Toni Mueller <[EMAIL PROTECTED]> writes: > I'm almost entirely running things like slapd through runit these days, > so a sane runit starting environment would imho be good (chrooted + hdb > by default).
You mean specifically a run script? Or something else? I'm not sure what you mean by a "sane runit starting environment." (I personally am not a fan of running services inside chroots; I think it's excessive hassle for the amount of real security that it buys. But of course if someone contributed example scripts that didn't pose a maintenance burden, I wouldn't be adverse to including them in the package.) > If you have a suggestion for a good place, I'll be probably able to > contribute such a thing, but this doesn't interact too well with > logcheck (different formats etc.). And here you've lost me completely, I'm afraid, since I don't understand what logcheck has to do with using runit. :) > Otherwise, I'd assumed that just having a variable like > START_SLAPD > in /etc/default/slapd > similar to what SSH or other packages have, would imho be sufficient. ssh actually uses a sentinel file. But several people have now said that they expect an option in /etc/default/slapd, so my inclination right now is to add both options; they don't take up much space or add much complexity, and they have somewhat different "feels." (Sentinel files are more useful for temporarily disabling things quickly, similar to /etc/nologin.) -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
