From owner-freebsd-rc@FreeBSD.ORG Sun Oct 4 14:35:59 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7667C1065670 for ; Sun, 4 Oct 2009 14:35:59 +0000 (UTC) (envelope-from "") Received: from mail.internationalconspiracy.org (mail.internationalconspiracy.org [85.234.142.62]) by mx1.freebsd.org (Postfix) with ESMTP id 36D578FC12 for ; Sun, 4 Oct 2009 14:35:59 +0000 (UTC) Received: from localhost (mail.internationalconspiracy.org [85.234.142.62]) by mail.internationalconspiracy.org (Postfix) with SMTP id 3E59820205 for ; Sun, 4 Oct 2009 15:11:22 +0100 (BST) Received: from _HOSTNAME_ (syndicate.internationalconspiracy.org [IPv6:2002:55ea:8e40::55]) by mail.internationalconspiracy.org (Postfix) with SMTP id 7B78D201F4; Sun, 4 Oct 2009 15:11:18 +0100 (BST) Received: by _HOSTNAME_ (sSMTP sendmail emulation); Sun, 4 Oct 2009 15:11:18 +0100 Date: Sun, 4 Oct 2009 15:11:18 +0100 From: Alex Trull To: freebsd-rc@freebsd.org, freebsd-hackers@freebsd.org Message-ID: <20091004141118.GG95662@syndicate.internationalconspiracy.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="lZZ4ablUVnt2XgAh" Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-14) X-DSPAM-Result: Innocent X-DSPAM-Processed: Sun Oct 4 15:11:21 2009 X-DSPAM-Confidence: 0.9988 X-DSPAM-Probability: 0.0000 X-DSPAM-Signature: 293,4ac8ad09526111849712983 Cc: Subject: (Ab)using rcng's features to keep rc.d-style services running should they fail. X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Oct 2009 14:35:59 -0000 --lZZ4ablUVnt2XgAh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi all, I realised that because portupgrade/portmaster don't always=20 cleanly restart processes that have died due to being=20 upgraded (mysqld, often!) that this was something I wanted=20 to fix. However, I'd seen the daemontools and wasn't a fan - too=20 much to configure with weird directories and so forth and=20 while monit is very powerful it also takes too much effort=20 to do what could be so much simpler. So why not just (ab)use the rcng system with a script ? the=20 functionality is all there already to do almost everything=20 needed. To check whether something is running and (if not!)=20 start it. So this is my dirty hack so far - runs out of cron with=20 "2>/dev/null" every few minutes and mails me about attempted=20 startups as they happen : #!/bin/sh # start things that should be running find /usr/local/etc/rc.d/ /etc/rc.d/ -type f | egrep -v '(newsyslog|devd|se= ndmail)' | awk '{print $0" status| grep \"is not running\" && "$0" start"}'= | sh Performance is not stunning, thankfuly my cpus are quite=20 idle. real 0m1.198s user 0m0.610s sys 0m0.877s (devd, newsyslog and sendmail are left out because their=20 scripts don't behave quite right.) Initialy I used it purely for the /usr/local/etc/rc.d but I=20 had a base ntpd die on me one evening so decided to throw in=20 /etc/rc.d/ too. This script has also caught a few other=20 failures in port-installed daemons in addition to the=20 ever-common mysqld-upgraded one. Of course it is relatively inefficient executing all those=20 scripts on a regular basis - but it works - has anyone=20 thought of cleaner/more efficient ways of doing this and=20 getting more out of the rcng framework ? Or simpler for that=20 matter. -- Alex --lZZ4ablUVnt2XgAh Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (FreeBSD) iEYEARECAAYFAkrIrQUACgkQey4m6/eWxTTE4ACfbtGSQRXQt/C/tSigVQ4eoXYI P4kAnA2CP6HV2kiU0YpdrgPeYTFUVUBN =6r53 -----END PGP SIGNATURE----- --lZZ4ablUVnt2XgAh-- From owner-freebsd-rc@FreeBSD.ORG Sun Oct 4 19:30:57 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D0FE6106568B for ; Sun, 4 Oct 2009 19:30:57 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.freebsd.org (Postfix) with ESMTP id 7D11C8FC17 for ; Sun, 4 Oct 2009 19:30:57 +0000 (UTC) Received: (qmail 15085 invoked by uid 399); 4 Oct 2009 19:30:56 -0000 Received: from localhost (HELO foreign.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTPAM; 4 Oct 2009 19:30:56 -0000 X-Originating-IP: 127.0.0.1 X-Sender: dougb@dougbarton.us Message-ID: <4AC8F7EF.9010303@FreeBSD.org> Date: Sun, 04 Oct 2009 12:30:55 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.23 (X11/20090822) MIME-Version: 1.0 To: Alex Trull References: <20091004141118.GG95662@syndicate.internationalconspiracy.org> In-Reply-To: <20091004141118.GG95662@syndicate.internationalconspiracy.org> X-Enigmail-Version: 0.96.0 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org, freebsd-rc@freebsd.org Subject: Re: (Ab)using rcng's features to keep rc.d-style services running should they fail. X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Oct 2009 19:30:58 -0000 Alex Trull wrote: > Hi all, > > I realised that because portupgrade/portmaster don't always > cleanly restart processes that have died due to being > upgraded (mysqld, often!) that this was something I wanted > to fix. I can't speak to portupgrade, however for portmaster there is no such facility whatsoever. The admin is expected to disable things prior to an upgrade and re-enable them when the upgrade is done. I don't feel that this is an overwhelming burden. :) That said I have it in mind to add a facility to handle this feature. Stay tuned for more news about this. > So why not just (ab)use the rcng system with a script ? First, it's rc.d now if you please. Second, I don't think that there is anything wrong with your concept that would classify it as abuse, although I'm not sure I would have implemented it in quite the same way. > the > functionality is all there already to do almost everything > needed. To check whether something is running and (if not!) > start it. > > So this is my dirty hack so far - runs out of cron with > "2>/dev/null" every few minutes and mails me about attempted > startups as they happen : > > #!/bin/sh > # start things that should be running > find /usr/local/etc/rc.d/ /etc/rc.d/ -type f | egrep -v '(newsyslog|devd|sendmail)' | awk '{print $0" status| grep \"is not running\" && "$0" start"}' | sh There are a couple of "problems" with this, although please understand I'm not criticizing, I'm just offering what I hope are constructive suggestions. First, (and I consider this to be a bug) there are several scripts in /etc/rc.d that are not actually 'startup' scripts in the true sense. Therefore I would not attempt to run them all. Personally if I were going to do what you're doing I would make an explicit list of scripts I wanted to test for. If you are going to continue to use awk you might want to learn how to avoid piping it to grep, that's an extra subshell that you don't really need. Finally I would do something like this (untested): for service in ntpd mysqld foo bar; do if [ -x /usr/local/etc/rc.d/$service ]; then service=/usr/local/etc/rc.d/$service elif [ -x /etc/rc.d/$service ]; then service=/etc/rc.d/$service else echo "Cannot find $service in /etc/rc.d or /usr/local/etc/rc.d" exit 1 fi $service start | grep -v 'already running' done > (devd, newsyslog and sendmail are left out because their > scripts don't behave quite right.) I don't see anything wrong with devd's output from the status command, sendmail's is a little hard to parse because it's doing a lot of things in one script. newsyslog is spitting out 'not running' which arguably it should not do since that script is not for starting a persistent service, it's just a 'run at boot' thing. In any case, if you find what you think are bugs in rc.d related stuff feel free to report them to freebsd-rc@freebsd.org. hth, Doug -- This .signature sanitized for your protection From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 03:54:21 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C7289106566B; Mon, 5 Oct 2009 03:54:21 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper-int.allbsd.org [IPv6:2001:2f0:104:e002::2]) by mx1.freebsd.org (Postfix) with ESMTP id 4653C8FC16; Mon, 5 Oct 2009 03:54:21 +0000 (UTC) Received: from delta.allbsd.org (p4206-ipbf1902funabasi.chiba.ocn.ne.jp [114.146.107.206]) (authenticated bits=128) by mail.allbsd.org (8.14.3/8.14.3) with ESMTP id n953s9MJ064231; Mon, 5 Oct 2009 12:54:19 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (alph.allbsd.org [192.168.0.10]) (authenticated bits=0) by delta.allbsd.org (8.13.4/8.13.4) with ESMTP id n953s1rm067623; Mon, 5 Oct 2009 12:54:03 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Mon, 05 Oct 2009 12:34:27 +0900 (JST) Message-Id: <20091005.123427.227628092.hrs@allbsd.org> To: freebsd-rc@FreeBSD.org From: Hiroki Sato In-Reply-To: <20090920.224018.16368211.hrs@allbsd.org> References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.2.52 on Emacs 22.