cvs commit: src/etc/rc.d early.sh

Doug Barton dougb at FreeBSD.org
Wed Oct 10 18:40:21 PDT 2007 

On Wed, 10 Oct 2007, David O'Brien wrote:

> On Tue, Oct 09, 2007 at 05:29:30PM -0700, David O'Brien wrote:
>> On Tue, Oct 09, 2007 at 07:30:14AM +0000, Doug Barton wrote:
>>>   Modified files:
>>>     etc/rc.d             early.sh
>>>   Log:
>>>   Deprecate use of the early.sh script as advertised when the support for
>>>   local rc.d scripts in the overall boot order was added.
>>
>> ". /etc/rc.early" in /etc/rc will stay?  Correct?
>
> To be clear - I don't care if its a ".sh" or proper RCng script.
> I'm just looking for a hook to do something before anything else in
> /etc/rc.d runs.  Commiting a /etc/rc.d/embryonic or /etc/rc.d/birth
> would be fine for my needs.

Can we get a better idea of what it is you're trying to do? As Mike 
pointed out, if it has to do with twiddling the environment a proper rc.d 
script won't help since it'll be executed in a subshell.

Also it's worth pointing out that currently early.sh is not the first 
thing run. The following is the order for the early stage (prior to 
inclusion of local scripts):
dumpon
initrandom
geli
gbde
encswap
ccd
swap1
mdconfig
ramdisk
early.sh
fsck
root
mountcritlocal
FILESYSTEMS

If you truly want to run something literally before everything else, we'd 
have to create something new, which perhaps is what you were getting at 
above. Before we add such a thing though, I'd like to get an idea of why 
it would be needed.

On Wed, 10 Oct 2007, Dag-Erling Smørgrav wrote:

> I must confess I don't really see the point of this change.

The commit message was pretty clear about the rationale. Running boot 
scripts without the benefit of a subshell is very dangerous, especially 
when the script we're talking about is one written by a user. The danger 
is compounded by the fact that these scripts are running early enough that 
any fatal errors will leave the system in a zombie state. This is not a 
theoretical issue, since in the past (when a lot of scripts from ports 
were .sh variety) we fielded a lot of support mail from users affected by 
bad scripts.

> If the problem is that rc.early is sourced by early.sh which is sourced
> by rc, simply rename early.sh to early so it runs in a subshell instead.

I'm not opposed to that idea (in fact I seriously considered it) but the 
reason I didn't do it is that I don't have a good sense of why we need it. 
Once again as Mike pointed out, the reason that it was there, and the 
reason it was .sh was specifically to do what we're now trying to avoid, 
since whatever benefits there may have been don't outweigh the risks.

I was unaware of the use of this script suggested in gmirror(8) until 
Dmitry pointed it out to me, and that usage should really be converted to 
a proper rc.d script. Other than that, while it's always possible that 
there are a whole lot of users out there quietly using this thing, I 
haven't seen any mention of it in a long time, and would rather eliminate 
a crufty hack than make it slightly less crufty.

My suggestion is to leave things as they are, and if there is pushback 
from the users based on the warnings printed when the script runs, we 
should revisit this. (I hope it's clear that things will still work the 
way that they work now, the only difference is that a warning will be 
printed if /etc/early.sh exists.)

Doug

-- 

     This .signature sanitized for your protection

More information about the cvs-src mailing list