[arch-general] Alternative init system proposal

Michał Zegan webczat_200 at poczta.onet.pl
Tue Feb 9 16:53:41 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


The isolation is not fully cgroup based, also cgroups require/prefer a
single manager, this is going to be enforced in kernel someday, so it
is better for init to do it as it is a parent of everything.
PrivateTmp uses namespaces, so it is a real isolation. same with
PrivateNetwork, ProtectSystem, etc.
I do not say that you cannot do this from script, but you would have
to make cmdline utilities for some of those things, so it is currently
not possible.


W dniu 09.02.2016 o 17:34, Guus Snijders pisze:
> Op 9 feb. 2016 17:27 schreef "Michał Zegan"
> <webczat_200 at poczta.onet.pl>:
>> 
> 
>> A note about using shell scripts in systemd: Who said you can't?
>> and I don't talk about systemd's init.d compatibility that is
>> disabled in arch. Although you have to write unit files, you can
>> start scripts, so you do not really lose flexibility. Also
>> systemd's isolation capabilities are superior, there are some
>> things you currently cannot do from scripts, like PrivateTmp=yes
>> and stuff.
> 
> Isolation is AFAIK based on cgroups, not the easiest subject, but
> certainly not impossible to implement.
> 
> PrivateTmp: Does that more then setting $TEMP to a custom value?
> 
> I'm just being curious here.
> 
> Mvg, Guus Snijders
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWuhmOAAoJEHb1CzgxXKwYns8P/24XkWt9vC/Sngfmcgkjc77I
IFjshUljV5sVO4oOHvDb4oPQcPIsACc24feN1pvy/MNtWdeMJJg2MyFYmNy9GkYc
z3WqnRr+pFbQZWCCbdtMIvshvJi141DBrPSVoI1T6hfD0wR3ptkHh0n72bcH1HTH
VkkjfhAsz4V7i6G8Bt4vOK89kjPKQJF1HieBPiUNZgNBjbhoq/1Nv5jfCW47Dvgl
TA3gXJlSAshkCGdogL0WqFyzA/78MDQ3x90DfdLITZ7Yk/G0bpNM9Lk6MJbW/y3E
eNnfy8S/D9TcTE5k4ST6DBl3XSLMbr3HlxSUmme+0sfDa4BUz5asTmgMYrdZ5Zfl
DIReoDvgld2BEK2sgKk2BkQPPmnblZ7OwDLYPC8QmWCWBzIESshHWgYs0Ditsq8N
f3Q15Cj6QDALfxYTlk3TasQ2DRul6S8wFwotEktGYO9Gvi9ktWoFhaVGem1hBB6X
7p3kdEzrwOXQvfqOxqblzPQpTu/0FS9LxRwRcNCKqtqgi6MuRcWeVcKw8pBBJeKe
QJudU7pXvjbwovZzPKEfmL2RsJ4Cb+PFR6nnRUUkXjuCfDj69l5LbnnijnLf4U34
ofJYo2MSSlqqjR+MaSUo8DNbZcTmRaVq8TsnUHZHoRbhOPgXKYr4B9HXG3lwSCmF
YoP+zd75A/xB51DnVoHq
=3gQy
-----END PGP SIGNATURE-----


More information about the arch-general mailing list