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Mon_Oct__5_12_34_27_2009_085)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.95.2 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (mail.allbsd.org [133.31.130.32]); Mon, 05 Oct 2009 12:54:19 +0900 (JST) Cc: freebsd-current@FreeBSD.org Subject: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration (was: Re: svn commit: r197145 - in head: etc/defaults share/man/man5) X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 03:54:21 -0000 ----Security_Multipart(Mon_Oct__5_12_34_27_2009_085)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, I would like your comments about merging the network_ipv6 -> netif integration to stable/8. The issue of this rc.d script change is it involves user-visible changes in rc.conf(5) variables as described in UPDATING. I still want to do so before 8.0-R because the ND6 change in -CURRENT needs updating IPv6-related rc.d scripts first. While the ND6 change is not harmful from viewpoint of compatibility because basically it just converts a global knob to a per-interface flag, handling it in the rc.d scripts needs a kind of overhaul of rc.d/network_ipv6 and rc.d/netif. The necessary changes have already been committed into -CURRENT. It displays a warning to inform the users what is old in the rc.conf if the user uses rc.d variables that have been changed, and at the same time it keeps backward compatibility so that the old variables also work. So, I think the impact is small enough, and this sort of visible changes should be included in the .0 release rather than in the middle of future 8.x releases. The patch for stable/8 can be found at: http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff This includes both of the ND6 kernel change and the rc.d script change. If there is an objection from someone here I will put off the merge until after 8.0-R. -- Hiroki ----Security_Multipart(Mon_Oct__5_12_34_27_2009_085)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkrJaUMACgkQTyzT2CeTzy2BNACfRv08FD2cfo6x0w9Cfj+0KovS VEMAnip3sEDFKh6cNfeoCO1OTxL8vf9K =jBPP -----END PGP SIGNATURE----- ----Security_Multipart(Mon_Oct__5_12_34_27_2009_085)---- From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 05:58:09 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F2F2C1065670; Mon, 5 Oct 2009 05:58:08 +0000 (UTC) (envelope-from jhay@meraka.csir.co.za) Received: from zibbi.meraka.csir.co.za (zibbi.meraka.csir.co.za [IPv6:2001:4200:7000:2::1]) by mx1.freebsd.org (Postfix) with ESMTP id 2A0728FC0C; Mon, 5 Oct 2009 05:58:07 +0000 (UTC) Received: by zibbi.meraka.csir.co.za (Postfix, from userid 3973) id 58B7839830; Mon, 5 Oct 2009 07:58:06 +0200 (SAST) Date: Mon, 5 Oct 2009 07:58:06 +0200 From: John Hay To: Hiroki Sato Message-ID: <20091005055806.GB58246@zibbi.meraka.csir.co.za> References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20091005.123427.227628092.hrs@allbsd.org> User-Agent: Mutt/1.4.2.3i Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration (was: Re: svn commit: r197145 - in head: etc/defaults share/man/man5) X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 05:58:09 -0000 On Mon, Oct 05, 2009 at 12:34:27PM +0900, Hiroki Sato wrote: > Hi, > > I would like your comments about merging the network_ipv6 -> netif > integration to stable/8. The issue of this rc.d script change is it > involves user-visible changes in rc.conf(5) variables as described in > UPDATING. > > I still want to do so before 8.0-R because the ND6 change in -CURRENT > needs updating IPv6-related rc.d scripts first. While the ND6 change > is not harmful from viewpoint of compatibility because basically it > just converts a global knob to a per-interface flag, handling it in > the rc.d scripts needs a kind of overhaul of rc.d/network_ipv6 and > rc.d/netif. > > The necessary changes have already been committed into -CURRENT. It > displays a warning to inform the users what is old in the rc.conf if > the user uses rc.d variables that have been changed, and at the same > time it keeps backward compatibility so that the old variables also > work. So, I think the impact is small enough, and this sort of > visible changes should be included in the .0 release rather than in > the middle of future 8.x releases. > > The patch for stable/8 can be found at: > > http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff > > This includes both of the ND6 kernel change and the rc.d script > change. If there is an objection from someone here I will put off > the merge until after 8.0-R. Is there a good reason why we still ship with ipv6 off by default? Most others seem to ship with ipv6 on. At least Windows, most linux flavours and Mac OS X which make out the rest of the machines on our network here at Meraka Institute. One thing that I have against the way the stuff in -current is done at the moment, is that it seems to be a lot more work to just get ipv6 to work. Either I did things wrong or we are taking a step backward. Make no mistake, I like the idea of being able to control it per interface, but it seems that you have to enable it per interface with a long string for each... I would rather that it is enabled everywhere by default and then you disbale it where you do not want it. John -- John Hay -- jhay@meraka.csir.co.za / jhay@FreeBSD.org From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 09:24:33 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3863E1065693; Mon, 5 Oct 2009 09:24:33 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper-int.allbsd.org [IPv6:2001:2f0:104:e002::2]) by mx1.freebsd.org (Postfix) with ESMTP id 5F51A8FC14; Mon, 5 Oct 2009 09:24:32 +0000 (UTC) Received: from delta.allbsd.org (p4206-ipbf1902funabasi.chiba.ocn.ne.jp [114.146.107.206]) (authenticated bits=128) by mail.allbsd.org (8.14.3/8.14.3) with ESMTP id n959OI7g070812; Mon, 5 Oct 2009 18:24:29 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (alph.allbsd.org [192.168.0.10]) (authenticated bits=0) by delta.allbsd.org (8.13.4/8.13.4) with ESMTP id n959O9SN068663; Mon, 5 Oct 2009 18:24:12 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Mon, 05 Oct 2009 18:23:42 +0900 (JST) Message-Id: <20091005.182342.167950100.hrs@allbsd.org> To: jhay@meraka.org.za From: Hiroki Sato In-Reply-To: <20091005055806.GB58246@zibbi.meraka.csir.co.za> References: <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <20091005055806.GB58246@zibbi.meraka.csir.co.za> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.2.52 on Emacs 22.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Mon_Oct__5_18_23_42_2009_632)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.95.2 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (mail.allbsd.org [133.31.130.32]); Mon, 05 Oct 2009 18:24:31 +0900 (JST) Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 09:24:33 -0000 ----Security_Multipart(Mon_Oct__5_18_23_42_2009_632)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit John Hay wrote in <20091005055806.GB58246@zibbi.meraka.csir.co.za>: jh> Is there a good reason why we still ship with ipv6 off by default? Most jh> others seem to ship with ipv6 on. At least Windows, most linux flavours jh> and Mac OS X which make out the rest of the machines on our network here jh> at Meraka Institute. What do you mean by "off by default"? I think IPv6 is not disabled by default with the patch. Re-enabling of "automatic assignment of a link-local address by default" has been a big step for IPv6 ready out of the box. jh> One thing that I have against the way the stuff in -current is done at jh> the moment, is that it seems to be a lot more work to just get ipv6 to jh> work. Either I did things wrong or we are taking a step backward. Make jh> no mistake, I like the idea of being able to control it per interface, jh> but it seems that you have to enable it per interface with a long string jh> for each... I would rather that it is enabled everywhere by default and jh> then you disbale it where you do not want it. The initial patch had several regressions to mistakenly disable the functionality, but the current one should work by just adding an $ifconfig_IF_ipv6 line to rc.conf. The intention of my patch is to set $ipv6_enable=YES automatically (in more modular manner) when an IPv6 configuration is specified for an interface. Even with no per-interface configuration, when $ipv6_prefer=YES, IPv6 communication by using link-local addresses works. I believe it does not make it so complex compared with the old $ipv6_enable=YES model. I feel there is some difference between my understanding of "enable by default" and yours. Do you elaborate the word "enable" a bit more, please? -- Hiroki ----Security_Multipart(Mon_Oct__5_18_23_42_2009_632)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkrJux4ACgkQTyzT2CeTzy035gCgjUDOcAz37N2ERnkD07NYvedM CoMAn0AFy6WDTTWqSZQ7NMLgQqa4j/xg =wP4G -----END PGP SIGNATURE----- ----Security_Multipart(Mon_Oct__5_18_23_42_2009_632)---- From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 09:47:25 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D1EB6106568D for ; Mon, 5 Oct 2009 09:47:25 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [195.88.108.3]) by mx1.freebsd.org (Postfix) with ESMTP id 616C18FC13 for ; Mon, 5 Oct 2009 09:47:25 +0000 (UTC) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 34B5E41C729; Mon, 5 Oct 2009 11:30:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([195.88.108.3]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id vEWQZ1L3bTzE; Mon, 5 Oct 2009 11:30:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 80DBA41C71D; Mon, 5 Oct 2009 11:30:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id C57A54448E6; Mon, 5 Oct 2009 09:25:19 +0000 (UTC) Date: Mon, 5 Oct 2009 09:25:18 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: John Hay In-Reply-To: <20091005055806.GB58246@zibbi.meraka.csir.co.za> Message-ID: <20091005091708.J26486@maildrop.int.zabbadoz.net> References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <20091005055806.GB58246@zibbi.meraka.csir.co.za> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-current@FreeBSD.org, Hiroki Sato , freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration (was: Re: svn commit: r197145 - in head: etc/defaults share/man/man5) X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 09:47:26 -0000 On Mon, 5 Oct 2009, John Hay wrote: Hi, > On Mon, Oct 05, 2009 at 12:34:27PM +0900, Hiroki Sato wrote: >> Hi, >> >> I would like your comments about merging the network_ipv6 -> netif >> integration to stable/8. The issue of this rc.d script change is it >> involves user-visible changes in rc.conf(5) variables as described in >> UPDATING. >> >> I still want to do so before 8.0-R because the ND6 change in -CURRENT >> needs updating IPv6-related rc.d scripts first. While the ND6 change >> is not harmful from viewpoint of compatibility because basically it >> just converts a global knob to a per-interface flag, handling it in >> the rc.d scripts needs a kind of overhaul of rc.d/network_ipv6 and >> rc.d/netif. >> >> The necessary changes have already been committed into -CURRENT. It >> displays a warning to inform the users what is old in the rc.conf if >> the user uses rc.d variables that have been changed, and at the same >> time it keeps backward compatibility so that the old variables also >> work. So, I think the impact is small enough, and this sort of >> visible changes should be included in the .0 release rather than in >> the middle of future 8.x releases. >> >> The patch for stable/8 can be found at: >> >> http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff >> >> This includes both of the ND6 kernel change and the rc.d script >> change. If there is an objection from someone here I will put off >> the merge until after 8.0-R. > > Is there a good reason why we still ship with ipv6 off by default? Most > others seem to ship with ipv6 on. At least Windows, most linux flavours > and Mac OS X which make out the rest of the machines on our network here > at Meraka Institute. > > One thing that I have against the way the stuff in -current is done at > the moment, is that it seems to be a lot more work to just get ipv6 to > work. Either I did things wrong or we are taking a step backward. Make > no mistake, I like the idea of being able to control it per interface, > but it seems that you have to enable it per interface with a long string > for each... I would rather that it is enabled everywhere by default and > then you disbale it where you do not want it. link-local had been enabled by default in the past and I am not sure if we had a SA or EN for that or that it was just preemptively disabled. The problem is that if it is enabled by default you are exposing yourself to others on the same network. That is of course especially bad if you are in untrusted environments like conferences, ... or on a public LAN. If we'd support IPv4 link-local addresses by default we would have to apply the same logic there. I am not sure about OSX but at least Windows has a firewall set to deny any unrelated incoming things by default these days. Just because others haven't yet (really) thought about the problems doesn't mean they aren't there. If you want to use IPv4 you either add an address or start DHCP or .. and you have to configure that. If you want IPv6, you configure that as well. You shall not have anything enbaled by default that people can use to attack you and you don't know about because you didn't configure. While (we) IPv6 people know that it would be there a lot of people are still totally unaware of IPv6 and they would be surprised. /bz -- Bjoern A. Zeeb It will not break if you know what you are doing. From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 11:06:59 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F144D10656D8 for ; Mon, 5 Oct 2009 11:06:59 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id DEAA38FC18 for ; Mon, 5 Oct 2009 11:06:59 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n95B6xMr088785 for ; Mon, 5 Oct 2009 11:06:59 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n95B6xmI088783 for freebsd-rc@FreeBSD.org; Mon, 5 Oct 2009 11:06:59 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 5 Oct 2009 11:06:59 GMT Message-Id: <200910051106.n95B6xmI088783@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-rc@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 11:07:00 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/138208 rc [rc] [patch] Making rc.firewall (workstation) IPv6 awa o conf/137629 rc [rc] background_dhclient rc.conf option causing double o conf/137470 rc [PATCH] /etc/rc.d/mdconfig2 : prioritize cli parameter o conf/136875 rc [request] _flags appending o conf/136624 rc [rc.d] sysctl variables for ipnat are not applied on b o conf/134918 rc [patch] rc.subr fails to detect perl daemons o conf/134660 rc [patch] rc-script for initializing ng_netflow+ng_ipfw o conf/134333 rc PPP configuration problem in the rc.d scripts in combi o conf/134006 rc [patch] Unload console screensaver kernel modules if s o conf/133987 rc [rc.d] defaultroute broken with DHCP in some cases o conf/133890 rc [patch] sshd(8): add multiple profiles to the rc.d scr o conf/132766 rc wait_for_pids() in /etc/rc.subr is dull. o conf/132483 rc rc.subr(8) [patch] setfib(1) support for rc.subr o conf/132476 rc [rc.d] [patch] add support setfib(1) in rc.d/routing o conf/130414 rc [patch] rc services started with onestart are not stop o conf/128299 rc [patch] /etc/rc.d/geli does not mount partitions using o conf/127917 rc [patch] dumpon rejects on start with physmem>swap even o bin/126562 rc rcorder(8) fails to run unrelated startup scripts when o conf/126392 rc [patch] rc.conf ifconfig_xx keywords cannot be escaped o bin/126324 rc [patch] rc.d/tmp: Prevent mounting /tmp in second tim o conf/124747 rc [patch] savecore can't create dump from encrypted swap o conf/124248 rc [jail] [patch] add support for nice value for rc.d/jai o conf/123734 rc [patch] Chipset VIA CX700 requires extra initializatio o conf/123222 rc [patch] Add rtprio(1)/idprio(1) support to rc.subr(8). o conf/122477 rc [patch] /etc/rc.d/mdconfig and mdconfig2 are ignoring o conf/122170 rc [patch] [request] New feature: notify admin via page o o kern/121566 rc [nfs] [request] [patch] ethernet iface should be broug o conf/120431 rc [patch] devfs.rules are not initialized under certain o conf/120406 rc [devd] [patch] Handle newly attached pcm devices (eg. o conf/119874 rc [patch] "/etc/rc.d/pf reload" fails if there are macro o conf/119076 rc [patch] [rc.d] /etc/rc.d/netif tries to remove alias a o bin/118325 rc [patch] [request] new periodic script to test statuses o conf/118255 rc savecore never finding kernel core dumps (rcorder prob o conf/117935 rc [patch] ppp fails to start at boot because of missing o conf/113915 rc [patch] ndis wireless driver fails to associate when i o conf/109980 rc /etc/rc.d/netif restart doesn't destroy cloned_interfa o conf/109562 rc [rc.d] [patch] [request] Make rc.d/devfs usable from c o conf/108589 rc rtsol(8) fails due to default ipfw rules o conf/106009 rc [ppp] [patch] [request] Fix pppoed startup script to p o conf/105689 rc [ppp] [request] syslogd starts too late at boot o conf/105568 rc [patch] [request] Add more flexibility to rc.conf, to o conf/105145 rc [ppp] [patch] [request] add redial function to rc.d/pp o conf/104549 rc [patch] rc.d/nfsd needs special _find_processes functi o conf/102700 rc [geli] [patch] Add encrypted /tmp support to GELI/GBDE o conf/99721 rc [patch] /etc/rc.initdiskless problem copy dotfile in s o conf/99444 rc [patch] Enhancement: rc.subr could easily support star o conf/96343 rc [patch] rc.d order change to start inet6 before pf o conf/93815 rc [patch] Adds in the ability to save ipfw rules to rc.d o conf/92523 rc [patch] allow rc scripts to kill process after a timeo o conf/89870 rc [patch] [request] make netif verbose rc.conf toggle o conf/89061 rc [patch] IPv6 6to4 auto-configuration enhancement o conf/88913 rc [patch] wrapper support for rc.subr o conf/85819 rc [patch] script allowing multiuser mode in spite of fsc o kern/81006 rc ipnat not working with tunnel interfaces on startup o conf/77663 rc Suggestion: add /etc/rc.d/addnetswap after addcritremo o conf/73677 rc [patch] add support for powernow states to power_profi o conf/58939 rc [patch] dumb little hack for /etc/rc.firewall{,6} o conf/56934 rc [patch] rc.firewall rules for natd expect an interface o conf/45226 rc [patch] Fix for rc.network, ppp-user annoyance o conf/44170 rc [patch] Add ability to run multiple pppoed(8) on start 60 problems total. From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 14:16:41 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F3E911065670; Mon, 5 Oct 2009 14:16:40 +0000 (UTC) (envelope-from wxs@atarininja.org) Received: from syn.atarininja.org (syn.csh.rit.edu [129.21.50.215]) by mx1.freebsd.org (Postfix) with ESMTP id CE0198FC20; Mon, 5 Oct 2009 14:16:40 +0000 (UTC) Received: by syn.atarininja.org (Postfix, from userid 1001) id B911C5C2E; Mon, 5 Oct 2009 09:58:42 -0400 (EDT) Date: Mon, 5 Oct 2009 09:58:42 -0400 From: Wesley Shields To: Doug Barton Message-ID: <20091005135842.GA8629@atarininja.org> References: <20091004141118.GG95662@syndicate.internationalconspiracy.org> <4AC8F7EF.9010303@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4AC8F7EF.9010303@FreeBSD.org> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: Alex Trull , freebsd-rc@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: (Ab)using rcng's features to keep rc.d-style services running should they fail. X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 14:16:41 -0000 On Sun, Oct 04, 2009 at 12:30:55PM -0700, Doug Barton wrote: > Alex Trull wrote: > > Hi all, > > > > I realised that because portupgrade/portmaster don't always > > cleanly restart processes that have died due to being > > upgraded (mysqld, often!) that this was something I wanted > > to fix. > > I can't speak to portupgrade, however for portmaster there is no such > facility whatsoever. The admin is expected to disable things prior to > an upgrade and re-enable them when the upgrade is done. I don't feel > that this is an overwhelming burden. :) There is the @stopdaemon directive in plists (which gets translated into @unexec to forcestop the script). Some ports use it and some do not. Personally I think ports doing this automatically are quite annoying, and would love to rip them all out from the ports. Something like portmaster growing support for it would be welcome provided it does not happen by default. I've always found it funny that there is no @startdaemon directive (rightfully so, as we want people to explicitly turn things on) but it's acceptable if things get turned off via @stopdaemon without explicit permission. If a particular upgrade requires that the thing be not running we should check for that and abort, not go shutting things down. -- WXS From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 18:25:24 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 933041065670; Mon, 5 Oct 2009 18:25:24 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 4B42A8FC0A; Mon, 5 Oct 2009 18:25:24 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id B4CC76D41B; Mon, 5 Oct 2009 18:08:40 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id 85072844DE; Mon, 5 Oct 2009 20:08:40 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Hiroki Sato References: <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <20091005055806.GB58246@zibbi.meraka.csir.co.za> <20091005.182342.167950100.hrs@allbsd.org> Date: Mon, 05 Oct 2009 20:08:40 +0200 In-Reply-To: <20091005.182342.167950100.hrs@allbsd.org> (Hiroki Sato's message of "Mon, 05 Oct 2009 18:23:42 +0900 (JST)") Message-ID: <86my45vhlj.