[systemd-devel] Antw: Re: Antw: Re: failing unmounts during reboot
Lennart Poettering
lennart at poettering.net
Mon Jul 29 11:53:08 UTC 2019
On Mo, 29.07.19 08:17, Ulrich Windl (Ulrich.Windl at rz.uni-regensburg.de) wrote:
> >> What this "solution" fails to see is that any user can start a
> >> process that may prevent clean unmount. It's completely far away
> >> from reality to believe that such a user will write (or even know
> >> how to write) a systemd service!
> >
> > We automatically kill all unpriv user programs on shutdown.
>
> Which part of systemd does that? And is that "rather new"?
PID 1 does that. All sessions are managed as so called "scope" units
by PID 1, that's why they show up in "systemct -t scope". These scope
units are ordered so that they are terminated before the system goes
down. For example, I am currently logged in as session "1" on my
machine, hence:
<snip>
$ systemctl cat session-1.scope
# /run/systemd/transient/session-1.scope
# This is a transient unit file, created programmatically via the systemd API. Do not edit.
[Scope]
Slice=user-1000.slice
[Unit]
Description=Session 1 of user lennart
Wants=user-runtime-dir at 1000.service
Wants=user at 1000.service
After=systemd-logind.service
After=systemd-user-sessions.service
After=user-runtime-dir at 1000.service
After=user at 1000.service
RequiresMountsFor=/home/lennart
[Scope]
SendSIGHUP=yes
TasksMax=infinity
</snip>
Key here is that these scope units are ordered after
systemd-user-sessions.service, which also means they are terminated
before that service is terminated (since in systemd the shutdown order
is always the inverse of the startup order).
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list