From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from atuin.qyliss.net (localhost [IPv6:::1])
	by atuin.qyliss.net (Postfix) with ESMTP id 9F2C21A9BF;
	Fri, 22 Aug 2025 13:53:04 +0000 (UTC)
Received: by atuin.qyliss.net (Postfix, from userid 993)
	id 939361AA0D; Fri, 22 Aug 2025 13:53:01 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS
	autolearn=unavailable autolearn_force=no version=4.0.1
Received: from fhigh-b2-smtp.messagingengine.com
 (fhigh-b2-smtp.messagingengine.com [202.12.124.153])
	by atuin.qyliss.net (Postfix) with ESMTPS id 8EC131A9A4
	for <devel@spectrum-os.org>; Fri, 22 Aug 2025 13:52:59 +0000 (UTC)
Received: from phl-compute-04.internal (phl-compute-04.internal [10.202.2.44])
	by mailfhigh.stl.internal (Postfix) with ESMTP id 085997A019E;
	Fri, 22 Aug 2025 09:52:58 -0400 (EDT)
Received: from phl-mailfrontend-01 ([10.202.2.162])
  by phl-compute-04.internal (MEProxy); Fri, 22 Aug 2025 09:52:58 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc
	:content-type:content-type:date:date:from:from:in-reply-to
	:in-reply-to:message-id:mime-version:references:reply-to:subject
	:subject:to:to; s=fm2; t=1755870777; x=1755957177; bh=MOW7mYxx9d
	sgh3jn/yT+VPfyOdlkwl2JCc50eibFdR0=; b=HFWw6UDsLv+ber/gqWP5Kqyy7/
	icY632eFXc/UHPqkLf1YfWJcfvb2UnU+7nZkr/BgMeeh3FtAP5fMPwIjs3ZzOGDK
	1wo+5ovP336jxNjUS8LjYm2GmS43J2IrSexeHCm/qd4yaasijDErJXtTvMi2MUDF
	+9BvtdHRdzfvysOfMIyXDkRg3Q++a9tTml+4Dok7FsY4z4MeuOu+2RgE5Vhj2xjP
	Xk4beHzRA1Hw902+mD6D4AQvHrYtD3smWKrgpmyxovSfqeftMpbXc6HbjhGPtTxp
	Spy9VIUaPdccL8/QvKdvP4rgQifr/OrAEXOjnf66+JL7sWAP7HtpcFpaBZww==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-type:content-type:date:date
	:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
	:message-id:mime-version:references:reply-to:subject:subject:to
	:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=
	1755870777; x=1755957177; bh=MOW7mYxx9dsgh3jn/yT+VPfyOdlkwl2JCc5
	0eibFdR0=; b=XW35OnQZVNxpyjnFwZLpjCan6/zn/tKvV00EsyFEIjDNNiEOoYq
	2qDQ9PXJpDLF6SyaKVlBQYMrNaFoo/h2WHG3hq3Tt479zRuTjMqeozlnfJ6OrgSN
	ZspYBANERibfdYI3G+SAaJ9Fu9wBDuYliZ5swpgyWSm9j7IadO2IfMGkoE0GNEUZ
	1chxuBtXQQdSXldof8Oes5/SU9FwbFP+VrKfjryxffgvK+Z6CjVtQ3LEXCj3FhIq
	qdQ2R4Almozco5FO0pM7nBrQ2H81FZiwfOHm5J0kFqIlNWUMZqCAU+hCQjMXFW/f
	KaVpjGTwHdlMZ9xWi5UqTYOs/dnOoPiopsA==
X-ME-Sender: <xms:OXaoaAM-EXKmB3FChppGD3CjqAxxP-4ok5tkda8evx0GpaqB-G7I8w>
    <xme:OXaoaMMi0eK6gx7IJPx3JRaEK5wviLH_VsfGdppp3T0_SH-c12yT_cx0nV55OUFmI
    scxHpiDZr30lg0VLg>
X-ME-Received: 
 <xmr:OXaoaI-ennbe_vx-AG1wCufaoA8uIAThJFeea8DSX1ZfrydoaNUrdvpp5Xd6oz8U>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeeffedrtdefgdduieefleefucetufdoteggodetrf
    dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu
    rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf
    gurhephffvufgjfhffkfggtgesghdtreertddttdenucfhrhhomheptehlhihsshgrucft
    ohhsshcuoehhihesrghlhihsshgrrdhisheqnecuggftrfgrthhtvghrnhepvdeuvdeivd
    ehhfeikedtvddvhefgheffleevueeigffgtdffffeujedujeejkeejnecuvehluhhsthgv
    rhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrih
    hspdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopegu
    vghmihhosggvnhhouhhrsehgmhgrihhlrdgtohhmpdhrtghpthhtohepuggvvhgvlhessh
    hpvggtthhruhhmqdhoshdrohhrgh
X-ME-Proxy: <xmx:OXaoaA7zGmYm7cAx112lAQuNtOtMVYt_ttNzxdTwYfiw9JGwS2Oipw>
    <xmx:OXaoaP1ZmgywmEoGZ66H6DwD5-e6n7v2fl8j00y00QzKZKVLIy_y1Q>
    <xmx:OXaoaHAclE8VLomkf3yQrywZqlrI-SAOX7OV1O-p8TEbF86Orofe2w>
    <xmx:OXaoaB2ndOhfjCE_5_7EV2NIW4zmxiEMiJ1iOYL6-vPB-LRH_L9AfQ>
    <xmx:OXaoaL-7GEhA8suzWnI_rtFzPgPNTxk4zDHw3SJkdxSV644JTApmH0ve>
Feedback-ID: i12284293:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
 22 Aug 2025 09:52:57 -0400 (EDT)
Received: by mbp.qyliss.net (Postfix, from userid 1000)
	id 49A5B144D62B; Fri, 22 Aug 2025 15:52:51 +0200 (CEST)
From: Alyssa Ross <hi@alyssa.is>
To: Demi Marie Obenour <demiobenour@gmail.com>, Spectrum OS Development
 <devel@spectrum-os.org>
Subject: Re: Spectrum OS management daemon?
In-Reply-To: <8b76fb46-a04c-438e-9ff5-e3153ae6f53e@gmail.com>
References: <157e2b88-c292-419a-b5cd-0735d1f78a59@gmail.com>
 <87y0rdt16v.fsf@alyssa.is>
 <8b76fb46-a04c-438e-9ff5-e3153ae6f53e@gmail.com>
Date: Fri, 22 Aug 2025 15:52:50 +0200
Message-ID: <87wm6vbgzx.fsf@alyssa.is>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
Message-ID-Hash: DFLUW2QHY6H6ZQMFQXAVUVQ3TLQYRBI2
X-Message-ID-Hash: DFLUW2QHY6H6ZQMFQXAVUVQ3TLQYRBI2
X-MailFrom: hi@alyssa.is
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation;
 header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1;
 header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3;
 header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
X-Mailman-Version: 3.3.9
Precedence: list
List-Id: Patches and low-level development discussion <devel.spectrum-os.org>
Archived-At: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/message/DFLUW2QHY6H6ZQMFQXAVUVQ3TLQYRBI2/>
List-Archive: 
 <https://spectrum-os.org/lists/hyperkitty/list/devel@spectrum-os.org/>
List-Help: <mailto:devel-request@spectrum-os.org?subject=help>
List-Owner: <mailto:devel-owner@spectrum-os.org>
List-Post: <mailto:devel@spectrum-os.org>
List-Subscribe: <mailto:devel-join@spectrum-os.org>
List-Unsubscribe: <mailto:devel-leave@spectrum-os.org>

