[arch-general] Alternative init system proposal
webczat_200 at poczta.onet.pl
Tue Feb 9 16:53:41 UTC 2016
-----BEGIN PGP SIGNED MESSAGE-----
The isolation is not fully cgroup based, also cgroups require/prefer a
single manager, this is going to be enforced in kernel someday, so it
is better for init to do it as it is a parent of everything.
PrivateTmp uses namespaces, so it is a real isolation. same with
PrivateNetwork, ProtectSystem, etc.
I do not say that you cannot do this from script, but you would have
to make cmdline utilities for some of those things, so it is currently
W dniu 09.02.2016 o 17:34, Guus Snijders pisze:
> Op 9 feb. 2016 17:27 schreef "Michał Zegan"
> <webczat_200 at poczta.onet.pl>:
>> A note about using shell scripts in systemd: Who said you can't?
>> and I don't talk about systemd's init.d compatibility that is
>> disabled in arch. Although you have to write unit files, you can
>> start scripts, so you do not really lose flexibility. Also
>> systemd's isolation capabilities are superior, there are some
>> things you currently cannot do from scripts, like PrivateTmp=yes
>> and stuff.
> Isolation is AFAIK based on cgroups, not the easiest subject, but
> certainly not impossible to implement.
> PrivateTmp: Does that more then setting $TEMP to a custom value?
> I'm just being curious here.
> Mvg, Guus Snijders
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the arch-general