>"suckless init is incorrect, because it has no supervision capabilities,
>and thus, killing all processes but init can brick the machine."
>
>a rather bold claim IMO !
>where was the "correct" init behaviour specified ?
>where can i learn how a "correct" init has to operate ?
For instance:
https://archive.fosdem.org/2017/schedule/event/s6_supervision/
https://www.youtube.com/watch?v=I7qE43KK5bY&t=7591
https://www.reddit.com/r/linux/comments/2dx7k3/s6_skarnetorg_small_secure_supervision_software/cjxc1hj/?context=3
Or, as Guillermo mentioned, several posts in the ML archive.
init is a subject that little study has been put into (though it
is also the subject of a whole lot of talk, which says something
about whether people would rather talk or study). But I think you'll
find that things are different around here.
>or is it true since s6-svscan already provides such respawn
>capabilities ? ;-)
Do not mistake causes for consequences. Things are not correct
because s6 does them; s6 does things because they are correct.
>there is actually NO need for a "correct" working init implementation
>to provide respawn capabilities at all IMO.
Then you are free to use one of the many incorrect inits out there,
including sinit, Rich Felker's init, dumb-init, and others. You are
definitely not alone with your opinion. However, you sound interested
in process supervision, which is part of the more general idea that a
machine should be made as reliable as possible *at all times* and
*under any circumstances*; if you subscribe to that idea, then you
will understand why init must supervise at least 1 process.
>so this looks like a rather artificial and constructed argument for
>the necessity of respawn functionality in an init implementation IMO.
Maybe you've never bricked a device because init didn't respawn
anything. I have. The "rather artificial and constructed argument"
happened to me in real life, and it was a significant inconvenience.
--
Laurent
Received on Tue Apr 30 2019 - 08:22:50 UTC