[RFC][Change-Request] Create usefulness in rc.subr etc/rc.conf.d/*.conf namespace.

Mon May 9 03:50:37 UTC 2011

On Sun, May 8, 2011 at 12:13 PM, Jason Hellenthal <jhell at dataix.net> wrote:
>
> List, - Please reply-to freebsd-rc at freebsd.org
>
> Recently I have been going over some changes in the configurations that
> are possible with the rc subsystem and to my dismay I have found some
> inconsistencies with in particular the way rc.conf.d directory is
> processed and the arguments that are supplied to load_rc_config so I have
> patched it up...
>
> Let me explain:  As determined by rc.subr load_rc_config, config's from
> rc.conf.d are loaded by the scripts $name as an argument to load_rc_config
> and thus only the name being parsed is is available to be used in the
> rc.conf.d directory. Why is this bad ? Its not! but it is inconvenient as
> the user has no direct way to know that a variable used by nfsd is also
> needed by mountd or the same for various other scripts in the rc.d
> directory. At this time these config's are explained to be available for
> the user to utilize by rc.conf(5) but yet without much knowledge of the
> inner workings of the rc subsystem it would be quite the feat to do.
>
>
> The attachment[1] keeps this functionality the same while introducing a
> more convenient approach for the user to modularize their configuration
> however they see fit within a couple constraints that work very well.
>
>
> What does it do ?: As stated above, current functionality is undisturbed
> while allowing the user to create config's by any name they so desire as
> long as it has an extension of ".conf", also introducing the ability to
> turn a configuration file off by using chmod(1). You can turn nfsc1.conf
> off/on by simply chmod [-/+]x etc/rc.conf.d/nfs1.conf
>
>
> Why ? Simple. How many times have you been bitten by disabling something
> in the rc.conf file and left to discover what you just disabled was also
> used by another daemon but that daemon is now not starting ? This is a way
> to virtualize your configuration allowing you to add multiple _enable=
> lines to different configurations for different roles. For instance
> rpcbind is used by both samba and nfs*. With this you can add
> rpcbind_enable to both a configuration for samba and nfs and when you
> disable one service you know that you have not disabled a dependent for
> another.
>
>
> This is a small addition that fixes currently broken undesirable aspects
> of the configuration system that deals with the rc.conf.d directory with a
> SysV style init approach that is just as flexible. This should apply
> cleanly to current and stable/8 & 8.2-RELEASE systems. Once more feedback
> has been received Ill update the manual page with any suggestions
> regenerate the patch to accommodate and file a PR.
>
>
> 1). http://patches.jhell.googlecode.com/hg/rc.subr_modular_conf.patch

The problem with this is you can have 2 files with conflicting statements:

/etc/rc.conf.d/sshd:
sshd_enable="YES"

/etc/rc.conf.d/aaa.conf:
sshd_enable="NO"

It would probably be difficult to figure out that sshd will not start.

It gets even more interesting when you look at the different failure
modes (sshd starts in this case. Note the only difference is the
sshd.conf vs sshd):
/etc/rc.conf.d/sshd.conf:
sshd_enable="YES"

/etc/rc.conf.d/aaa.conf:
sshd_enable="NO"

Note if you named it zzz.conf, sshd would not start. This is due to
the fact that the patch loads the files in name order.

Also, you now have 2 different namespaces colliding in /etc/rc.conf.d:
{name} and *.conf (with *.conf taking priority over {name}). Should I
be naming my scripts /etc/rc.conf.d/ssd.conf or /etc/rc.conf.d/sshd?
It's not clear. Also the fact that the behavior changes based on the
+x bit is a nuance that probably shouldn't be added. We have no
precedent for testing for the execute bit on a configuration file and
I personally wouldn't want to start now.

I think I generally am of the opinion that everything for service X
should be in /etc/rc.conf.d/X rather than scattering it among a lot of
files.

The fundamental problem you describe is a legitimate one (service Y
has a dependency on X, so autostart X). Perhaps there is another way
to achieve the same results by having the startup for Y detecting that
X is not running an issuing a onestart command to the service?

Cheers,
Gordon