On 02/09/14 20:09, Evgeni Golov wrote:
> after reading #759590, I think it is time to consider calling maintainer
> scripts in a (slightly) cleaned environment.
Another possibility would be to guarantee that init scripts will be
called in a cleaned environment. This seems like it will break fewer
expectations, because systemd and (AIUI) Upstart do this anyway, sysv-rc
does this during boot, and service(8) does this when a sysadmin uses it
to invoke an init script explicitly; the missing piece of the puzzle is
that invoke-rc.d(8) does not.
> I think systemd already does this,
> but I'd love a more generic solution for the "problem".
The generic solution, IMO, is "use an init that can be directed via IPC
to run services in a clean environment, rather than running those
services as a child of some random sysadmin process". systemd does this;
I believe Upstart also does this. This is one of the factors that made
the ctte prefer systemd and Upstart over sysvinit.
To get as close to that as possible in sysvinit, environment variables
(but not other aspects of the inherited process environment, like ulimit
and capabilities!) are re-initialized by running /etc/init.d/foo via
service(8) (recommended[1]) instead of directly (deprecated[1]), with
only $LANG, $PATH and $TERM inherited. Maybe invoke-rc.d(8) should do
the same as service(8), or even chain to service(8) to do the actual
script execution?
S
[1] for a number of reasons, mainly "it clears the environment",
"it works in Upstart too", and "it works in systemd too, even if
the init script does not use the LSB init functions"
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5406c5f1.1040...@debian.org