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 18:25:24 -0000 Hiroki Sato writes: > John Hay writes: > > Is there a good reason why we still ship with ipv6 off by default? > What do you mean by "off by default"? I think IPv6 is not disabled by > default with the patch. % ident /usr/src/etc/defaults/rc.conf=20 /usr/src/etc/defaults/rc.conf: $FreeBSD: head/etc/defaults/rc.conf 197619 2009-09-29 16:49:10Z dougb $ % grep ipv6_network_interfaces /usr/src/etc/defaults/rc.conf ipv6_network_interfaces=3D"none" # List of IPv6 network interfaces #ipv6_network_interfaces=3D"ed0 ep0" # Examples for router % grep ipv6_prefer /usr/src/etc/defaults/rc.conf=20 ipv6_prefer=3D"NO" # Use IPv6 when both IPv4 and IPv6 can be used Does mean that IPv6 is disabled by default? Who knows? There is no coherent explanation *anywhere* of what these variables mean, and rc.conf(5) does not mention them at all. In fact, the first hit for "ipv6" in rc.conf(5) is this: ipv6_enable (bool) Enable support for IPv6 networking. Note that this requires that the kernel has been compiled with options INET6. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 18:54:13 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03BAB1065672; Mon, 5 Oct 2009 18:54:13 +0000 (UTC) (envelope-from oberman@es.net) Received: from mailgw.es.net (mail1.es.net [IPv6:2001:400:201:1::2]) by mx1.freebsd.org (Postfix) with ESMTP id DB4EE8FC16; Mon, 5 Oct 2009 18:54:12 +0000 (UTC) Received: from ptavv.es.net (ptavv.es.net [IPv6:2001:400:910::29]) by mailgw.es.net (8.14.3/8.14.3) with ESMTP id n95Is8Lb016473 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 5 Oct 2009 11:54:08 -0700 Received: from ptavv.es.net (ptavv.es.net [127.0.0.1]) by ptavv.es.net (Tachyon Server) with ESMTP id 728471CC0E; Mon, 5 Oct 2009 11:54:08 -0700 (PDT) To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= In-reply-to: Your message of "Mon, 05 Oct 2009 20:08:40 +0200." <86my45vhlj.fsf@ds4.des.no> Date: Mon, 05 Oct 2009 11:54:08 -0700 From: "Kevin Oberman" Message-Id: <20091005185408.728471CC0E@ptavv.es.net> X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.8161:2.4.5, 1.2.40, 4.0.166 definitions=2009-10-05_12:2009-09-29, 2009-10-05, 2009-10-05 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=5.0.0-0908210000 definitions=main-0910050111 Cc: freebsd-current@FreeBSD.org, Hiroki Sato , freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 18:54:13 -0000 > From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= > Date: Mon, 05 Oct 2009 20:08:40 +0200 > Sender: owner-freebsd-current@freebsd.org > > Hiroki Sato writes: > > John Hay writes: > > > Is there a good reason why we still ship with ipv6 off by default? > > What do you mean by "off by default"? I think IPv6 is not disabled by > > default with the patch. > > % ident /usr/src/etc/defaults/rc.conf > /usr/src/etc/defaults/rc.conf: > $FreeBSD: head/etc/defaults/rc.conf 197619 2009-09-29 16:49:10Z dougb $ > % grep ipv6_network_interfaces /usr/src/etc/defaults/rc.conf > ipv6_network_interfaces="none" # List of IPv6 network interfaces > #ipv6_network_interfaces="ed0 ep0" # Examples for router > % grep ipv6_prefer /usr/src/etc/defaults/rc.conf > ipv6_prefer="NO" # Use IPv6 when both IPv4 and IPv6 can be used > > Does mean that IPv6 is disabled by default? Who knows? There is no > coherent explanation *anywhere* of what these variables mean, and > rc.conf(5) does not mention them at all. In fact, the first hit for > "ipv6" in rc.conf(5) is this: > > ipv6_enable > (bool) Enable support for IPv6 networking. Note that this > requires that the kernel has been compiled with options > INET6. Am I missing something here? From the same /etc/defaults/rc.conf: ### IPv6 options: ### ipv6_enable="NO" # Set to YES to set up for IPv6. That looks about a "disabled out of the box" as it gets. As far as I can see (which may not be far), ipv6_network_interfaces is only relevant to IPv6 routing. I believe that ipv6_prefer controls the default behavior when DNS returns both IPv4 and IPv6 addresses for a host. If it is set to "NO", IPv4 will be tried first (preferred). If set to "YES", the IPv6 address will be preferred. I strongly recommend keeping ipv6_prefer set to "NO". -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 19:12:35 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 61A08106566B; Mon, 5 Oct 2009 19:12:35 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 19EDB8FC1D; Mon, 5 Oct 2009 19:12:34 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id F38366D41B; Mon, 5 Oct 2009 19:12:33 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id C84A4844EF; Mon, 5 Oct 2009 21:12:33 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: "Kevin Oberman" References: <20091005185408.728471CC0E@ptavv.es.net> Date: Mon, 05 Oct 2009 21:12:33 +0200 In-Reply-To: <20091005185408.728471CC0E@ptavv.es.net> (Kevin Oberman's message of "Mon, 05 Oct 2009 11:54:08 -0700") Message-ID: <86ab05ven2.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-current@FreeBSD.org, Hiroki Sato , freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 19:12:35 -0000 "Kevin Oberman" writes: > Am I missing something here? From the same /etc/defaults/rc.conf: > ### IPv6 options: ### > ipv6_enable=3D"NO" # Set to YES to set up for IPv6. > > That looks about a "disabled out of the box" as it gets. AFAIK, ipv6_enable has no effect. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 19:39:40 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BD3CC1065695; Mon, 5 Oct 2009 19:39:40 +0000 (UTC) (envelope-from dimitry@andric.com) Received: from tensor.andric.com (cl-327.ede-01.nl.sixxs.net [IPv6:2001:7b8:2ff:146::2]) by mx1.freebsd.org (Postfix) with ESMTP id 827C28FC1C; Mon, 5 Oct 2009 19:39:40 +0000 (UTC) Received: from [IPv6:2001:7b8:3a7:0:3902:3a2:c54b:fed5] (unknown [IPv6:2001:7b8:3a7:0:3902:3a2:c54b:fed5]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tensor.andric.com (Postfix) with ESMTPSA id AD34A5C59; Mon, 5 Oct 2009 21:39:39 +0200 (CEST) Message-ID: <4ACA4B81.3090105@andric.com> Date: Mon, 05 Oct 2009 21:39:45 +0200 From: Dimitry Andric User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.4pre) Gecko/20091003 Shredder/3.0pre MIME-Version: 1.0 To: Hiroki Sato References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> In-Reply-To: <20091005.123427.227628092.hrs@allbsd.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 19:39:40 -0000 On 2009-10-05 05:34, Hiroki Sato wrote: > The patch for stable/8 can be found at: > > http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff Hmm, build bombs out at sbin/ifconfig: ===> sbin/ifconfig (depend) make: don't know how to make af_nd6.c. Stop *** Error code 2 This is because the patch doesn't seem to contain sbin/ifconfig/af_nd6.c. Can I just use the version from head? From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 20:03:52 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3E5311065672; Mon, 5 Oct 2009 20:03:52 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper-int.allbsd.org [IPv6:2001:2f0:104:e002::2]) by mx1.freebsd.org (Postfix) with ESMTP id 399D58FC19; Mon, 5 Oct 2009 20:03:51 +0000 (UTC) Received: from delta.allbsd.org (p4206-ipbf1902funabasi.chiba.ocn.ne.jp [114.146.107.206]) (authenticated bits=128) by mail.allbsd.org (8.14.3/8.14.3) with ESMTP id n95K3WP5085097; Tue, 6 Oct 2009 05:03:43 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (alph.allbsd.org [192.168.0.10]) (authenticated bits=0) by delta.allbsd.org (8.13.4/8.13.4) with ESMTP id n95K3MT3071002; Tue, 6 Oct 2009 05:03:25 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Tue, 06 Oct 2009 04:50:43 +0900 (JST) Message-Id: <20091006.045043.187164797.hrs@allbsd.org> To: des@des.no From: Hiroki Sato In-Reply-To: <86my45vhlj.fsf@ds4.des.no> References: <20091005055806.GB58246@zibbi.meraka.csir.co.za> <20091005.182342.167950100.hrs@allbsd.org> <86my45vhlj.fsf@ds4.des.no> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.2.52 on Emacs 22.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Tue_Oct__6_04_50_43_2009_396)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.95.2 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (mail.allbsd.org [133.31.130.32]); Tue, 06 Oct 2009 05:03:44 +0900 (JST) Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 20:03:52 -0000 ----Security_Multipart(Tue_Oct__6_04_50_43_2009_396)-- Content-Type: Text/Plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Dag-Erling Sm=F8rgrav wrote in <86my45vhlj.fsf@ds4.des.no>: de> Hiroki Sato writes: de> > John Hay writes: de> > > Is there a good reason why we still ship with ipv6 off by defau= lt? de> > What do you mean by "off by default"? I think IPv6 is not disabl= ed by de> > default with the patch. de> = de> % ident /usr/src/etc/defaults/rc.conf = de> /usr/src/etc/defaults/rc.conf: de> $FreeBSD: head/etc/defaults/rc.conf 197619 2009-09-29 16:49:10= Z dougb $ de> % grep ipv6_network_interfaces /usr/src/etc/defaults/rc.conf de> ipv6_network_interfaces=3D"none" # List of IPv6 network interfaces de> #ipv6_network_interfaces=3D"ed0 ep0" # Examples for router de> % grep ipv6_prefer /usr/src/etc/defaults/rc.conf = de> ipv6_prefer=3D"NO" # Use IPv6 when both IPv4 and IPv6 can be used de> = de> Does mean that IPv6 is disabled by default? Who knows? There is n= o de> coherent explanation *anywhere* of what these variables mean, and de> rc.conf(5) does not mention them at all. In fact, the first hit fo= r de> "ipv6" in rc.conf(5) is this: de> = de> ipv6_enable de> (bool) Enable support for IPv6 networking. Note t= hat this de> requires that the kernel has been compiled with op= tions de> INET6. No, the rc.conf(5) has been updated in r197526: ipv6_enable (bool) If the variable is ``YES'', ``inet6 accept_rtad= v'' is added to all of