On 28/09/2015 22:49, Buck Evan wrote:
If i'm reading the code correctly, readiness notification currently works
via a unnamed pipe between s6-supervise and its supervised subprocess. I'd
like to tell s6-supervise that my service has become 'ready' from a parent
process, which of course doesn't have access to that named pipe.
I realize this is highly unusual and possibly a problematic design on my
part, but I think this would be a reasonable feature; could we promote that
anonymous pipe to a named pipe under supervise/, please?
supervise/notification seems like an obvious choice.
I'd rather not, if it can be avoided, for safety reasons. The less
s6-supervise interacts with user-controlled filesystems, the better -
this is the reason why it took me so much time to implement
timeout-finish support: I wanted to do it in a way that could not
fail. Named pipes are fickle creatures, and I don't trust users to
handle them correctly (dumb example: busybox grep does not play nice
with them, I'm not sure about GNU grep) whereas a pre-opened fd is
relatively safe - only the daemon and its children have access to it,
and there aren't many possible misuses.
IOW: the restriction is intentional.
Could you please describe a little more what your setup is? I'm
sure we can find solutions to your problem that don't involve relaxing
the restriction.
--
Laurent
