Re: RFC: terminate init script when service is ready

To: debian-devel@lists.debian.org
Subject: Re: RFC: terminate init script when service is ready
From: Bastian Blank <waldi@debian.org>
Date: Sun, 19 Aug 2012 10:29:49 +0200
Message-id: <[🔎] 20120819082949.GB32689@wavehammer.waldi.eu.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] E1T2zg0-0002aJ-Jm@swivel.zugschlus.de>
References: <[🔎] 201208060035.12833.tiposchi@tiscali.it> <[🔎] 20120805233538.GA12039@virgil.dodds.net> <[🔎] E1T2l2n-0001nl-I6@swivel.zugschlus.de> <[🔎] 20120818161034.GA10338@khazad-dum.debian.net> <[🔎] E1T2lvY-0003f0-K3@swivel.zugschlus.de> <[🔎] 20120818164410.GA22692@wavehammer.waldi.eu.org> <[🔎] E1T2zg0-0002aJ-Jm@swivel.zugschlus.de>

On Sun, Aug 19, 2012 at 09:12:00AM +0200, Marc Haber wrote:
> On Sat, 18 Aug 2012 18:44:10 +0200, Bastian Blank <waldi@debian.org>
> wrote:
> >Not sure about radvd, but it needs more than existing interfaces?
> It chokes when the Interface changes after it was started, causing
> very hard to debug connectivity outages.

radvd runs on routers, which are not subject to SLAAC. So no dynamic
changes, only changes by the admin.

> >apache and sshd can listen on ::.
> Configuring software to listen on all interfaces/IP is an unacceptable
> solution, since it means losing significant functionality and/or
> security.

Listening on a specific address is no security feature. Even if Linux
will not response to neighbor discoveries on an interface without the
particular address configured, it will answer to other protocols.

You can use setsockopt(SO_BINDTODEVICE) to force a service on a
particular interface.

Bastian

-- 
Peace was the way.
		-- Kirk, "The City on the Edge of Forever", stardate unknown

Reply to:

Follow-Ups:
- Re: RFC: terminate init script when service is ready
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

References:
- RFC: terminate init script when service is ready
  - From: Salvo Tomaselli <tiposchi@tiscali.it>
- Re: RFC: terminate init script when service is ready
  - From: Steve Langasek <vorlon@debian.org>
- Re: RFC: terminate init script when service is ready
  - From: Marc Haber <mh+debian-devel @zugschl.us>
- Re: RFC: terminate init script when service is ready
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: RFC: terminate init script when service is ready
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: RFC: terminate init script when service is ready
  - From: Bastian Blank <waldi@debian.org>
- Re: RFC: terminate init script when service is ready
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

Prev by Date: Re: RFC: terminate init script when service is ready
Next by Date: Re: Misc Developer News (#30)
Previous by thread: Re: RFC: terminate init script when service is ready
Next by thread: Re: RFC: terminate init script when service is ready
Index(es):
- Date
- Thread