ifconfig__ipv6 and the ipv6= _prefer is defined as ``YES''. This variable is deprecated. Use ipv6_prefer and ifconfig__ipv6. and UPDATING also explains the relationship between the $ipv6_enable and the other variables. IMHO "Enabling (or disabling) IPv6" is not a correct expression for $ipv6_enable and $ipv6_prefer. If you use a kernel with "options INET6" (GENERIC has it) IPv6 is enabled, and $ipv6_enable=3DNO in the old releases does not disable the functionality. It just controlled whether $ipv6_* in rc.conf are ignored or not. -- Hiroki ----Security_Multipart(Tue_Oct__6_04_50_43_2009_396)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkrKThMACgkQTyzT2CeTzy29fwCeM8VpJjt2YI1voNdec3kHVlGS AecAmgI52ETW3Q/PDEQW1h7FsZRkENfc =gvTH -----END PGP SIGNATURE----- ----Security_Multipart(Tue_Oct__6_04_50_43_2009_396)---- From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 20:36:59 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8ED481065672; Mon, 5 Oct 2009 20:36:59 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper-int.allbsd.org [IPv6:2001:2f0:104:e002::2]) by mx1.freebsd.org (Postfix) with ESMTP id 13CC98FC13; Mon, 5 Oct 2009 20:36:58 +0000 (UTC) Received: from delta.allbsd.org (p4206-ipbf1902funabasi.chiba.ocn.ne.jp [114.146.107.206]) (authenticated bits=128) by mail.allbsd.org (8.14.3/8.14.3) with ESMTP id n95Kagj9085774; Tue, 6 Oct 2009 05:36:52 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (alph.allbsd.org [192.168.0.10]) (authenticated bits=0) by delta.allbsd.org (8.13.4/8.13.4) with ESMTP id n95KaYqn071095; Tue, 6 Oct 2009 05:36:36 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Tue, 06 Oct 2009 05:36:11 +0900 (JST) Message-Id: <20091006.053611.25963972.hrs@allbsd.org> To: dimitry@andric.com From: Hiroki Sato In-Reply-To: <4ACA4B81.3090105@andric.com> References: <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <4ACA4B81.3090105@andric.com> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.2.52 on Emacs 22.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Tue_Oct__6_05_36_11_2009_099)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.95.2 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (mail.allbsd.org [133.31.130.32]); Tue, 06 Oct 2009 05:36:53 +0900 (JST) Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 20:36:59 -0000 ----Security_Multipart(Tue_Oct__6_05_36_11_2009_099)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Dimitry Andric wrote in <4ACA4B81.3090105@andric.com>: di> On 2009-10-05 05:34, Hiroki Sato wrote: di> > The patch for stable/8 can be found at: di> > di> > http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff di> di> Hmm, build bombs out at sbin/ifconfig: di> di> ===> sbin/ifconfig (depend) di> make: don't know how to make af_nd6.c. Stop di> *** Error code 2 di> di> This is because the patch doesn't seem to contain di> sbin/ifconfig/af_nd6.c. Can I just use the version from head? Yes, you can use the file in HEAD. I do not know why but "svn diff" seems not to generate a diff delta for a newly-added file by "svn merge"... The missing delta can also be found at: http://people.freebsd.org/~hrs/af_nd6.c.diff -- Hiroki ----Security_Multipart(Tue_Oct__6_05_36_11_2009_099)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkrKWLsACgkQTyzT2CeTzy0S9wCdHYc9uNxPsZoAnzy87TM/aXot kdkAnjL9VoY15vN8fU9uNiQDvjUzc0Gd =l5Pe -----END PGP SIGNATURE----- ----Security_Multipart(Tue_Oct__6_05_36_11_2009_099)---- From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 21:06:03 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 78484106566B; Mon, 5 Oct 2009 21:06:03 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 302118FC08; Mon, 5 Oct 2009 21:06:02 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 1C2EC6D41C; Mon, 5 Oct 2009 21:06:02 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id E00AF844DE; Mon, 5 Oct 2009 23:06:00 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Hiroki Sato References: <20091005055806.GB58246@zibbi.meraka.csir.co.za> <20091005.182342.167950100.hrs@allbsd.org> <86my45vhlj.fsf@ds4.des.no> <20091006.045043.187164797.hrs@allbsd.org> Date: Mon, 05 Oct 2009 23:06:00 +0200 In-Reply-To: <20091006.045043.187164797.hrs@allbsd.org> (Hiroki Sato's message of "Tue, 06 Oct 2009 04:50:43 +0900 (JST)") Message-ID: <8663atv9dz.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 21:06:03 -0000 Hiroki Sato writes: > No, the rc.conf(5) has been updated in r197526: > > ipv6_enable > (bool) If the variable is ``YES'', ``inet6 accept_rtadv'= ' is > added to all of ifconfig__ipv6 and the ipv6_p= refer > is defined as ``YES''. > > This variable is deprecated. Use ipv6_prefer and > ifconfig__ipv6. Still not very helpful. If I install FreeBSD from a release CD and use the GENERIC kernel and do *not* want to use IPv6, what do I do? Please don't answer "compile a custom kernel". DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 22:09:37 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 12598106566B; Mon, 5 Oct 2009 22:09:37 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper-int.allbsd.org [IPv6:2001:2f0:104:e002::2]) by mx1.freebsd.org (Postfix) with ESMTP id 3DA9D8FC0A; Mon, 5 Oct 2009 22:09:36 +0000 (UTC) Received: from delta.allbsd.org (p4206-ipbf1902funabasi.chiba.ocn.ne.jp [114.146.107.206]) (authenticated bits=128) by mail.allbsd.org (8.14.3/8.14.3) with ESMTP id n95M9E6A087618; Tue, 6 Oct 2009 07:09:25 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (alph.allbsd.org [192.168.0.10]) (authenticated bits=0) by delta.allbsd.org (8.13.4/8.13.4) with ESMTP id n95M95pr071371; Tue, 6 Oct 2009 07:09:07 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Tue, 06 Oct 2009 07:07:14 +0900 (JST) Message-Id: <20091006.070714.233607520.hrs@allbsd.org> To: des@des.no From: Hiroki Sato In-Reply-To: <8663atv9dz.fsf@ds4.des.no> References: <86my45vhlj.fsf@ds4.des.no> <20091006.045043.187164797.hrs@allbsd.org> <8663atv9dz.fsf@ds4.des.no> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.2.52 on Emacs 22.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Tue_Oct__6_07_07_14_2009_906)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.95.2 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (mail.allbsd.org [133.31.130.32]); Tue, 06 Oct 2009 07:09:28 +0900 (JST) Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 22:09:37 -0000 ----Security_Multipart(Tue_Oct__6_07_07_14_2009_906)-- Content-Type: Text/Plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Dag-Erling Sm=F8rgrav wrote in <8663atv9dz.fsf@ds4.des.no>: de> Hiroki Sato writes: de> > No, the rc.conf(5) has been updated in r197526: de> > de> > ipv6_enable de> > (bool) If the variable is ``YES'', ``inet6 accep= t_rtadv'' is de> > added to all of ifconfig__ipv6 and th= e ipv6_prefer de> > is defined as ``YES''. de> > de> > This variable is deprecated. Use ipv6_prefer an= d de> > ifconfig__ipv6. de> = de> Still not very helpful. de> = de> If I install FreeBSD from a release CD and use the GENERIC kernel a= nd do de> *not* want to use IPv6, what do I do? de> = de> Please don't answer "compile a custom kernel". It depends on the definition of "use", but the answer is "do not put any $ifconfig_IF_ipv6 or $ipv6_prefer to your rc.conf". If so, IPv6 will be "disabled" (including communication using link-local addresses) on all of interfaces except lo0. It is the default behavior now. I do not think this means "IPv6 is disabled by default". By adding an IPv6 address by using ifconfig(8) after boot you can still use IPv6 on that interface. This is almost the same as IPv4 does. When I do not want to use IPv4, I do not put any IPv4 addresses to $ifconfig_IF. Strictly speaking the address ::1/128 on lo0 cannot be removed because it is assigned by the kernel itself unlike IPv4's 127.0.0.1, so you can use the loopback address without knowing it. If you do not want to use it, you can disable IPv6 on lo0 manually by "ifconfig lo0 inet6 ifdisabled". Anyway, the existence of this loopback address has not been changed for a long time. -- Hiroki ----Security_Multipart(Tue_Oct__6_07_07_14_2009_906)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkrKbhIACgkQTyzT2CeTzy2PLwCgzqxq1QeRWzxOraPLRqJ0MH4M +osAn25+WBBnoJRbzp7LQ20XJC1hvIIB =SYvh -----END PGP SIGNATURE----- ----Security_Multipart(Tue_Oct__6_07_07_14_2009_906)---- From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 22:23:22 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 347591065756 for ; Mon, 5 Oct 2009 22:23:19 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.freebsd.org (Postfix) with ESMTP id 0C90D8FC12 for ; Mon, 5 Oct 2009 22:23:19 +0000 (UTC) Received: (qmail 2121 invoked by uid 399); 5 Oct 2009 22:23:18 -0000 Received: from localhost (HELO foreign.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTPAM; 5 Oct 2009 22:23:18 -0000 X-Originating-IP: 127.0.0.1 X-Sender: dougb@dougbarton.us Message-ID: <4ACA71D4.6010502@FreeBSD.org> Date: Mon, 05 Oct 2009 15:23:16 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.23 (X11/20090822) MIME-Version: 1.0 To: Hiroki Sato References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> In-Reply-To: <20091005.123427.227628092.hrs@allbsd.org> X-Enigmail-Version: 0.96.0 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 22:23:22 -0000 Hiroki Sato wrote: > Hi, > > I would like your comments about merging the network_ipv6 -> netif > integration to stable/8. I maintain my objection to MFC'ing this prior to the 8.0-RELEASE. As stated previously my objections are as follows (in decreasing order of general importance): 1. It is a fairly significant change happening too late in the release cycle. IMO that is reason enough to not allow the change. 2. Although 8.0 seems to be getting more beta/rc testing than previous .0 releases, the overall number of users testing it is still a small percentage of the userbase. 3. A dramatically smaller percentage of those users who are actually doing the testing is also using IPv6. 4. There are still rough edges to the changes. 