Date: Sat, 14 Jan 2017 11:26:10 +0000 From: Jonathan de Boyne Pollard <J.deBoynePollard-newsgroups@NTLWorld.com> To: FreeBSD Hackers <freebsd-hackers@freebsd.org>, Debian users <debian-user@lists.debian.org>, Supervision <supervision@list.skarnet.org> Subject: nosh version 1.31 Message-ID: <0d6afc48-3465-3509-ff46-494da45022bc@NTLWorld.com> In-Reply-To: <76c00c13-4cc9-ed9c-f48f-81a3f050b80b@NTLWorld.com> References: <54430B41.3010301@NTLWorld.com> <76c00c13-4cc9-ed9c-f48f-81a3f050b80b@NTLWorld.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The nosh package is now up to version 1.31 . * http://jdebp.eu./Softwares/nosh/ * https://www.freebsd.org/news/status/report-2015-07-2015-09.html#The-nosh-Project * http://jdebp.info./Softwares/nosh/ This release fixes a problem with emergency mode that was introduced by accident in 1.29 . The emergency-login@console service was not properly enabled by package installation. Now it once again is. There are a number of bug fixes in this release, such as rare corner cases in how convert-systemd-units generates arguments to pass to sh, what port the nginx server part of Appcafe binds to when not the default, the use of setuidgid-fromenv to set more than 1 supplementary group ID, and making the Makefile in tinydns@* services work with both BSD and GNU make. Various service bundles that perform clean-up-directories actions at bootstrap have been made more difficult to accidentally re-trigger after bootstrap. There is also a fair amount of new features: * The automatically-generated data for tinydns@* services now encompasses all of the reverse lookup domain names for private/local IP addresses, so none of the DNS traffic involving such lookups will leak out of your machine/organization to the rest of Internet. * The userenv command has gained the ability to (optionally) set a whole lot more environment variables from the capabilities in /etc/login.conf and ~/.login_conf . It now can be used as the setup-the-user-environment part of a command chain that is designed to perform the setup of an interactive login session. This is particularly useful for fixing PCDM, the display manager in TrueOS. * The pipe command can now arrange to clean up the child process in one of two ways. This is made use of in the dnscache service bundles, and dnscache services no longer contain the perpetual zombie process that they had in version 1.30 . * Presets now support wildmat-style character set wildcards. e.g. one can now write "ttylogin@vc[0-9]-tty" as a service name pattern. * If you have been using the --verbose option to the start/stop/reset subcommands of system-control, you'll notice that it now colourizes its output. Its output has also been adjusted to more clearly indicate blocked services and what they are blocked by. The big item is that there is now a complete set of simple control groups manipulation commands, the pre-supplied service bundles all make use of it, and all service bundles created by convert-systemd-units make use of it. (All of this is a no-op on FreeBSD/TrueOS and OpenBSD, of course.) If you've read the Linux doco, you'll know that control groups do not require any sort of centralized gatekeeper process, and are a decentralized system that can be driven with just the echo command. In practice, using echo is non-trivial. The move-to-control-group, delegate-control-group-to, and set-control-group-knob commands take the hassle out of working out exactly what to echo where. They do all of the hard work of determining what the directory name of the current control group under /sys/fs/cgroup is, and present a simple system allowing one to create and navigate to another control group, delegate control over the current control group (and its subgroups) to an unprivileged user, and set control group knobs. The set-control-group-knob utility further illustrates the convenience functionality over and above a simple echo command. It can calculate a knob setting as a percentage of another number, handle SI and IEEE/IEC multiplier suffixes, and translate the device file names that are (comparatively) convenient for humans into the literal major and minor device numbers that the Linux control groups API actually operates in terms of. There are new chapters in the Guide covering the automatic import of FreeBSD 9 and PC-BSD Warden jails, how jailing services on FreeBSD/TrueOS works, and limiting services. The limiting services chapter covers both the original Unix resource limits system and Linux control groups.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0d6afc48-3465-3509-ff46-494da45022bc>