On 25/05/2016 06:34, Eric Vidal wrote:
> Actually, is not possible to have two (or more) directory which
> contains some services and compile them together with s6-rc-compile
> to provide a final database.
It is totally possible, and it was one of the intended use cases of
s6-rc-compile.
Have your "boot" source directory in a place that can only be written
by root. Have your "user" source directory in another place. When you need
to recompile the database, run
s6-rc-compile compiled source-root source-user
and both sources will be aggregated into a single compiled database.
It is safe for boot as long as your services in source-root are
self-sufficient. At boot time, you can bring the service state to something
that is only defined in source-root. Alternatively, you can declare a
bundle "everything" in source-root, that contains everything your boot-time
needs *plus* a "user-state" bundle, undefined in source-root; your users will
just have to define that bundle, containing their own services they want to
run. Then bringing up the "everything" bundle at boot-time will start all
the services you need, plus the user ones.
But that's only if you allow users to run services as root, though.
If you want users to run their own set of services as non-root, then
you need two scandirs, two livedirs and two separate service databases.
> In fact, the directory can be growing quickly in complexity and the
> visibility of things can be difficult. The fact of separating boot
> and running time permit to have a little more security about the boot
> process and it will never touch by an user.
It's not entirely clear to me what exactly you're trying to do. The
important thing is whether or not you allow your users to impact the
root database, i.e. to run services as root. If you do, you can just
mix source databases. If you don't, you need to have entirely
separate s6-rc setups.
> Having a file named dependencies for a bundle seems to me a good idea.
It's unnecessary (and not at all how s6-rc works internally).
If you need dependencies in a bundle, it's always possible to include an
empty oneshot in the bundle, let's name it "bottom", that every other
service in the bundle depends on, and that depends on everything you want
the bundle to depend on.
I could probably add a mechanism in s6-rc-compile that parses a
"dependencies" file in a bundle definition and autogenerates such an empty
oneshot; it's not a priority, but it's not a bad idea - and if it seems
to be a wanted feature, I'll add it at some point.
--
Laurent
Received on Wed May 25 2016 - 10:33:52 UTC