* [uml-devel] mconsole telinit design, worry about init standards?
@ 2004-02-06 0:37 Dan Shearer
2004-02-06 5:42 ` Cameron Patrick
2004-02-12 1:14 ` Jeff Dike
0 siblings, 2 replies; 10+ messages in thread
From: Dan Shearer @ 2004-02-06 0:37 UTC (permalink / raw
To: user-mode-linux-devel; +Cc: miquels
I've got a rough implementation of an mcsonole telinit command, where
mconsole_kern opens /dev/initctl and sends a command to change
runlevels. Some small changes in arch/um/mconsole_kern.c.
This raises a question about UML design. UML shouldn't be dependent on
any specific program running inside the VM. In this case, /dev/initctl
is implemented by the init usually found on Linux systems, from the
sysvinit package by Miquel van Smoorenburg. But is this too specific?
I have the impression that close to zero Linuz distros install any other
init, but I don't have good evidence. Perhaps Miquel can comment on
this.
I have looked for a standard definition of what communication mechanisms
init should have but haven't found anything so far.
--
Dan Shearer
dan@shearer.org
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-06 0:37 [uml-devel] mconsole telinit design, worry about init standards? Dan Shearer
@ 2004-02-06 5:42 ` Cameron Patrick
2004-02-07 15:33 ` BlaisorBlade
2004-02-12 1:14 ` Jeff Dike
1 sibling, 1 reply; 10+ messages in thread
From: Cameron Patrick @ 2004-02-06 5:42 UTC (permalink / raw
To: user-mode-linux-devel
Dan Shearer wrote:
| I've got a rough implementation of an mcsonole telinit command, where
| mconsole_kern opens /dev/initctl and sends a command to change
| runlevels. Some small changes in arch/um/mconsole_kern.c.
|
| This raises a question about UML design. UML shouldn't be dependent on
| any specific program running inside the VM.
How about having some kind of generic interface to allow the host to
access files, send signals, etc inside the VM? That would be overkill
for a simple telinit but could open up other possibilities too.
Cameron.
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-06 5:42 ` Cameron Patrick
@ 2004-02-07 15:33 ` BlaisorBlade
2004-02-09 0:11 ` Michael Richardson
0 siblings, 1 reply; 10+ messages in thread
From: BlaisorBlade @ 2004-02-07 15:33 UTC (permalink / raw
To: user-mode-linux-devel; +Cc: Cameron Patrick
Alle 06:42, venerdì 6 febbraio 2004, Cameron Patrick ha scritto:
> Dan Shearer wrote:
> | I've got a rough implementation of an mcsonole telinit command, where
> | mconsole_kern opens /dev/initctl and sends a command to change
> | runlevels. Some small changes in arch/um/mconsole_kern.c.
> |
> | This raises a question about UML design. UML shouldn't be dependent on
> | any specific program running inside the VM.
>
> How about having some kind of generic interface to allow the host to
> access files, send signals, etc inside the VM? That would be overkill
> for a simple telinit but could open up other possibilities too.
Some time ago I posted an ugly but working patch to add this command to
mconsole:
exec <command line> - exec that command inside UML.
Thanks to cat, kill and so on, this patch extends to what you think and much
more - and reduces the code needed to implement that.
That patch didn't manage stdin and stdout (I first thought this) + was a bit
bad and I haven't had time to correct it + Jeff Dike (and I agree with him)
didn't accept the patch, not because it was wrong (it worked) but because he
felt that an exec command is useless (just open another console, even without
login, to execute those commands), but if people are interested, I could
produce a 2.6 version with I/O support (maybe!). Note that I/O couldn't go to
mconsole - too much pain to do that, but to a "virtual" /dev/ttyN of user's
choice (one like the other virtual consoles).
--
Paolo Giarrusso, aka Blaisorblade
Linux registered user n. 292729
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-07 15:33 ` BlaisorBlade
@ 2004-02-09 0:11 ` Michael Richardson
0 siblings, 0 replies; 10+ messages in thread
From: Michael Richardson @ 2004-02-09 0:11 UTC (permalink / raw
To: user-mode-linux-devel
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "BlaisorBlade" == BlaisorBlade <blaisorblade_spam@yahoo.it> writes:
BlaisorBlade> Some time ago I posted an ugly but working patch to add
BlaisorBlade> this command to mconsole:
BlaisorBlade> exec <command line> - exec that command inside UML.
