[systemd-devel] ExecReload-spawned process getting SIGKILLed
Sam Varshavchik
mrsam at courier-mta.com
Tue Jun 19 16:30:45 PDT 2012
Lennart Poettering writes:
> On Thu, 07.06.12 19:36, Sam Varshavchik (mrsam at courier-mta.com) wrote:
>
> > Dave Reisner writes:
> >
> > >On Thu, Jun 07, 2012 at 08:41:54AM -0400, Sam Varshavchik wrote:
> > >
> > >This is wrong. ExecReload should not cause the process to change PIDs.
> > >Not that this was ever allowed, but the below commit is was causes the
> > >SIGKILL behavior you're seeing:
> > >
> > >http://cgit.freedesktop.org/systemd/systemd/commit/?id=8f53a7b8ea9b
> >
> > Thanks for confirming that this SIGKILL comes from systemd.
> >
> > This, however, blocks re-exec()ing of a secure, non-root daemon that
> > runs in a chroot jail. The workaround that's needed to work around
> > this obstacle, is messy.
>
> It appears to me that you your reload shouldn't be called "reload". I
> mean, if you just sop and restart your service, then we already have
> that, it's called "restart", and is implemented implicitly for you.
Your restart in insufficient to implement a reexec. This is not a restart.
This is a reexec, and a chrooted daemon cannot reexec itself, of course. The
new binary isn't even accessible from the existing daemon's chroot jail.
This must be done using an internal state transfer to the new daemon from
the existing one, which then terminates. The new daemon chroot-s itself back
where the terminated daemon was running from. The new daemon must,
therefore, be either the process that's started by systemd or one of its
child processes.
Furthermore, I see no documentation of ExecRestart. As far as I can tell,
"systemd restart" is just an ExecStart after an ExecStop (if the service is
already running). Which, of course, is not the same thing. Only a reload-or-
try-restart has the correct semantics for a reexec after a package upgrade.
But with systemd now sigkilling the replacement daemon process, this is no
longer possible, without more work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20120619/286ecbbd/attachment.pgp>
More information about the systemd-devel
mailing list