5. I personally disagree with some of the choices you've made and would like to see more discussion about them. (More about 4 and 5 below.) The rough edges I've noticed have to do with the various problems people have reported to the lists, including what seems to be a lack of testing without IPv6 in the kernel, continuing evolution of how to deal with the afnet tests, and personally I've noticed the following on my console, although I haven't had time to research yet whether it's definitely coming from your changes: in6_ifattach_linklocal: failed to add a link-local addr to wpi0 In terms of design decisions you've made, I am still confused about why you insist on deprecating ipv6_enable. Recent discussion on the lists indicates to me that I'm not alone in thinking that this is a valuable mechanism and that there is not only no reason to deprecate it, to do so is not desirable. I'd also like to explore further the idea that I suggested in a previous thread that it should not be necessary to specify ifconfig_IF_ipv6 at all. The vast majority of users will be using RA for the next couple of years at least, so in my mind it makes sense to default to using ipv6_network_interfaces=$network_interfaces and RA by default. If the user has a need to configure something explicitly then you've provided the mechanism for them to do that, but they shouldn't be forced to use it. This is another reason that I think ipv6_enable should be the "master" knob. I like the idea of the ipv6_prefer knob, but I do not like the idea of overloading it with the function of ipv6_enable too. I can certainly understand why you are eager to get these changes into 8.0, however if we do a proper job of maintaining backwards compatibility (which I think we should do anyway) I don't see any reason that they cannot be merged after 8.0, and more importantly after they have had a proper opportunity to shake out in HEAD. Doug -- This .signature sanitized for your protection From owner-freebsd-rc@FreeBSD.ORG Mon Oct 5 23:18:42 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 01BB51065670; Mon, 5 Oct 2009 23:18:42 +0000 (UTC) (envelope-from qing.li@bluecoat.com) Received: from whisker.bluecoat.com (whisker.bluecoat.com [216.52.23.28]) by mx1.freebsd.org (Postfix) with ESMTP id D5DE18FC0A; Mon, 5 Oct 2009 23:18:41 +0000 (UTC) Received: from bcs-mail03.internal.cacheflow.com ([10.2.2.95]) by whisker.bluecoat.com (8.14.2/8.14.2) with ESMTP id n95MvHNt018431; Mon, 5 Oct 2009 15:57:17 -0700 (PDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Mon, 5 Oct 2009 15:56:36 -0700 Message-ID: In-Reply-To: <4ACA71D4.6010502@FreeBSD.org> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration Thread-Index: AcpGCoKEgAr2qKR3TbeREfjG/EmULwAASLlw References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org><20091005.123427.227628092.hrs@allbsd.org> <4ACA71D4.6010502@FreeBSD.org> From: "Li, Qing" To: "Doug Barton" , "Hiroki Sato" , Cc: freebsd-current@freebsd.org, freebsd-rc@freebsd.org Subject: RE: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 23:18:42 -0000 I agree with Doug and I'd prefer getting more runtime cycles out of these changes before MFC into stable/8.=20 On a semi-related topic, I like the features developed in r197138. The changes are significant enough that having a MFC of 3 days is way too short. This changelist should also be postponed to post REL_8. -- Qing > -----Original Message----- > From: owner-freebsd-current@freebsd.org [mailto:owner-freebsd- > current@freebsd.org] On Behalf Of Doug Barton > Sent: Monday, October 05, 2009 3:23 PM > To: Hiroki Sato > Cc: freebsd-current@freebsd.org; freebsd-rc@freebsd.org > Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration >=20 > Hiroki Sato wrote: > > Hi, > > > > I would like your comments about merging the network_ipv6 -> netif > > integration to stable/8. >=20 > I maintain my objection to MFC'ing this prior to the 8.0-RELEASE. As > stated previously my objections are as follows (in decreasing order of > general importance): >=20 > 1. It is a fairly significant change happening too late in the release > cycle. IMO that is reason enough to not allow the change. > 2. Although 8.0 seems to be getting more beta/rc testing than previous > .0 releases, the overall number of users testing it is still a small > percentage of the userbase. > 3. A dramatically smaller percentage of those users who are actually > doing the testing is also using IPv6. > 4. There are still rough edges to the changes. > 5. I personally disagree with some of the choices you've made and > would like to see more discussion about them. (More about 4 and 5 > below.) >=20 > The rough edges I've noticed have to do with the various problems > people have reported to the lists, including what seems to be a lack > of testing without IPv6 in the kernel, continuing evolution of how to > deal with the afnet tests, and personally I've noticed the following > on my console, although I haven't had time to research yet whether > it's definitely coming from your changes: >=20 > in6_ifattach_linklocal: failed to add a link-local addr to wpi0 >=20 > In terms of design decisions you've made, I am still confused about > why you insist on deprecating ipv6_enable. Recent discussion on the > lists indicates to me that I'm not alone in thinking that this is a > valuable mechanism and that there is not only no reason to deprecate > it, to do so is not desirable. >=20 > I'd also like to explore further the idea that I suggested in a > previous thread that it should not be necessary to specify > ifconfig_IF_ipv6 at all. The vast majority of users will be using RA > for the next couple of years at least, so in my mind it makes sense to > default to using ipv6_network_interfaces=3D$network_interfaces and RA = by > default. If the user has a need to configure something explicitly then > you've provided the mechanism for them to do that, but they shouldn't > be forced to use it. This is another reason that I think ipv6_enable > should be the "master" knob. I like the idea of the ipv6_prefer knob, > but I do not like the idea of overloading it with the function of > ipv6_enable too. >=20 > I can certainly understand why you are eager to get these changes into > 8.0, however if we do a proper job of maintaining backwards > compatibility (which I think we should do anyway) I don't see any > reason that they cannot be merged after 8.0, and more importantly > after they have had a proper opportunity to shake out in HEAD. >=20 >=20 > Doug >=20 > -- >=20 > This .signature sanitized for your protection >=20 > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "freebsd-current- > unsubscribe@freebsd.org" From owner-freebsd-rc@FreeBSD.ORG Tue Oct 6 08:26:13 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7ED9D1065670; Tue, 6 Oct 2009 08:26:13 +0000 (UTC) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.freebsd.org (Postfix) with ESMTP id 3E9E68FC15; Tue, 6 Oct 2009 08:26:13 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id 5025E6D41B; Tue, 6 Oct 2009 08:26:12 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id 1774F8449F; Tue, 6 Oct 2009 10:26:12 +0200 (CEST) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Hiroki Sato References: <86my45vhlj.fsf@ds4.des.no> <20091006.045043.187164797.hrs@allbsd.org> <8663atv9dz.fsf@ds4.des.no> <20091006.070714.233607520.hrs@allbsd.org> Date: Tue, 06 Oct 2009 10:26:12 +0200 In-Reply-To: <20091006.070714.233607520.hrs@allbsd.org> (Hiroki Sato's message of "Tue, 06 Oct 2009 07:07:14 +0900 (JST)") Message-ID: <864oqd9bdn.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 08:26:13 -0000 Hiroki Sato writes: > Dag-Erling Sm=C3=B8rgrav writes: > > If I install FreeBSD from a release CD and use the GENERIC kernel > > and do *not* want to use IPv6, what do I do? > It depends on the definition of "use", but the answer is "do not put > any $ifconfig_IF_ipv6 or $ipv6_prefer to your rc.conf". If so, IPv6 > will be "disabled" (including communication using link-local > addresses) on all of interfaces except lo0. It is the default > behavior now. > > I do not think this means "IPv6 is disabled by default". Close enough from my POV... thanks. Network configuration is complicated enough that I think we should have a separate man page for it; rc.conf is pretty much useless unless you already know what you're looking for. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-rc@FreeBSD.ORG Tue Oct 6 12:37:21 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 48136106568D; Tue, 6 Oct 2009 12:37:21 +0000 (UTC) (envelope-from dimitry@andric.com) Received: from tensor.andric.com (cl-327.ede-01.nl.sixxs.net [IPv6:2001:7b8:2ff:146::2]) by mx1.freebsd.org (Postfix) with ESMTP id 0C8778FC12; Tue, 6 Oct 2009 12:37:21 +0000 (UTC) Received: from [IPv6:2001:7b8:3a7:0:517e:fefd:3695:676c] (unknown [IPv6:2001:7b8:3a7:0:517e:fefd:3695:676c]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tensor.andric.com (Postfix) with ESMTPSA id 40E575C59; Tue, 6 Oct 2009 14:37:20 +0200 (CEST) Message-ID: <4ACB3A08.9030109@andric.com> Date: Tue, 06 Oct 2009 14:37:28 +0200 From: Dimitry Andric User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.4pre) Gecko/20091003 Shredder/3.0pre MIME-Version: 1.0 To: Hiroki Sato References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <4ACA4B81.3090105@andric.com> In-Reply-To: <4ACA4B81.3090105@andric.