nosh version 1.28

[Jonathan de Boyne Pollard <J.deBoynePollard-newsgroups@NTLWorld.com>]

The nosh package is now up to version 1.28 .

* https://jdebp.eu./Softwares/nosh/
* 
https://www.freebsd.org/news/status/report-2015-07-2015-09.html#The-nosh-Project
* http://jdebp.info./Softwares/nosh/

There's a lot in this one: MySQL and MariaDB changes; more prophylaxis 
for Desktop Bus bus activation; improvements to systemd unit conversion; 
support for the old svc -x; machineenv; improvements to service 
management; fixes for the per-user manager; improvements to the console 
terminal emulator; BSD boot mode changes; the ability to pass more open 
sockets to connection-accepting programs; cron; and OpenBSD.

Italics and colour
==================

* https://jdebp.eu./Softwares/nosh/italics-in-manuals.html

This isn't a toolset change, per se.  But the WWW site now has a guide 
to seeing actual italic text in manual pages.  The nosh toolset's 
user-space virtual terminals support true italics (if one has the fonts) 
or obliquing, and this works with them.

MySQL and MariaDB changes
=========================

* https://jdebp.eu./Softwares/nosh/mariadb-and-mysql.html

New in version 1.28 is a different and up-to-date way of managing MySQL 
and MariaDB server services — where "new" translates to finally getting 
rid of that unnecessary mysql_safe wrapper and doing things the way that 
daemontools-family toolset users have wanted to do them since the turn 
of the century.

There's a lengthy exposition on the WWW site, q.v..  The major visible 
effect is that your "mysql" or "mariadb" service is now an alias, for 
something like a "mysql@" or "mysql@01" (if you have [mysql01] in your 
my.cnf) service.  The configuration file import mechanism tries to 
construct/update mariadb@NN and mysql@NN service bundles for you, based 
upon your MariaDB and MySQL configuration files.

Further prophylaxis for Desktop Bus bus activation
==================================================

* https://jdebp.eu./Softwares/nosh/avoid-dbus-bus-activation.html

The nosh toolset now comes with a dbus-daemon-launch-helper 
replacement.  The purpose of this is to sit in your 
/usr/local/etc/dbus-1/system.conf (or equivalent) and redirect to 
service management attempts, by the Desktop Bus broker daemon, to 
demand-start services.  It is slightly fiddly to install, requiring 
manual setup by the system administrator, there being no simple way to 
add overrides to /usr/local/etc/dbus-1/system.conf and it requiring that 
you allow the "messagebus" user the necessary access for starting and 
stopping services (but not necessarily *superuser* access — rembember ACLs).

To assist with this, several popular Desktop Bus "services" now exist as 
alias names for service management services.  These are just symbolic 
links to the service bundle directories, of course. So, for example: 
With the helper in place, Desktop Bus bus activation will try to 
demand-start a service named "org.freedesktop.PackageKit" using service 
management.  This is just an alias for the "packagekit" service.

Improvements to systemd unit conversion
=======================================

Ideal mode is now closer to the daemontools-family mainstream, 
defaulting to the daemontools-family norm of always restarting 
services.  Quirks mode, conversely, now implements more of the 
non-daemontools redirection semantics for standard I/O, in particular 
with regard to listening socket units.  Some more Linuxisms have been 
added.  Limits (where applicable) can now take SI and IEC suffixes (so 
you can, say, express limits in kiloseconds).  This latter is actually 
an augmentation to the underlying softlimit command.

Passing more open sockets to connection-accepting programs
==========================================================

The improvements to systemd unit conversion also allow passing more than 
one listen()ing socket to connection-accepting programs.  You can use, 
say, ListenStream and ListenDatagram and the conversion utility will 
translate this into an appropriate chain of multiple invocations of 
udp-socket-listen and tcp-socket-listen.  It will do 
local-stream-socket-listen, local-datagram-socket-listen, 
netlink-datagram-socket-listen, and fifo-listen too.

The motivator for this was Daniel J. Bernstein's dnscache.  I have 
modified versions of tinydns, dnscache, and taiclockd that understand 
the LISTEN_FDS protocol for their being told about listening sockets 
that have been opened for them, and don't open their own sockets in that 
case.  dnscache, in particular, takes a UDP socket and a listening TCP 
socket.  The UCSPI tools in this version of the toolset can now provide 
these two to a dnscache process.  One simply chains through 
udp-socket-listen and tcp-socket-listen to dnscache, using the 
--systemd-compatibility flag.

The sharp-eyed will notice that the tinydns and dnscache services are 
following in the footsteps of the mariadb and mysql services, being 
instantiated for relevant IP addresses by the configuration import 
subsystem instead of being single-instance services.  It's not quite 
ready in this version, but you can see where things are headed.

svc -x
======

The -x option to service-control, a.k.a. svc, is no longer defunct. It 
does what unload-when-stopped does.

machineenv
==========

This was a little helper that was needed for running one particular Java 
program under nosh service management.  It's analogous to userenv, but 
instead of setting up environment variables from login information it 
sets up environment variables from machine information.