BlaisorBlade> that an exec command is useless (just open another console,
BlaisorBlade> even without login, to execute those commands), but if
BlaisorBlade> people are interested, I could produce a 2.6 version with
Uh, but you can't do that from CRON!
For instance, what if one had mysql or some such in a UML, and wanted it to
sync its DB or some such (take a snapshot) to some hostfs, and then do the
backups on the host?
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr@xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQCbQM4qHRg3pndX9AQG7vwQAyQYbv6AicPNyNBgRfdtT6VDHdJ/jQ2Yl
gTFrGVENeGEXV4FW8XZJuG0gxA17Z6JkBpToomA2e7S8CKLFBb1KV9bR7g0d01ba
wDKNyNE9uXFFNKHcnzKs/OPM25eoC7NJU5sO19MZZxb0hXBEwu9kqx3W+20xr+gm
iV5vR3t2e4Q=
=sDNA
-----END PGP SIGNATURE-----
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-06 0:37 [uml-devel] mconsole telinit design, worry about init standards? Dan Shearer
2004-02-06 5:42 ` Cameron Patrick
@ 2004-02-12 1:14 ` Jeff Dike
2004-02-12 1:47 ` Dan Shearer
2004-02-13 11:03 ` Miquel van Smoorenburg
1 sibling, 2 replies; 10+ messages in thread
From: Jeff Dike @ 2004-02-12 1:14 UTC (permalink / raw
To: Dan Shearer, Cameron Patrick, BlaisorBlade; +Cc: user-mode-linux-devel, miquels
dan@shearer.org said:
> I've got a rough implementation of an mcsonole telinit command, where
> mconsole_kern opens /dev/initctl and sends a command to change
> runlevels.
cameron@patrick.wattle.id.au said:
> How about having some kind of generic interface to allow the host to
> access files, send signals, etc inside the VM?
Sorry, but none of these handy things are going into the kernel. If you want
to run processes, open files, etc, you can do all that from userspace.
I see the following possibilities:
Log in and run the command - some people don't like to write scripts
to go through the login process, so you can
Have a dedicated console which just has a root shell running on it. I
think there will be people who object to parsing shell prompts, so they can
Send the command through /proc/mconsole to a script which does
while true; do cmd=read < /proc/mconsole; `$cmd >& /proc/mconsole`; done
This last requires that /proc/mconsole be made bidirectional, plus it requires
that script running inside UML. All of these require some amount of setup
beforehand (knowledge of the root password, inittab running a shell instead of
getting on one console, the /proc/mconsole script).
All of them are also subject to interference by a hostile root inside the
UML. However, the in-kernel proposals can be subverted by root as well (change
init to not obey initctl, move files around, etc).
Jeff
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-12 1:14 ` Jeff Dike
@ 2004-02-12 1:47 ` Dan Shearer
2004-02-12 3:49 ` Jeff Dike
2004-02-13 11:03 ` Miquel van Smoorenburg
1 sibling, 1 reply; 10+ messages in thread
From: Dan Shearer @ 2004-02-12 1:47 UTC (permalink / raw
To: Jeff Dike; +Cc: Cameron Patrick, BlaisorBlade, user-mode-linux-devel, miquels
Jeff,
On Wed, Feb 11, 2004 at 08:14:05PM -0500, Jeff Dike wrote:
> dan@shearer.org said:
> > I've got a rough implementation of an mcsonole telinit command, where
> > mconsole_kern opens /dev/initctl and sends a command to change
> > runlevels.
>
> cameron@patrick.wattle.id.au said:
> > How about having some kind of generic interface to allow the host to
> > access files, send signals, etc inside the VM?
>
> Sorry, but none of these handy things are going into the kernel. If you want
> to run processes, open files, etc, you can do all that from userspace.
Could you tell us what the rules are? At some level we can interact with
the kernel (eg call the c-a-d and halt handlers.) Yet at another we
can't (run processes.) This has to do with how much potential there is
for trouble. Would you be happy with sending signals? If so, even RT
signals, which have a payload? If not, perhaps you could indicate which
class of things you are happy for us to trigger. Perhaps only things
which can be conceptually related to the hardware... so long as we know.
