Hi Aaron & misc@, My take:
I favor a tool that gives me (the end-user) more power. OpenBSD folks are 100% right to maintain a particular policy (no automatic restarts), but I see no reason to enforce it by taking away options from the end users. (Furthermore, I see no reason to attack a tool or concept that makes it easier to run crappy software; it makes running excellent software and crappy software equally easy.) So this is entirely possible, you can swap OpenBSD's init & rc mechanisms with runit, S6, or nosh (which, unlike daemontools, were all designed to fit that particular role), and you can configure each of them to do "one-shot" starts (no automatic restarts). So you can get both the powerful supervision mechanism AND a policy that favors security. Last time I checked, separation of mechanism and policy was considered Good. But from there on, the sad reality is you're mostly on your own. You can run a FrankenBSD or Frankenbuntu, nobody can stop you. But no mainstream OS uses runit, S6 nor nosh. Warranty is void. The author of nosh (JDeBP) is very active and maintains ports and integrations for Debian, OpenBSD, FreeBSD, so if you're not up for maintaining a fork of your OS, that might be your best chance. On the other hand... I run my Debian box with runit as PID 1 (an ENTIRELY unsupported setup), because the default thing is a horrible abomination, and even though I'm on my own making sure all the pieces fit together, I still find it nicer to work with. However I consider OpenBSD's rc(8) suite the second best thing in the world, and I'm entirely happy just not touching it. (Hint: you can also run daemontools/runit/etc alongside the default init.) <3,K.
