait for service plugging then). -- Olivier Crête [EMAIL PROTECTED] Gentoo Developer signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
Roy Marples [EMAIL PROTECTED] writes: If say you have nfs mounts, one network cable and then unplug the cable you get this :- netplug calls net.eth0 stop net.eth0 stop calls netmount stop netmount stop tries to unmount the nfs mounts At this point, the process freezes for a LONG time that can't be interupted because as the cable has already been unplugged it can't unmount (if anyone knows how to actually return ASAP I'd like to know that too). With the default to NO the act of pulling the cable simply stops net.eth0 and the services stay up and things continue nicely. To avoid that problem, do not stop net.ethN when the cable is pulled. When the cable is re-inserted then (if it has not been left disconnected for too long) if the services have not stopped, TCP sessions may still be active. If the user manually stops an interface, by all means stop the services depending on it but (a) Do not make the interface stop automatically when the cable is disconnected, (b) It would be nice if there was a single command which could restart all the dependencies which were stopped. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-08-15 at 17:07 +0100, Graham Murray wrote: To avoid that problem, do not stop net.ethN when the cable is pulled. When the cable is re-inserted then (if it has not been left disconnected for too long) if the services have not stopped, TCP sessions may still be active. So what do you think would happen if I unplug cable A and plug in cable B? Both are on separate networks. Thanks Roy -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wednesday 15 Aug 2007, Roy Marples wrote: If say you have nfs mounts, one network cable and then unplug the cable you get this :- netplug calls net.eth0 stop net.eth0 stop calls netmount stop netmount stop tries to unmount the nfs mounts Perhaps it should be seen the other way round... It's netmount who doesn't like to depend strictly when net.eth0 comes down. If you change networks by changing the cable from network A to network B, then you should do a netmount restart, as netmount would require you to do so. For other services, the dependency is respected. Bottom line, the initscript itself could decide to fulfill the dependency (start/stop), not the framework (baselayout itself). We should only start services like openvpn, ssh, dns, etc when we have a working network devices aside from the loopback. It would work as expected... Arturo -- [EMAIL PROTECTED] mailing list
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-08-15 at 14:10 +0100, Roy Marples wrote: At this point, the process freezes for a LONG time that can't be interupted because as the cable has already been unplugged it can't unmount (if anyone knows how to actually return ASAP I'd like to know that too). umount -l The problem that I see here is that most sane people don't allow sshd and other services to listen on * and instead force them to listen on the proper interface/IP address. With this, I would end up with sshd not starting on my remote servers after a reboot, causing me to have to call the data center and get some remote hands on my box. Something I hate to do. Trust me. I'd blame you. :P -- Chris Gianelloni Release Engineering Strategic Lead Alpha/AMD64/x86 Architecture Teams Games Developer/Council Member/Foundation Trustee Gentoo Foundation signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] Should hotplugged services affect dependencies by default?
On Wed, 2007-08-15 at 17:34 +0100, Roy Marples wrote: On Wed, 2007-08-15 at 17:07 +0100, Graham Murray wrote: To avoid that problem, do not stop net.ethN when the cable is pulled. When the cable is re-inserted then (if it has not been left disconnected for too long) if the services have not stopped, TCP sessions may still be active. So what do you think would happen if I unplug cable A and plug in cable B? Both are on separate networks. I would expect it to act like any other Linux box and get a new address via dhcp, or, if I wasn't using dhcp, sit on the old address, even though it is now incorrect, until I changed it. A netplug event should trigger dhcp events, but not necessarily the services all dropping. After all, I've seen netplug do some funny things, like false positives on disconnection and such. I'd much rather my connection drop for a second and come back up, so all my packets can simply retransmit and everything continues, than have the services also decide to go down and refuse to resume any open connections when the connection comes back up. TCP has retransmission for a reason. Let's not break it if we don't have to do so. -- Chris Gianelloni Release Engineering Strategic Lead Alpha/AMD64/x86 Architecture Teams Games Developer/Council Member/Foundation Trustee Gentoo Foundation signature.asc Description: This is a digitally signed message part