This is part of having a clearer model about what UML is.
> I see the following possibilities:
Yes, the things you propose will work. The bit that we have been trying
to get away from here (in more or less ambitious ways:-) is cooperation
from the UML. I don't mind relying on the UML root being non-hostile (in
many cases that is their right to be relatively hostile if they like,
hosting is that sort of a thing :-) but I want to avoid requiring more
than a tiny minimum above ordinary software intstalled, or better still
nothing at all.
--
Dan Shearer
dan@shearer.org
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-12 1:47 ` Dan Shearer
@ 2004-02-12 3:49 ` Jeff Dike
2004-02-12 4:40 ` Dan Shearer
0 siblings, 1 reply; 10+ messages in thread
From: Jeff Dike @ 2004-02-12 3:49 UTC (permalink / raw
To: Dan Shearer; +Cc: Cameron Patrick, BlaisorBlade, user-mode-linux-devel, miquels
dan@shearer.org said:
> Could you tell us what the rules are?
The rule is - if it can be done in userspace, it is. And if it can't be done
in userspace, you implement as little as possible in the kernel, and export
an interface that lets the rest be done in userspace. C-A-D is a good example -
you need to have the basic handler in the kernel, but the actual reaction to
it is in init, and specified by inittab.
So, the stuff that I'm willing to stick in the mconsole driver are things like
diagnosing a sick UML (where you may not be able to start processes - mconsole
proc, which barely passed muster with Al Viro) and pulling hardware in and
out.
Jeff
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-12 3:49 ` Jeff Dike
@ 2004-02-12 4:40 ` Dan Shearer
0 siblings, 0 replies; 10+ messages in thread
From: Dan Shearer @ 2004-02-12 4:40 UTC (permalink / raw
To: Jeff Dike; +Cc: Cameron Patrick, BlaisorBlade, user-mode-linux-devel, miquels
On Wed, Feb 11, 2004 at 10:49:15PM -0500, Jeff Dike wrote:
> dan@shearer.org said:
> > Could you tell us what the rules are?
>
> The rule is - if it can be done in userspace, it is. And if it can't be done
> in userspace, you implement as little as possible in the kernel, and export
> an interface that lets the rest be done in userspace. C-A-D is a good example -
> you need to have the basic handler in the kernel, but the actual reaction to
> it is in init, and specified by inittab.
>
> So, the stuff that I'm willing to stick in the mconsole driver are things like
> diagnosing a sick UML (where you may not be able to start processes - mconsole
> proc, which barely passed muster with Al Viro) and pulling hardware in and
> out.
There is very little overlap between this and what I'm looking for,
which is a way of interacting with an unmodified Linux, initially a way
of getting it to do a clean init-style shutdown without introducing any
specific new tools.
What about the ability to inject ACPI commands to the kernel? So long as
the user has installed whatever standard tools their distro uses to
listen on /proc/acpi (2.4.x) or /sys/power (2.6.x) then there is a
reasonable chance we can run externally imposed shutdown/resume/halt
events. APM would perhaps be simpler but presumably support for APM will
reduce over time.
This would integrate nicely with swsuspend for UML.
--
Dan Shearer
dan@shearer.org
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-12 1:14 ` Jeff Dike
2004-02-12 1:47 ` Dan Shearer
@ 2004-02-13 11:03 ` Miquel van Smoorenburg
2004-02-13 11:23 ` Dan Shearer
1 sibling, 1 reply; 10+ messages in thread
From: Miquel van Smoorenburg @ 2004-02-13 11:03 UTC (permalink / raw
To: Jeff Dike
Cc: Dan Shearer, Cameron Patrick, BlaisorBlade, user-mode-linux-devel,
miquels
On 2004.02.12 02:14, Jeff Dike wrote:
> dan@shearer.org said:
> > I've got a rough implementation of an mcsonole telinit command, where
> > mconsole_kern opens /dev/initctl and sends a command to change
> > runlevels.
>
> cameron@patrick.wattle.id.au said:
> > How about having some kind of generic interface to allow the host to
> > access files, send signals, etc inside the VM?