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 12:37:21 -0000 On 2009-10-05 21:39, Dimitry Andric wrote: >> http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff > Hmm, build bombs out at sbin/ifconfig: ... > This is because the patch doesn't seem to contain > sbin/ifconfig/af_nd6.c. Can I just use the version from head? FYI, the patch also misses etc/rc.d/{faith,stf}. Without these, mergemaster fails; again, taking them from head fixes it. From owner-freebsd-rc@FreeBSD.ORG Tue Oct 6 16:50:10 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0E42F106566B; Tue, 6 Oct 2009 16:50:10 +0000 (UTC) (envelope-from dhorn2000@gmail.com) Received: from mail-yx0-f171.google.com (mail-yx0-f171.google.com [209.85.210.171]) by mx1.freebsd.org (Postfix) with ESMTP id A68018FC16; Tue, 6 Oct 2009 16:50:09 +0000 (UTC) Received: by yxe1 with SMTP id 1so4282160yxe.3 for ; Tue, 06 Oct 2009 09:50:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=dGVFPnc66mWnoCI7HnfG3Ykb7sBDfpkZpLA3MebaMrY=; b=W3tcF4U9OgLjD2COTu60BrKaHknVcybbsOeX5IlcfQVk+CizZcICIRDDNHCMOWbA1x rI6wYRXl41Dbt6KWtSZq5/ZfC0jmp4L2CTgBy61yaDcFfT6IPIoMlrV5YuxyBuLjSEVt kHiXNc/03kWemxWYobjkKTIwxuLGacUnBdn3k= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=QsGKUrKx9lSvAPWjg8pLzouP2Y35GfWsGW+MUoBNL461/rbfahcd+T+a7IgCNG4nsA ysGUNIBp0zk4LavHdKHK6746h8rpajIasU+ja/J+M3Yr4ziZCMOEBT6PovJtQZ8xc8NN A37kmLwEN7ZBPmJuFX58Ai9qCd/mYFibKsvac= MIME-Version: 1.0 Received: by 10.100.24.37 with SMTP id 37mr1744227anx.45.1254846065545; Tue, 06 Oct 2009 09:21:05 -0700 (PDT) In-Reply-To: <4ACB3A08.9030109@andric.com> References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <4ACA4B81.3090105@andric.com> <4ACB3A08.9030109@andric.com> Date: Tue, 6 Oct 2009 12:21:05 -0400 Message-ID: <25ff90d60910060921k2118994aq1f5b0431868ec800@mail.gmail.com> From: David Horn To: Hiroki Sato Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-current@freebsd.org, freebsd-rc@freebsd.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 16:50:10 -0000 On Tue, Oct 6, 2009 at 8:37 AM, Dimitry Andric wrote: > On 2009-10-05 21:39, Dimitry Andric wrote: >>> =A0 http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff >> Hmm, build bombs out at sbin/ifconfig: > ... >> This is because the patch doesn't seem to contain >> sbin/ifconfig/af_nd6.c. =A0Can I just use the version from head? > > FYI, the patch also misses etc/rc.d/{faith,stf}. =A0Without these, > mergemaster fails; again, taking them from head fixes it. Hiroki -- I also attempted to use your patch against 8/Stable svn, and wanted to give some feedback. svn add before doing the svn diff will ensure that files you want to add to a patch get noticed. svn diff will only look at files under version control. 1) Patchset is missing examples and defaults for new rc.conf variables to /etc/defaults/rc.conf. (The defaults/rc.conf has been updated in -current, although perhaps once everything settles, it would help to expand the examples in comments) 2) I really like the changes to ifconfig and kernel for exposing per-interface flags for "accept_rtadv" and other ndp flags to ifconfig (and inherently rc.conf). I previously had to do some hackery to disable "accept_rtadv" at boot time for just one interface within rc.conf. 3) I would prefer that ipv6_enable remain a global flag in rc.conf, and NOT be obsoleted. I would also prefer that ipv6_network_interfaces=3D"auto" as in the past by default. Again, I like the logic changes and the flexibility it provides, it is just the default/obsolete that I am interested in changing. 4) Personal opinion time: change the "accept_rtadv" token to "autoconf" in ifconfig and rc.conf, as this it is a better self-description. Just one persons opinion. 5) I noticed in the comments that you are considering allowing autoconf+router in a future advanced configuration. I completely agree with adding this functionality to -current (for ipv6 router cpe needs), we just need a new knob when this gets added. I had code around somewhere at one point. I'll see if I can find it still. There is a PR (conf/121812) on this as well. Given the timing, +1 for letting this bake in -current until after 8.0 release. If you want any early feedback for a future MFC of this code, feel free to email me and I will gladly test the patch. Thanks for the changes. ---Dave H From owner-freebsd-rc@FreeBSD.ORG Tue Oct 6 22:44:51 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E4241106566B; Tue, 6 Oct 2009 22:44:51 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.delphij.net (delphij-pt.tunnel.tserv2.fmt.ipv6.he.net [IPv6:2001:470:1f03:2c9::2]) by mx1.freebsd.org (Postfix) with ESMTP id 8EA818FC1B; Tue, 6 Oct 2009 22:44:51 +0000 (UTC) Received: from tarsier.geekcn.org (tarsier.geekcn.org [211.166.10.233]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tarsier.delphij.net (Postfix) with ESMTPS id A8B9E5C024; Wed, 7 Oct 2009 06:44:50 +0800 (CST) Received: from localhost (tarsier.geekcn.org [211.166.10.233]) by tarsier.geekcn.org (Postfix) with ESMTP id 5CDCD55CE3D9; Wed, 7 Oct 2009 06:44:50 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([211.166.10.233]) by localhost (mail.geekcn.org [211.166.10.233]) (amavisd-new, port 10024) with ESMTP id Ca+h1OLRzUzq; Wed, 7 Oct 2009 06:44:45 +0800 (CST) Received: from charlie.delphij.net (adsl-76-237-33-60.dsl.pltn13.sbcglobal.net [76.237.33.60]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTPSA id C0D5155CE3D3; Wed, 7 Oct 2009 06:44:42 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:cc:subject:references:in-reply-to: x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=WJaxvYLS/kXuKHZYyCeQetmQ9W8Su27jO+wxzGA0lEdLqwA0BRpMW5UlQBeRrvWpx KrFOg4usF7mtcSjtWWaug== Message-ID: <4ACBC857.2030207@delphij.net> Date: Tue, 06 Oct 2009 15:44:39 -0700 From: Xin LI Organization: The FreeBSD Project User-Agent: Thunderbird 2.0.0.23 (X11/20091004) MIME-Version: 1.0 To: Wesley Shields References: <20091004141118.GG95662@syndicate.internationalconspiracy.org> <4AC8F7EF.9010303@FreeBSD.org> <20091005135842.GA8629@atarininja.org> In-Reply-To: <20091005135842.GA8629@atarininja.org> X-Enigmail-Version: 0.96.0 OpenPGP: id=18EDEBA0; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Alex Trull , Doug Barton , freebsd-rc@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: (Ab)using rcng's features to keep rc.d-style services running should they fail. X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Oct 2009 22:44:52 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wesley Shields wrote: > On Sun, Oct 04, 2009 at 12:30:55PM -0700, Doug Barton wrote: >> Alex Trull wrote: >>> Hi all, >>> >>> I realised that because portupgrade/portmaster don't always >>> cleanly restart processes that have died due to being >>> upgraded (mysqld, often!) that this was something I wanted >>> to fix. >> I can't speak to portupgrade, however for portmaster there is no such >> facility whatsoever. The admin is expected to disable things prior to >> an upgrade and re-enable them when the upgrade is done. I don't feel >> that this is an overwhelming burden. :) > > There is the @stopdaemon directive in plists (which gets translated into > @unexec to forcestop the script). Some ports use it and some do not. > Personally I think ports doing this automatically are quite annoying, > and would love to rip them all out from the ports. Something like > portmaster growing support for it would be welcome provided it does not > happen by default. +1 I think this feature should be user-controllable (or, the 'make install' should be 'restart'ing the rc.d script at very least). Cheers, - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (FreeBSD) iEYEARECAAYFAkrLyFcACgkQi+vbBBjt66DZ5QCfU3LSI+RiZwJv3huFx4wd3QNe UUsAn37vdhs30y+2eE/HLaw424CS7dMh =1FW0 -----END PGP SIGNATURE----- From owner-freebsd-rc@FreeBSD.ORG Wed Oct 7 03:33:05 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 834051065693; Wed, 7 Oct 2009 03:33:05 +0000 (UTC) (envelope-from doconnor@gsoft.com.au) Received: from cain.gsoft.com.au (cain.gsoft.com.au [203.31.81.10]) by mx1.freebsd.org (Postfix) with ESMTP id A436A8FC14; Wed, 7 Oct 2009 03:33:04 +0000 (UTC) Received: from inchoate.gsoft.com.au (inchoate.gsoft.com.au [203.31.81.30]) (authenticated bits=0) by cain.gsoft.com.au (8.13.8/8.13.8) with ESMTP id n972qu1b069214 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 7 Oct 2009 13:22:57 +1030 (CST) (envelope-from doconnor@gsoft.com.au) From: "Daniel O'Connor" To: freebsd-hackers@freebsd.org, d@delphij.net Date: Wed, 7 Oct 2009 13:22:39 +1030 User-Agent: KMail/1.9.10 References: <20091004141118.GG95662@syndicate.internationalconspiracy.org> <20091005135842.GA8629@atarininja.org> <4ACBC857.2030207@delphij.net> In-Reply-To: <4ACBC857.2030207@delphij.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart8902491.FueqLsS0Pt"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200910071322.48738.doconnor@gsoft.com.au> X-Spam-Score: -3.977 () ALL_TRUSTED,BAYES_00 X-Scanned-By: MIMEDefang 2.63 on 203.31.81.10 Cc: Alex Trull , Wesley Shields , Doug Barton , freebsd-rc@freebsd.org Subject: Re: (Ab)using rcng's features to keep rc.d-style services running should they fail. X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Oct 2009 03:33:05 -0000 --nextPart8902491.FueqLsS0Pt Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wed, 7 Oct 2009, Xin LI wrote: > Wesley Shields wrote: > > On Sun, Oct 04, 2009 at 12:30:55PM -0700, Doug Barton wrote: > >> Alex Trull wrote: > >>> Hi all, > >>> > >>> I realised that because portupgrade/portmaster don't always > >>> cleanly restart processes that have died due to being > >>> upgraded (mysqld, often!) that this was something I wanted > >>> to fix. > >> > >> I can't speak to portupgrade, however for portmaster there is no > >> such facility whatsoever. The admin is expected to disable things > >> prior to an upgrade and re-enable them when the upgrade is done. I > >> don't feel that this is an overwhelming burden. :) > > > > There is the @stopdaemon directive in plists (which gets translated > > into @unexec to forcestop the script). Some ports use it and some > > do not. Personally I think ports doing this automatically are quite > > annoying, and would love to rip them all out from the ports. > > Something like portmaster growing support for it would be welcome > > provided it does not happen by default. > > +1 > > I think this feature should be user-controllable (or, the 'make > install' should be 'restart'ing the rc.d script at very least). It won't actually start anything you haven't enabled in rc.conf though=20 since all ports install rc.d scripts which require FOO_enable to be=20 YES. That said a knob like RESTART_SERVICES or similar would be nice. =2D-=20 Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C --nextPart8902491.FueqLsS0Pt Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (FreeBSD) iD8DBQBKzAKA5ZPcIHs/zowRAmR0AJsEVYLNNKxI0wSISD1YRU9fvbTt4ACgpU3R W0+DjRmqeLH3MtYbJRV5Uyg= =jzPh -----END PGP SIGNATURE----- --nextPart8902491.FueqLsS0Pt-- From owner-freebsd-rc@FreeBSD.ORG Wed Oct 7 19:12:08 2009 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44EBB106566B; Wed, 7 Oct 2009 19:12:08 +0000 (UTC) (envelope-from jhay@meraka.csir.co.za) Received: from zibbi.meraka.csir.co.za (zibbi.meraka.csir.co.za [IPv6:2001:4200:7000:2::1]) by mx1.freebsd.org (Postfix) with ESMTP id 0E78C8FC12; Wed, 7 Oct 2009 19:12:07 +0000 (UTC) Received: by zibbi.meraka.csir.co.za (Postfix, from userid 3973) id AD6C73982C; Wed, 7 Oct 2009 21:12:03 +0200 (SAST) Date: Wed, 7 Oct 2009 21:12:03 +0200 From: John Hay To: "Bjoern A. Zeeb" Message-ID: <20091007191203.GA24065@zibbi.meraka.csir.co.za> References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <20091005055806.GB58246@zibbi.meraka.csir.co.za> <20091005091708.J26486@maildrop.int.zabbadoz.