--=-=-=
Content-Type: text/plain

Demi Marie Obenour <demiobenour@gmail.com> writes:

>> With proposals like this, it's important to communicate why it might be
>> an improvement over the current situation.  All of these things are
>> things we easily could do without needing a monolithic daemon.
>
> To me, there are a couple advantages of using one or more
> daemons for this work:
>
> 1. It makes privilege separation easier.  For instance, VMs that
>    crash can notify Cloud Hypervisor via a pvpanic interface, but
>    Cloud Hypervisor does not have the privileges to directly
>    inform the user of this in any reasonable way [^1].  Instead,
>    it should make an IPC call to a (socket-activated) service that
>    notifies the user and logs some information to a file, which
>    the user can choose to manually attack to a bug report if they
>    wish.

But that socket-activated service doesn't need to be a daemon!  It can
run when it's activated, and then exit, and be started again next time a
VM crashes, rather than taking up resources the whole time in between.

> 2. It avoids putting too much responsibility in the GUI.  Right
>    now, the obvious way to start an application is for the user
>    to click on a .desktop file, which runs the needed s6 commands
>    to start the application's VM and the services that VM relies
>    on.  Similarly, the obvious way to keep track of runtime state
>    (like "which application has which device attached to it") is
>    to have the GUI store all of that.  To me, this seems to make
>    the desktop environment itself a "god daemon", which I'd also
>    prefer to avoid.

Oh yes, for sure we're not having the desktop environment do it. :)

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRV/neXydHjZma5XLJbRZGEIw/wogUCaKh2MgAKCRBbRZGEIw/w
ojQEAQD6hnt7B1uWBTPTJCQ43m1dMDB6fKMe6ebsnytCMKGxJAD+O1bt+Xt8KRiq
qKugU7LRac0GWMG9PwQIjzu2l/musw8=
=rLPJ
-----END PGP SIGNATURE-----
--=-=-=--