On Do, 04.07.24 12:44, Demi Marie Obenour (demi@xxxxxxxxxxxxxxxxxxxxxx) wrote: > > No, these belong to your process, systemd couldn't really reach into > > your processes to close them, even if it wanted to. > > > > But do note that any files you keep open or mapped at the moment of transition > > will remain pinned in memory, and cannot be released by the > > kernel. this means that even though during the tmpfs→host transition > > we generally destory the initrd's tmpfs' contents, the stuff you keep > > pinned will stick around. > > > > Generally, only special purpose software should be left around that > > way, if it is carefully written to handle this. For example it is not > > allowed to dlopen() anything (and hence no NSS either! No > > gethostbyname() or getpwnam() or so), because you'd otherwise end up > > with a weird mix of match of shared libs from the initrd and the host. > > If one does need to e.g. do DNS lookups in such a process, what is the > best way to do it? Well, simply don't write programs like that, of course. But if you really feel you must: If you need DNS, then do the lookups via your own statically linked DNS lib maybe? You could talk to resolved's varlink or D-Bus interfaces too, but I find this a bit icky, since you'll end up consuming services provided by the OS on the root fs, while you should instead provide services to that OS, but not consume them. If you want user/group name resolution: these are generally a resource manager by the host OS, hence you almos certainly are doing things wrong if you want to resolve them from your initrd service. You could talk to userdbd of course, via Varlink IPC, but the same applies as above: it's a bit icky if you consume services provided by the OS, if you are such a low-level daemon that must survive from initrd into host. In many ways: if you run like this you should consider yourself conceptually closer to kernelspace than to userspace. And hence, the same way as kernelspace generally doesn't resolve users or hostnames you shouldn't really either. Lennart -- Lennart Poettering, Berlin
Re: Question about the killing spree during the transition from the initrd to the root file system.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Question about the killing spree during the transition from the initrd to the root file system.
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Mon, 8 Jul 2024 13:16:56 +0200
- Cc: "chenruyi (A)" <chenruyi2@xxxxxxxxxx>, "systemd-devel@xxxxxxxxxxxxxxxxxxxxx" <systemd-devel@xxxxxxxxxxxxxxxxxxxxx>, Xiexiangyou <xiexiangyou@xxxxxxxxxx>, zhengchuan <zhengchuan@xxxxxxxxxx>, yubihong <yubihong@xxxxxxxxxx>
- In-reply-to: <ZobRVqU3XzVBW5MI@itl-email>
- References: <cdc5c0aa5aad4a0ba70159a9dc43bf5e@huawei.com> <ZoahDGrkGo8XDJYD@gardel-login> <ZobRVqU3XzVBW5MI@itl-email>
- Follow-Ups:
- Re: Question about the killing spree during the transition from the initrd to the root file system.
- From: Demi Marie Obenour
- Re: Question about the killing spree during the transition from the initrd to the root file system.
- References:
- Re: Question about the killing spree during the transition from the initrd to the root file system.
- From: Lennart Poettering
- Re: Question about the killing spree during the transition from the initrd to the root file system.
- From: Demi Marie Obenour
- Re: Question about the killing spree during the transition from the initrd to the root file system.
- Prev by Date: Re: passing additional FDs to service
- Next by Date: Re: Question about the killing spree during the transition from the initrd to the root file system.
- Previous by thread: Re: Question about the killing spree during the transition from the initrd to the root file system.
- Next by thread: Re: Question about the killing spree during the transition from the initrd to the root file system.
- Index(es):
 |