Re: Journey to s6-svscan as PID 1 on FreeBSD (almost there)

2021-04-08 Thread Dewayne Geraghty
On 9/04/2021 4:29 am, Crest wrote:

> There is a cleaner solution. I prefer to set the init_path kernel env
> var in /boot/loader.conf and prepend the s6 stage1 script to the normal
> search path. That way the kernel starts my execline script as PID 1 and
> if I mess it I just have to clear the variable from the loader prompt.

Thank-you for the reminder, I'd forgotten about kern.init_path.
Though in both cases its really a matter of changing a variable after
the loader has completed its chores (For non-FreeBSDers, there are two
points where a boot can be interrupted prior to the kernel starting)

I use both init_script to establish all the prerequisite stuff, check
boot device, enable MAC(biba), enable firewall, start network, start
ssh, create logging environment; then handoff to s6-svscan, via
init_exec.  Yes it could be done in one script which init_path points
to, and I agree that would be cleaner.  But the prerequisite stuff
really needs a sh, and I like execlineb doing its redirection prep and
handing off to s6-svscan :)


Re: Journey to s6-svscan as PID 1 on FreeBSD (almost there)

2021-04-08 Thread Crest

On 08.04.21 15:15, Dewayne Geraghty wrote:

First we started with the documented approach of appending to /etc/ttys
"" "/usr/local/bin/s6-svscan /run/scan""" on

Which worked nicely under FreeBSD's /sbin/init.

Then we added to loader.conf an init_script which is invoked via
/sbin/init.  This also
worked well, but init remained as pid 1.  The init_script variable is
defined in /boot/loader.conf, in my case as:
init_script="/root/bin/init_script.sh
/sbin/init calls "init_script"

This ran nicely, but still under init as pid=1.

Finally I sucked up the courage and defined in /boot/loader.conf
init_exec=/root/bin/init_exec.sh
which contains
#!/usr/local/bin/execlineb -S0
redirfd -wnb 1 /m/fifo/catch_all
redirfd -r - /dev/null
fdmove -c 2 1
exec -c /sbin/s6/svscan -t 0 -s /s/scan

And finally /sbin/s6-svscan runs as pid 1.
There is a cleaner solution. I prefer to set the init_path kernel env 
var in /boot/loader.conf and prepend the s6 stage1 script to the normal 
search path. That way the kernel starts my execline script as PID 1 and 
if I mess it I just have to clear the variable from the loader prompt.


Re: Journey to s6-svscan as PID 1 on FreeBSD (almost there)

2021-04-08 Thread Laurent Bercot

Finally I sucked up the courage and defined in /boot/loader.conf
init_exec=/root/bin/init_exec.sh
which contains
#!/usr/local/bin/execlineb -S0
redirfd -wnb 1 /m/fifo/catch_all
redirfd -r - /dev/null
fdmove -c 2 1
exec -c /sbin/s6/svscan -t 0 -s /s/scan

And finally /sbin/s6-svscan runs as pid 1.


 That's awesome! So, if I understand correctly:

 - /sbin/init is still the first program loaded by the kernel, it's
the stock FreeBSD thing that performs FreeBSD-specific setups
 - if there is an init_exec entry in /boot/loader.conf, /sbin/init
execs into its value, which allows you to run a different pid 1
for the lifetime of the machine.

 If that's really how it works, it's incredibly good, and would make
s6-freebsd-init a breeze to write.
 The necessary modifications to turn s6-linux-init into s6-freebsd-init
would just be:

 - Comment out kbspecials() and its invocations:
https://github.com/skarnet/s6-linux-init/blob/master/src/init/s6-linux-init.c#L70
(does FreeBSD's /sbin/init set up CAD handling and other related
console things?)
 - Port the mount() and umount() invocations, replacing mount with the
correct FreeBSD way of mounting a tmpfs:
https://github.com/skarnet/s6-linux-init/blob/master/src/init/s6-linux-init.c#L209
 - Port the final reboot() call:
https://github.com/skarnet/s6-linux-init/blob/master/src/shutdown/s6-linux-init-hpr.c#L81

 and all the rest should work as is. It's a game-changer.



foreground { /sbin/shutdown -o -r now }  # this invokes reboot rather
than send a signal to init.

I'd greatly appreciate advice as to completing a clean shutdown?


 My current approach is, indeed, to keep s6-svscan running as pid 1,
without making it exec into anything else, for the whole lifetime of
the machine, shutdown procedure included. So yes, for a clean
shutdown, you'd just make sure to kill all processes, then unmount
filesystems (and remount / read-only), then invoke reboot/poweroff
directly. That is how the current s6-linux-init works; I don't see a
reason why it shouldn't work on FreeBSD.



PS This journey commenced with the simple wish to safely rotate apache
logs, now I'm hooked on s6-rc (and the peace of mind it brings)


 Glad you like it :)

--
 Laurent