[systemd-devel] Allow stop jobs to be killed during shutdown

Zbigniew Jędrzejewski-Szmek zbyszek at in.waw.pl
Sun Jan 26 22:43:55 PST 2014 

On Sun, Jan 26, 2014 at 09:16:13PM +0400, Andrey Borzenkov wrote:
> В Sun, 26 Jan 2014 17:23:54 +0100
> Tom Gundersen <teg at jklm.no> пишет:
> 
> > 
> > >> Unfortunately, setting KillMode=process is not allowed:
> > >>
> > >> Jan 26 17:12:30 linux-1a7f systemd[1]: user at 0.service has PAM enabled. Kill mode must be set to 'control-group'. Refusing.
> > >>
> > >> Probably user at .service should be exempt from this rule. It is supposed
> > >> to handle all services started by it itself, it *is* service manager
> > >> after all?
> > 
> > I don't think we want any processes to survive the exit of
> > user at .service, so KillMode=process feels wrong. However, isn't the
> > problem that we are going into the "kill control-group" mode too soon,
> > before user at .serivce has had a chance of cleaning itself up
> > gracefully?
> > 
> 
> Yes.
> 
> > > I rebuilt systemd without this restriction, set KillMode=process for
> > > user at .service and this fixed things here.
> > >
> > > So there are two problems associated with user instance.
> > >
> > > 1. Using KillMode=control-group is wrong. Each service managed by user
> > > instance has own requirements how it is stopped. Just sending everything
> > > SIGTERM without even trying service ExecStop first is obviously
> > > incorrect.
> > 
> > I guess what we want is to first send SIGTERM only to the systemd
> > --user process, and only after a timeout start sending SIGTERM to all
> > the processes in the control group? I.e., wouldn't a ExecStop entry in
> > user at .service give us the required timeout?
> > 
> 
> Does not work. systemd sends SIGTERM as soon as ExecStop finished.
Looks like we need a setting like SendKillSignalTo=main-pid|all|control-pid.
Or something like that.

Also the TimeoutStopSec on user at .service should be probably increased
to 10 min or so.

> I believe someone already mentioned this problem. In general, we cannot
> assume that ExecStop is synchronous. It may just signal main process to
> exit. systemd should wait until $MAINPID exits (or timeout) before
> continuing further processing.
ExecStop is required to be synchronous, i.e. the service should be stopped
when it returns. /bin/kill is not going to work here.

Zbyszek

More information about the systemd-devel mailing list