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20091005091708.J26486@maildrop.int.zabbadoz.net> User-Agent: Mutt/1.4.2.3i Cc: freebsd-current@FreeBSD.org, Hiroki Sato , freebsd-rc@FreeBSD.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration (was: Re: svn commit: r197145 - in head: etc/defaults share/man/man5) X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Oct 2009 19:12:08 -0000 Hi, Sorry I was away from keyboard for a few days. On Mon, Oct 05, 2009 at 09:25:18AM +0000, Bjoern A. Zeeb wrote: > On Mon, 5 Oct 2009, John Hay wrote: > > Hi, > > >On Mon, Oct 05, 2009 at 12:34:27PM +0900, Hiroki Sato wrote: > >>Hi, > >> > >> I would like your comments about merging the network_ipv6 -> netif > >> integration to stable/8. The issue of this rc.d script change is it > >> involves user-visible changes in rc.conf(5) variables as described in > >> UPDATING. > >> > >> I still want to do so before 8.0-R because the ND6 change in -CURRENT > >> needs updating IPv6-related rc.d scripts first. While the ND6 change > >> is not harmful from viewpoint of compatibility because basically it > >> just converts a global knob to a per-interface flag, handling it in > >> the rc.d scripts needs a kind of overhaul of rc.d/network_ipv6 and > >> rc.d/netif. > >> > >> The necessary changes have already been committed into -CURRENT. It > >> displays a warning to inform the users what is old in the rc.conf if > >> the user uses rc.d variables that have been changed, and at the same > >> time it keeps backward compatibility so that the old variables also > >> work. So, I think the impact is small enough, and this sort of > >> visible changes should be included in the .0 release rather than in > >> the middle of future 8.x releases. > >> > >> The patch for stable/8 can be found at: > >> > >> http://people.freebsd.org/~hrs/ipv6_stable8.20091005.diff > >> > >> This includes both of the ND6 kernel change and the rc.d script > >> change. If there is an objection from someone here I will put off > >> the merge until after 8.0-R. > > > >Is there a good reason why we still ship with ipv6 off by default? Most > >others seem to ship with ipv6 on. At least Windows, most linux flavours > >and Mac OS X which make out the rest of the machines on our network here > >at Meraka Institute. > > > >One thing that I have against the way the stuff in -current is done at > >the moment, is that it seems to be a lot more work to just get ipv6 to > >work. Either I did things wrong or we are taking a step backward. Make > >no mistake, I like the idea of being able to control it per interface, > >but it seems that you have to enable it per interface with a long string > >for each... I would rather that it is enabled everywhere by default and > >then you disbale it where you do not want it. > > > link-local had been enabled by default in the past and I am not sure > if we had a SA or EN for that or that it was just preemptively > disabled. > > The problem is that if it is enabled by default you are exposing > yourself to others on the same network. That is of course especially > bad if you are in untrusted environments like conferences, ... or on a > public LAN. For a while I hoped that we could return to the good old days, but I guess it is fear and terror nowadays. :-/ > If we'd support IPv4 link-local addresses by default we would have to > apply the same logic there. > > I am not sure about OSX but at least Windows has a firewall set to > deny any unrelated incoming things by default these days. Well depending on how narrow you look at it, we are not that far away from that. We have all network services off by default and if you install via sysinstall, you get a chance to enable the ones you want. :-) > > Just because others haven't yet (really) thought about the problems > doesn't mean they aren't there. > > If you want to use IPv4 you either add an address or start DHCP or .. > and you have to configure that. If you want IPv6, you configure that > as well. You shall not have anything enbaled by default that people > can use to attack you and you don't know about because you didn't > configure. > > While (we) IPv6 people know that it would be there a lot of people are > still totally unaware of IPv6 and they would be surprised. Ok I can understand why not have it totally enabled by default, but why not keep ipv6_enabled and let the user only have to add ipv6_enabled="YES" to his rc.conf and have the "normal" case of a client ipv6 box just work? Either on all interfaces or limited to maybe network_interfaces. After all, one of the aims of IPv6 was to make configuration easier for the "normal" client case. John -- John Hay -- jhay@meraka.csir.co.za / jhay@FreeBSD.org From owner-freebsd-rc@FreeBSD.ORG Fri Oct 9 10:21:23 2009 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E7E7E106566B; Fri, 9 Oct 2009 10:21:22 +0000 (UTC) (envelope-from dimitry@andric.com) Received: from tensor.andric.com (cl-327.ede-01.nl.sixxs.net [IPv6:2001:7b8:2ff:146::2]) by mx1.freebsd.org (Postfix) with ESMTP id 81C0A8FC08; Fri, 9 Oct 2009 10:21:22 +0000 (UTC) Received: from [IPv6:2001:7b8:3a7:0:1121:8bf:8006:29a3] (unknown [IPv6:2001:7b8:3a7:0:1121:8bf:8006:29a3]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tensor.andric.com (Postfix) with ESMTPSA id 5AC4F5C43; Fri, 9 Oct 2009 12:21:21 +0200 (CEST) Message-ID: <4ACF0EA0.9070401@andric.com> Date: Fri, 09 Oct 2009 12:21:20 +0200 From: Dimitry Andric User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.1.4pre) Gecko/20091003 Shredder/3.0pre MIME-Version: 1.0 To: David Horn References: <200909122222.n8CMMV3d099311@svn.freebsd.org> <4AB15FCE.70505@FreeBSD.org> <20090920.224018.16368211.hrs@allbsd.org> <20091005.123427.227628092.hrs@allbsd.org> <4ACA4B81.3090105@andric.com> <4ACB3A08.9030109@andric.com> <25ff90d60910060921k2118994aq1f5b0431868ec800@mail.gmail.com> In-Reply-To: <25ff90d60910060921k2118994aq1f5b0431868ec800@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-rc@freebsd.org, freebsd-current@freebsd.org Subject: Re: nd6 change and rc.d/network_ipv6 -> rc.d/netif integration X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Oct 2009 10:21:23 -0000 On 2009-10-06 18:21, David Horn wrote: > 1) Patchset is missing examples and defaults for new rc.conf > variables to /etc/defaults/rc.conf. (The defaults/rc.conf has been > updated in -current, although perhaps once everything settles, it > would help to expand the examples in comments) Not only that, it would prevent the following needless warnings, which are printed at every boot: [...] /etc/rc: WARNING: $ipv6_enable is obsolete. Use $ipv6_prefer instead. /etc/rc: WARNING: $ipv6_enable is obsolete. Use $ipv6_prefer instead. [...] /etc/rc: WARNING: $ipv6_router_enable is obsolete. Use $route6d_enable instead. /etc/rc: WARNING: $ipv6_router is obsolete. Use $route6d_program instead. /etc/rc: WARNING: $router_enable is obsolete. Use $routed_enable instead. /etc/rc: WARNING: $router is obsolete. Use $routed_program instead. /etc/rc: WARNING: $router_flags is obsolete. Use $routed_flags instead. Although the warning about ipv6_enable could be considered right, there's no need to print it twice, and I never touched any of the other ipv6_* or router_* variables. Those are from /etc/defaults/rc.conf. > 2) I really like the changes to ifconfig and kernel for exposing > per-interface flags for "accept_rtadv" and other ndp flags to ifconfig > (and inherently rc.conf). I previously had to do some hackery to > disable "accept_rtadv" at boot time for just one interface within > rc.conf. I'm not entirely sure if this is a sensible default. I would guess that for most users (80%? 90%?) the choice is only to have IPv6 "globally" disabled or enabled, and only a small percentage of users will need per-interface enabling/disabling of IPv4. Since it's now 2009 and everybody should start using IPv6 ASAP, it might make sense to have IPv6 globally enabled by default, with additional options for users like David to selectively disable it for individual interfaces. > 3) I would prefer that ipv6_enable remain a global flag in rc.conf, > and NOT be obsoleted. I would also prefer that > ipv6_network_interfaces="auto" as in the past by default. Again, I > like the logic changes and the flexibility it provides, it is just the > default/obsolete that I am interested in changing. Seconded. Even Windows defaults to enabling IPv6 globally for all interfaces these days. :) > 4) Personal opinion time: change the "accept_rtadv" token to > "autoconf" in ifconfig and rc.conf, as this it is a better > self-description. Just one persons opinion. Since the old "global" sysctl was also called accept_rtadv, I understand the same name was chosen for the per-interface option. People might confuse "autoconf" with "zeroconf" or other automatic configuration systems. Since the option means to accept router advertisements, accept_rtadv seems not a very bad name to me... :) > Given the timing, +1 for letting this bake in -current until after 8.0 > release. Yes. A few weeks at least.