Don't try to stop an already stopped service.

[oweals/dinit.git] / TODO

For version 0.3.0:
------------------
* Skippable services: if they terminate via ^C, treat as a successful startup. Allows
  skipping filesystem checks.
* Provide better status information:
  - whether a service failed to start (as opposed to just being STOPPED)
    - directly, and how (error code? died to signal? timed out?) or
    - due to a dependency.
  - whether a service has acquired, or is waiting to acquire, the console
  - whether service was skipped (via ^C/SIGINT) instead of started normally.
* Option to send signals to service process leader only (not to process group).
  
For version 1.0:
----------------
* Support S6-style startup notification (write to fd)
* Man pages for all programs (done for dinit, not for dinitctl/shutdown/etc).
* Write wtmp entry on startup (see simpleinit)
* "triggered" service type: external process notifies Dinit when the service
  has started. (maybe?)
* on shutdown, after repeated intervals with no activity, display information
  about services we are waiting on (or, do this when prompted via ^C or C-A-D).
* A (perhaps limited) way(s) to modify a service description after it is loaded -
  eg add/remove dependencies, change properties.
* Think about detecting runs-on-console dependency conflicts (i.e. if A runs-on-console and
  B depends on A and runs-on-consle then B can never start)?
  - Complicated if service descriptions can be altered after loading. Perhaps not necessary
    if better status information can be provided.
* Documentation must be complete (see section below).
* Package-manager-friendly way to enable/disable services.
  Perhaps a service can specify a dependency file (with dependency type) where
  the file contains a list of service names, or if it is a directory, each
  filename within corresponds to a service that is a dependency.
* Proper support for socket activation?
* Be able to boot and shutdown Linux and FreeBSD.

For later:
----------
* On linux when running with PID != 1, write PID to /proc/sys/kernel/cad_pid so
  that we still receive SIGINT from ctrl+alt+del (must be done after /proc is
  mounted, possibly could be left to a service script)
* Perhaps need a way to prevent script services from re-starting.
  (eg there's no need to mount filesystems twice; there might be various other
   system initialisations that can't or shouldn't really be "undone" and so do
   not need to be re-done).
* Internationalisation
* A service can prevent shutdown/reboot by failing to stop. Maybe make
  multiple CTRL-ALT-DEL presses (or ^C since that's more portable) commence
  immediate shutdown (or launch a simple control interface).
* When we take down a service or tty session, it would be ideal if we could kill
  the whole process tree, not just the leader process (need cgroups or pid
  namespace or other mechanism).
* Allow logging tasks to memory (growing or circular buffer) and later
  switching to disk logging (allows for filesystem mounted readonly on boot).
  But perhaps this really the responsibility of another daemon.
* Allow running services with different resource limits, chroot, cgroups,
  namespaces (pid/fs/uid), etc
* Support chaining service output to another process (logger) input; if the
  service dies the file descriptor of its stdout isn't closed and is reassigned
  when the service is restarted, so that minimal output is lost.
  - even more, it would be nice if a single logger process could be responsible
    for receiving output from multiple services. This would require some kind of
    protocol for passing new output descriptors to the logger (for when a
    service starts).

Even later / Maybe never:
-------------------------
* Support recognising /etc/init.d services automatically (as script services, with
  no dependency management - or upstart compatible dependency management)
  Also BSD's rc.d style scripts (PROVIDE, REQUIRE).
* Place some reasonable, soft limit on the number of services to be started
  simultaneously, to prevent thrashing. Services that are taking a long time
  to start don't count to the limit. Maybe use CPU/IO usage as a controlling
  factor.
* Cron-like tasks (if started, they run a sub-task periodically. Stopping the
  task will wait until the sub-task is complete). 
* Allow to run services attached to virtual tty, allow connection to that tty (ala "screen").
* SystemD-like handling of filesystem mounts (see autofs documentation in kernel)
  i.e. a mount point gets an autofs attached, and lazily gets mounted when accessed
  (or is mounted in parallel). Probably put the functionality in a separate daemon.


Documentation:
--------------
* Design philosophy/rationale document
* Coding style guidelines

* What's the best TERM setting? gogetty gives me "linux" but I think other variants may be
  better (eg "linux-c").

* Figure out the ConsoleKit/logind / PolicyKit mess & how dinit needs to fit into it.
  * Consolekit/logind tracks "sessions". Provides a mechanism to mark a session starting,
    associates processes with sessions, provides calls to terminate sessions etc (why?!!)
    Can use environment variable or cgroups to track processes in a session.
    A PAM module exists to create/destroy sessions.
  * Consolekit/logind also allows for requesting shutdown, reboot, and inhibiting reboot
    (via dbus API).
  * "seats" are a set of input/output hardware (mouse/keyboard/monitor) on which a session
    can be run. You can have multiple sessions on a seat - one is in the foreground
    (eg linux virtual ttys implement multiple sessions on a single seat).
    Sessions can run without a seat (eg ssh session).