On Tue, Oct 21, 2008 at 10:53:00AM -0700, Tony Nguyen wrote:
> Slightly uncomfortable just sleeping for one second without
> >>> rechecking.
> >>>
> >> Yes, I don't like the wait myself. However, in my testing, 1 second is
> >> sufficient so if mountd hasn't come up then there maybe a problem. In
> >> the case that mountd didn't start, the /usr/lib/servinfo will not return
> >> any port so we simply don't generate any rules for mountd.
> >>
> >
> > Fair enough. Presumably SMF will restart the service in the case that
> > mountd failed anyway.
> >
> Actually, SMF would place the service in maintenance if mountd failed to
> start in which case we would remove the service's rules.
Same end result :)
>
> >>> usr/src/cmd/ipf/svc/ipfd.c
> >>>
> >>> Lines 537-543: That looks like a syslog entry that hasn't been
> >>> finished. Is this just going to write "fmri: svc://network/rpc/bind"
> >>> or whatever to a logfile? Won't that be confusing? Why not just
> >>> do nothing?
> >>>
> >> Yes, it can be removed but may serve some debugging purposes. How about
> >> something like:
> >>
> >> /*
> >> * Service, instance, or pg deleted.
> >> */
> >> syslog(LOG_DEBUG | LOG_DAEMON, "Deleted: %s", fmri);
> >>
> >
> > Both the comment and the log entry give the impression that ipfd deleted it.
> > I think you'd probably want to avoid that.
> >
> >
> Ah, I see your concern. How about being clearer that the received event
> was a deletion? Perhaps, something like:
>
> /*
> * If we get here, the received event is a deletion of a service,
> * instance or pg.
> */
> syslog(LOG_DEBUG | LOG_DAEMON, "Event: %s deleted", fmri);
Looks better, yep.
Ceri
--
That must be wonderful! I don't understand it at all.
-- Moliere
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL:
<http://mail.opensolaris.org/pipermail/security-discuss/attachments/20081021/9cd811b9/attachment.bin>
