[KLUG Programming] Pthreads problem

Peter Buxton programming@kalamazoolinux.org
Sat, 3 Jan 2004 05:02:48 -0500 

BTW, Bob, I notice your MUA is set up to reproduce not only my name, but
also my email address, in your attribution line. This rather defeats the
entire purpose of hiding email addresses in the email web archives. I
don't suppose your MUA has sufficient abstraction to turn that off,
please? TIA.

On Sat, Jan 03, 2004 at 12:47:50AM -0500, Robert G. Brown was only escaped
   alone to tell thee:

> > net.ipv4.tcp_syncookies = 1
> > to 
> > echo 1 > /proc/sys/net/ipv4/tcp_syncookies
>
> Actually, it's probably a shell script, using sed/awk/grep and so on.

It was sarcasm. Apparently, I wasn't the only tired one.

> Before I knew about sysctl (maybe before it was even introduced), I
> wrote a script which looked like this:
>
> root@gummo bin]# cat setkernel
> #!/bin/bash
> 
> echo $2 > $1
> 
>  -----
> 
> and to use:
> setkernel /proc/sys/net/ipv4/ip_forward 0
> 
> Simple and clear!

Simple, yes.

> So the second reason is that sysctl, like setkernel, normalizes
> syntax, and as a result makes stuff easier to maintain. I can replace
> it easily. I can also use it to protect the system from someone
> placing dumb values into some pretty sensitive places, by making
> setkernel a bit less trivial.

Congratulations. You've introduced a marvelous layer of abstraction in
/proc, an area that is not only Linux-dependent, but also kernel version
dependent. Congratulations on having to update setkernel(1) for the rest
of your life, to remove obsolete sensitive places and add new ones. And,
once ACL-based only-this-script-has-execute-permission is a reality,
you'll be in an excellent position to protect sysctl values from anyone
with whom you've rashly shared the root password -- if you don't mount
/proc.

> The kernel folk (Kleen, et al) have their own concerns, and when they
> make up their minds (or change them, next year) my scripts don't need
> to be altered, because I recognized a reasonable abstraction when I
> saw one, and then used it.  All I will have to do is change and
> distribute setkernel again.

Ah. From Adam:

> echo-ing values into proc space is bad form. One should always make
> these changes via sysctl.

"Bad form." Now, since neither you nor Adam answers Miss Manners's mail
(so far as I know), what is really burning me up is curiosity as to the
authoritative sources you're appealing to in saying that not using
sysctl, in the manner I showed, and in the situation I showed, is
boorish. I mean, when Linus and Robert Love seem happy with /proc, I'm
just a little curious as to the as yet unspoken identity, or identities,
of one or more kernel maintainers who hold that echoing values into
/proc is harmful and overdue to be obsoleted.

I mean, if these are just yours and Adam's opinions, I should think my
/proc habits hardly merit your attentions: you would get far more
mileage if you critique my indenting style or my choice in window
managers (Adam's minor, but beloved, avocation, I know.) Otherwise, I
feel left out and in the cold that, seemingly, thousands of Linux
hackers know that sysctl(8) is The One Right Thing but no one seems to
be willing to show me the relevant press releases.

-- 
Delenda est Lutetia.