File: policy-rc.d-declarative

package info (click to toggle)
policy-rcd-declarative 0.6
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, trixie
  • size: 96 kB
  • sloc: perl: 41; sh: 16; makefile: 12
file content (135 lines) | stat: -rw-r--r-- 4,702 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
 
#!/usr/bin/perl -w

use strict;
use warnings;

use re::engine::RE2;

my @rulefiles = <"/etc/service-policy.d/*.pol">;

my $service = shift;
my $action = shift;

my %policies = (
        allow => {
                rv => 0,
                fallback => "",
        },
        deny => {
                rv => 101,
                fallback => "",
        },
        "restart-ignore" => {
                rv => 106,
                fallback => "restart stop",
        },
);

foreach my $rulefile(sort(@rulefiles)) {
        open my $input, "<$rulefile" or exit 102; # 102: "subsystem error"
        while (my $line = <$input>) {
                chomp $line;
                $line =~ s/#.*$//;
                my @fields = split /\s+/, $line;
                next unless scalar(@fields) == 3;
                if($service =~ /$fields[0]/ && $action =~ /$fields[1]/) {
                        if(exists($policies{$fields[2]})) {
                                print $policies{$fields[2]}{fallback} . "\n";
                                exit $policies{$fields[2]}{rv};
                        } else {
                                print STDERR "E: unknown action ${fields[2]} in file $rulefile\navailable actions: " . join(", ", sort(keys(%policies))) . "\n";
                                exit 105 # "behaviour uncertain, policy undefined"
                        }
                }
        }
        close $input;
}

# fall back to "unknown init script" action
print "\n";
exit 100;

__END__

=head1 NAME

policy-rc.d-declarative - define system service policies declaratively

=head1 SYNOPSIS

policy-rc.d

=head1 DESCRIPTION

Debian policy states that packages providing system services need to
start those services by default, and that the starting of the service
should be done by way of the F</usr/sbin/invoke-rc.d> script. This
script will execute a program F</usr/sbin/policy-rc.d> if it exists,
allowing the local system administrator to override behaviour if wanted
by creating a policy script according to the interface specified and
installing it as F</usr/sbin/policy-rc.d>.

This interface, however, has some downsides: 

=over 4

=item *

While the definition of the F<policy-rc.d> interface specifies that
policy scripts should be installed by way of the alternatives system,
there are various cases (e.g., the initial installation of Debian from
the Debian installer) where installing a policy script is desirable
before the alternatives system is available for use. The result is that
the installer creates a F<policy-rc.d> script I<without> going through
the alternatives system, which it then removes at the end of the
installation. A side effect of this is that any creation of a
policy script in the installer will be blown away at the end of an
installation.

As a result of this, at least one derivative distribution believed they
were installing a policy script into all their installations when in
fact they weren't.

=item *

Because the default state is for there to be no policy script on the
system, the fact that the interface exists in the first place is
something that is unknown to many long-time Debian users. Having
something that can be configured through a (set of) configuration files
in /etc instead makes the system discoverable, and allows for better
documentation of the interface.

=back

Moreover, a scripted interface is far more powerful than necessary; in
most cases, all that is needed is a default policy for all services,
which does not require a turing-complete language.

This policy script attempts to solve these issues by allowing system
administrators to provide init script policies by way of a declarative
interface, rather than a scripted one. It does this by way of a
directory F</etc/service-policy.d> in which packages and/or system
administrators may place files describing the policy to be followed. For
more information on how these files should be structured, please see the
L<service-policy.d(5)> man page.

=head1 BUGS

The policy script interface definition states that policy scripts must
support C<--quiet> and C<--list> arguments. This policy script does not
(yet) implement those.

The list of allowed actions may be somewhat small at present. Future
versions of this policy script are likely to add more, or to add a way
to create custom actions. Wishlist bugs (or patches) welcome!

The policy script interface also specifies a runlevel argument to the
script. This policy script does not currently use or read that argument,
because it is believed to be not helpful. This may change in the future.

=head1 SEE ALSO

F</usr/share/doc/init-system-helpers/README.policy-rc.d.gz>,
L<invoke-rc.d(8)>, L<service-policy.d(5)>

=cut