Questions from my local LUG ML
Sean E. Russell
upstart at ser1.net
Sun Jan 7 02:09:00 GMT 2007
On Saturday 06 January 2007 18:32, Conrad Knauer wrote:
> - "Has anyone [outside of Ubuntu] taken a good, close look at upstart
> to see if there's any design problems there?" (and a corollary; are
> any other distros planning on adopting upstart?)
Yup! I've been trying to write a package that would replace Gentoo's init
process with Upstart. There are a few gaps in Upstart, but I don't think
there's anything that is fundamentally wrong in the design of Upstart,
although there's some question about how optional dependencies are to be best
handled.
> - In trying to replace "cron, atd, anacron and inetd" in addition to
> init, does "Upstart [run] contrary to the basic philosophy of Unix
> [...] Make each program do one thing well"? I quoted the Rationale
No. Upstart is, fundamentally, an event queue. All it does is process events
and fork scripts in response to system events. In fact, Upstart could
conceivably be re-implemented as a series of dbus configurations and an event
generator (I haven't seriously looked into this), since dbus is also an event
queue. There is a slight difference between dbus and Upstart, in that dbus
was designed for hardware events, and Upstart was designed more for software
events, but there you go.
I'd be disappointed to see cron and atd's functionality embedded into Upstart,
if only because that smells an awful lot like bloat. However, I could easily
see Upstart used by a cron layer, consisting of (a) a time-based event
generator, and (b) a system for inserting cron events into the Upstart event
queue. But how this progresses is not my decision to make, so it'll be
interesting to see how (or if) it develops.
> "I still fail to see how at/anacron/cron and inetd and init are
> variations of the same task, other than the most vague idea that "they
> are all ways of starting programs/services." (so is the command
My answer is that: they're all responses to system events. Init gets an event
to go into a certain runlevel, and fires off a bunch of sequential commands.
Cron receives a timing event, and fires off a bunch of commands in parallel.
atd is just cron, only it purges events after they've been executed. They
all are remarkably similar in what, and how, they operate.
> functions are quite different. I stand by my statement that putting
> at/cron/anacron/inetd functionality into upstart is contrary to the
> KISS principle."
Well, I agree with that person's sentiment. I'm not sure that Upstart should
be parsing time strings and such, as I've said... but that's easily extracted
into another tool, and it does make sense to have Upstart handling the
events.
> managing all that stuff is silly. The day Window became insecure was
> the day MS started pushing all the userland tools into system space.
Init and Upstart are both userland processes. They're just run by root.
> BIND has been rewritten several times and still hasn't eliminated all
> the security problems associated with it's monolithic design. In
> comparison, how often do we see exploits for ls, head, cat, etc.?"
Another way of looking at this is that every security problem has had to be
re-solved for every non-monolithic application. As long as the application
is relatively simple and restricted in scope, there's an advantage to having
a monolithic structure: once you solve a security problem, it is solved for
every job that software is responsible for.
> Thanks in advance for the answers! :)
Opinions :-)
--
### SER
### Deutsch|Esperanto|Francaise|Linux|XML|Java|Ruby|Aikido|Iaido
### http://www.ser1.net jabber.com:ser ICQ:83578737
### GPG: http://www.ser1.net/Security/ser_public.gpg
More information about the upstart-devel
mailing list