[systemd-devel] Later activation of the HW watchdog
Lennart Poettering
lennart at poettering.net
Wed Oct 25 07:57:03 UTC 2017
On Di, 24.10.17 17:10, Jan Kundrát (jan.kundrat at cesnet.cz) wrote:
> Hi,
> is it possible to change systemd's global settings for RuntimeWatchdogSec at
> runtime? I would like to have the early boot "guarded" by the HW watchdog
> started by my platform code, and for systemd to take over only after a
> certain target has been reached. I was thinking about an extra unit which
> simply writes an appropriate config file, but the docs for `systemctl
> daemon-reload` or `daemon-reexec` do not talk about these top-level settins.
> How do I tell systemd to notice a new value?
It should take notice on "systemctl daemon-reexec" at least. But you
are right, we should document that. Please file a bug regarding this.
> I got a suggestion to adjust the important units so that they specify a
> FailureAction. I do not like that solution because it is additional work
> (identifying which units might fail, coming up with various possible failing
> scenarios, being hard to test and get "right" in face of systemd updates in
> future, etc). It also feels like I am attacking a wrong problem. I already
> *have* a watchdog which will shoot the system into the head if something
> wrong happens. Wouldn't it make more sense to rely on this piece of
> infrastructure and start telling the watchdog "hey, I'm OK" only after the
> system has fuly booted and my ultimate target has been *reached*?
Well, as I wrote on the issue, if you do this, then systemd might as
well just reboot() right-away instead of just temporarily stop pinging
the watchdog. I mean, the watchdog is something of a last-resort
thing, if userspace hangs. But if userspace realizes that something is
borked, then it's way safe to immediately call reboot() then to just
stop pinging the watchdog.
So, as I suggested on the issue, please patch your boot target and
include this in its [Target] section:
[Target]
JobTimeoutSec=5min
JobTimeoutAction=reboot-immediate
With that in place, if we are trying to reach the boot target but the
job for is is queued for longer than 5min, we'll instantly reboot.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list