Date: Mon, 5 Aug 2013 13:13:10 +0200 From: =?iso-8859-2?Q?Edward_Tomasz_Napiera=B3a?= <trasz@FreeBSD.org> To: Jilles Tjoelker <jilles@stack.nl> Cc: freebsd-arch@freebsd.org Subject: Re: Reliable process tracking Message-ID: <CDFF8851-0883-4D27-851A-36A9585499E6@FreeBSD.org> In-Reply-To: <20130804134658.GC35080@stack.nl> References: <20130804134658.GC35080@stack.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
Wiadomo=B6=E6 napisana przez Jilles Tjoelker <jilles@stack.nl> w dniu 4 = sie 2013, o godz. 15:46: > When shutting down a service or requesting status, rc.subr currently > uses a combination of pidfiles and process names. This is fairly but = not > completely reliable once it is set up correctly (which can take a lot = of > work and possibly patching the daemon to use pidfile(3) from our > libutil). It is also incapable of killing multiprocess daemons such as > CGI web servers without cooperation of the daemon. >=20 > I think what is needed here is a facility that marks a process and all > of its descendants. Removing the mark should be a privileged or at = least > an unusual operation; no unprivileged function specified by POSIX such > as setsid() should do this. I've actually thought about that when I added setloginclass(2). It's = trivial to modify rc.subr to use su(8) to set login class for each service. It = should be trivial to modify pkill(1) and killall(1) to add "-c" option to kill = all processes in a given login class. Two caveats: 1. Login classes, just like UIDs, are global, not per jail. This means = when you want to kill all processees in a login class, you should probably = use "-j" option to limit it to a given jail, e.g. jail 0. 2. I'm not sure if pkill(1) has any special way of handling this, but = there is an obvious race condition between iterating over processes in = userland in pkill(1) and quickly forking processes to kill. Perhaps we should = have some kind of syscall to do it in a race-free way?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CDFF8851-0883-4D27-851A-36A9585499E6>