[systemd-devel] nsenter and SIGSTOP
Lennart Poettering
lennart at poettering.net
Sun Apr 21 06:21:24 PDT 2013
On Sat, 20.04.13 15:27, Eric W. Biederman (ebiederm at xmission.com) wrote:
> Zbigniew Jędrzejewski-Szmek <zbyszek at in.waw.pl> writes:
>
> > Hi,
> > I've hit a bit of a problem with nsenter and systemd-nspawn.
> > When nsenter is used to enter the PID namespace created with
> > systemd-nspawn, and the container's init attempts a shutdown,
> > it hangs because nsenter is suspended.
> >
> > The sequence of events leading to the hang is:
> >
> > 1. nsenter launches a shell inside the container with
> > PPID=0 as seen inside the container,
> > 2. systemd with PID=1 goes through the shutdown sequence,
> > issuing the equivalent(*) of
> >
> > kill(-1, SIGSTOP)
>
> This baffles me. I am not certain why someone whould send SIGSTOP
> when the want processes to exit. I'm not even saying it's wrong just
> saying that is odd.
This is how the killing spree generally worked on sysvinit systems too:
if we kill all remaining processes, then this might kill processes that
are children of others. Now, in general it is preferable getting the
SIGTERM/SIGKILL delivered to all these processes before possible SIGCHLD
signals for their dying children. Why? Simply to avoid log spew with
messages such as "Worker child process xyz died abnormally" generated by
the various system daemons.
By pausing all processes before delivering the SIGTERM/SIGKILL we can
ensure that if they are unpaused again the SIGTERM/SIGKILL is guaranteed
to be queued for each process and since on Linux lower-numbered signals
are guaranteed to be dispatched before higher-numbered signals (and
SIGKILL/SIGTERM is lower than SIGCHLD) we get the desired behaviour that
daemons exit quickly on SIGTERM/SIGKILL before handling the SIGCHLD.
Here's the code in sysvinit:
http://svn.savannah.nongnu.org/viewvc/sysvinit/trunk/src/killall5.c?revision=117&root=sysvinit&view=markup
Look for "kill(-1, SIGSTOP)".
Here's the code in systemd:
http://cgit.freedesktop.org/systemd/systemd/tree/src/core/killall.c#n185
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list