Improvements to service management
===================================

The system-control utility now respects a new "use_hangup" flag in 
service directories, as documented in service-manager's manual. This is 
used in the various getty@, agetty@, mgetty@, emergency-login@, and 
ttylogin@ service bundles, and causes system-control to attempt to bring 
down these services (at shutdown, for example) with SIGHUP, because some 
job control shells ignore SIGTERM and that delays shutdown.

Incidentally: There's now a family of pre-supplied agetty/mgetty/getty@ 
service bundles, set up for the various conventional serial terminal 
devices on OpenBSD, FreeBSD/PC-BSD, and Linux.  These are aliased from 
parallel ttylogin@ names, for consistent handling of /etc/ttys import 
and so forth.  They run a modem-aware getty, though; which of course the 
virtual terminal ttylogin@ services do not.  See the Terminals chapter 
of the nosh Guide.

Fixes for the per-user manager
==============================

The per-user manager, an instance of which you get when you run 
"system-control start user@${USER}" (or, more specifically, 
"system-control start user-services@${USER}"), is now more functional.  
The configuration importer sets you up with your own personal service 
bundle directory tree in ${HOME}/.config/service-bundles/ with a 
pre-supplied exit/ service bundle.  (Don't delete it! The per-user 
service manager needs to have a goal when it is signalled to terminate.)

Improvements to the console terminal emulator
=============================================

SoftTerm has a bugfix.  CUF and CUF no longer cause sideways scrolling.  
It also now understands some of the more esoteric control sequences from 
the old (pre-version 10) FreeBSD kernel terminal emulator, increasing 
the compatibility with programs that use the "cons25" terminal type.

The NetBSD terminal type for virtual terminals is now pcvtXX, and the 
OpenBSD one is pccon, per the 2015 termcap database.

There is also a minor fix in the SCO Console mode emulation.  All of the 
function key control sequences were off by one.  They are not, now.  (-:

BSD boot mode changes
=====================

* https://jdebp.eu./FGA/emergency-and-rescue-mode-bootstrap.html

I'd like to see FreeBSD and PC-BSD kernel loaders support the -b flag.  
In the meantime, for simple utility, I've changed the -s flag to invoke 
emergency mode rather than rescue mode, but only on FreeBSD/PC-BSD.

OpenBSD
=======

One of the servers providing the new WWW site is an OpenBSD machine, 
running the aforementioned modified versions of Bernstein tinydns and 
dnscache, and Bernstein publicfile, under nosh service management.  The 
nosh toolset now builds and runs on OpenBSD 5.9.

There are an awful lot of limitations to OpenBSD, from lack of realtime 
signals and nmount() to its older packaging tool.  Some of them are 
surmountable: I could write an nmount() shim function as I did for 
Linux, although for OpenBSD it would be a lot more complex. Some of 
them, like the lack of fexecve(), are not.  In concert, they preclude 
nosh as a system manager and packages with full automatic setup and 
teardown of basic system services.

But one can run the nosh service manager under OpenBSD rc; and 
everything else, from UCSPI servers to cron, under that.  I currently do.

I'm not particularly bothered about the package tool and the missing 
setup/teardown of the binary packages, myself.  I'm not running my 
system using installed binary packages in the first place.  I'm building 
from source, in true slashpackage style, into /package/admin/*/command/ 
and symbolically linking from /usr/local/bin/* to there.

The user-space virtual terminal system has not been tested on OpenBSD, 
and almost certainly doesn't quite work yet.  As mentioned earlier, the 
OpenBSD terminal type is set correctly by vc-get-tty. But 
console-terminal-emulator does not have an OpenBSD mode yet; 
console-fb-realizer doesn't really know how to use OpenBSD HID devices 
yet; and OpenBSD has the old 1980s-style pseudo-terminal management 
system instead of the "new" "UNIX98" 1990s one, which I have not 
tested.  At one point I was in a halfway-done position of having the 
nosh toolset's UCSPI tools but none of the service bundles.  So the 
toolset now has a tcpserver shim, that simply maps onto 
tcp-socket-listen, ucspi-socket-rules-check, and tcp-socket-accept.  It 
does not have the same defaults as the Bernstein tcpserver, though; and 
is in a separate binary package.

The cron mess
=============

OpenBSD has yet another not-quite-the-same version of cron, with yet 
another way to tell it not to uselessly fork.  So now there's an 
openbsd-cron service bundle alongside the debian-cron and vixiecron 
service bundles.  The cron alias is set up to point to the right one for 
the operating system.

debian-cron is the new name for the gnucron service bundle, by the way.  
"Debian/GNU Linux's prepackaged version" is what Ian Jackson originally 
called it in its README.  (Historical tidbit: Paul Vixie originally 
named his "PD cron".)  As far as I can tell, GNU cron was actually a 
project (by one Mike Meyer it appears) for the Free Software Foundation 
in 1987 that has entirely disappeared, if it ever existed in the first 
place.  In any case, "gnucron" is too generic a name for something that 
is at this point heading down the road of needing an individual service 
bundle for every single special flavour.  (Perhaps the Google Summer of 
Code people could add importing OpenBSD's cron's -n flag to FreeBSD cron 
to their list of ideas.  That would eliminate one special flavour and 
fix a deficiency at the same time.)

Thibault Godouet's fcron, Matt Dillon's/Jim Pryor's dcron, and Bruce 
Guenter's bcron don't need special treatment like this.