>
> Sorry, but none of these handy things are going into the kernel. If you want
> to run processes, open files, etc, you can do all that from userspace.
>
> I see the following possibilities:
>
> Log in and run the command - some people don't like to write scripts
> to go through the login process, so you can
> Have a dedicated console which just has a root shell running on it. I
> think there will be people who object to parsing shell prompts, so they can
> Send the command through /proc/mconsole to a script which does
>
> while true; do cmd=read < /proc/mconsole; `$cmd >& /proc/mconsole`; done
Why not use IP. There is network connectivity in an UML instance, right? You can
run some deamon on the host that accepts commands from the UML instance.
You need to make it secure (local networking only, priviliged ports, secret
key) but that would be a generic interface to talk from/to the host without
any kernel hacking.
Then just run "telinit" or "shutdown" from the daemon.
Mike.
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [uml-devel] mconsole telinit design, worry about init standards?
2004-02-13 11:03 ` Miquel van Smoorenburg
@ 2004-02-13 11:23 ` Dan Shearer
0 siblings, 0 replies; 10+ messages in thread
From: Dan Shearer @ 2004-02-13 11:23 UTC (permalink / raw
To: Miquel van Smoorenburg
Cc: Jeff Dike, Cameron Patrick, BlaisorBlade, user-mode-linux-devel
On Fri, Feb 13, 2004 at 12:03:41PM +0100, Miquel van Smoorenburg wrote:
> On 2004.02.12 02:14, Jeff Dike wrote:
> > dan@shearer.org said:
> > > I've got a rough implementation of an mcsonole telinit command, where
> > > mconsole_kern opens /dev/initctl and sends a command to change
> > > runlevels.
> >
> > cameron@patrick.wattle.id.au said:
> > > How about having some kind of generic interface to allow the host to
> > > access files, send signals, etc inside the VM?
> >
> > Sorry, but none of these handy things are going into the kernel. If you want
> > to run processes, open files, etc, you can do all that from userspace.
> >
> > I see the following possibilities:
> >
> > Log in and run the command - some people don't like to write scripts
> > to go through the login process, so you can
> > Have a dedicated console which just has a root shell running on it. I
> > think there will be people who object to parsing shell prompts, so they can
> > Send the command through /proc/mconsole to a script which does
> >
> > while true; do cmd=read < /proc/mconsole; `$cmd >& /proc/mconsole`; done
>
> Why not use IP. There is network connectivity in an UML instance, right? You can
> run some deamon on the host that accepts commands from the UML instance.
> You need to make it secure (local networking only, priviliged ports, secret
> key) but that would be a generic interface to talk from/to the host without
> any kernel hacking.
>
> Then just run "telinit" or "shutdown" from the daemon.
Yes, this is very possible (and I do it myself) but doesn't help in some
cases. Sometimes it is important to map the UML simulation to the real
world as far as possible *at the same time* as providing facilities
which are in advance of what the real world offers, eg externally
imposed shutdowns via standard interfaces.
Take two cases: honeypots and commercially hosted UMLs. There are
risks/inconveniences/costs in providing extra new things inside the UML
just because it is a UML. So some special IP daemon is ruled out, and
redefiniting /etc/inittab is either risky or ruled out.
At least my (somewhat clumsy) idea of a UPS interface doesn't require
anything that might not be there in real life anyway. Similarly with the
idea of ACPI commands, which are triggered by external events anyway.
And similarly with the idea of having mconsole send signals.
Incidentally Mike, I have had a discussion with someone from the LSB who
suggests that a standard for init behaviour might be a good thing. But
that's another discussion in another forum :-)
--
Dan Shearer
dan@shearer.org
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2004-02-13 11:23 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-02-06 0:37 [uml-devel] mconsole telinit design, worry about init standards? Dan Shearer
2004-02-06 5:42 ` Cameron Patrick
2004-02-07 15:33 ` BlaisorBlade
2004-02-09 0:11 ` Michael Richardson
2004-02-12 1:14 ` Jeff Dike
2004-02-12 1:47 ` Dan Shearer
2004-02-12 3:49 ` Jeff Dike
2004-02-12 4:40 ` Dan Shearer
2004-02-13 11:03 ` Miquel van Smoorenburg
2004-02-13 11:23 ` Dan Shearer
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.