From: Jeff <sysinit@yandex.com>
To: supervision <supervision@list.skarnet.org>
Subject: Re: runit SIGPWR support
Date: Sun, 23 Feb 2020 17:51:26 +0100 [thread overview]
Message-ID: <7003111582476686@vla3-6a5326aeb4ee.qloud-c.yandex.net> (raw)
In-Reply-To: <emd2ede877-0fb0-4ebb-83b6-6771a8ce29db@elzian>
18.02.2020, 10:39, "Laurent Bercot" <ska-supervision@skarnet.org>:
> An additional reason is that signaling init is not a casual operation;
> instead it's part of a very limited API between the kernel and user
> space, to be used in very controlled, exhaustively listed, situations.
right.
> Now, *as a separate conversation*, you can say that s6-svscan should
> be able to handle every signal that the kernel can throw at it, no
> matter how unportable. And it is a reasonable request: there are good
> arguments for it.
indeed.
> In the latter case, the kernel takes precedence over init, the kernel
> decides what the API is and init must adapt. If the kernel says "when
> I get a power failure, I send you SIGPWR", init cannot say "uh, no,
> I wish you'd send SIGUSR2 instead". Shut up and handle SIGPWR.
right.
> In the former case, lxd *emulates* a kernel, and is supposed to adapt
> to every kind of init that runs in a container, so it should follow
> existing conventions and be able to adapt to every init. And that's
> exactly why the lxc.signal.stop configuration switch exists!
really ? a process #1 in a namespace is not the "real" process #1,
hence there is no requirement to use a "real" init program here.
instead it is required to react to all signals lxd may sent if said process
#1 was spawned by it. of course things would be easier for everybody
if lxd could follow exsiting conventions on the linux platform, i cannot
see why it does not use TERM, USR1/2 and so on instead to notify
the process #1 it started. but it has no obligation to do so.
i guess the only case with a special meaning for SIGPWR is when the
real kernel notifies the real process #1 of a power shortage.
hence lxd is free to abuse this signal for its own purposes.
but this default choice looks indeed quite strange.
> systemd, always being a special snowflake, uses SIGRTMIN+3
> and SIGRTMIN+4, because any other choice made way too much sense.
why should it not use the RT sigs for this ? this is absolutely ok as linux
provides them anyway (unlike OpenBSD).
> None of them uses SIGPWR, and for a good reason: SIGPWR does not mean
> "the admin requested a system shutdown", it means "power failure". And
> it is very possible that the action implemented by the system in case
> of a power failure is very different from a shutdown: it could be a
> suspend-to-disk, for instance (which is faster than a full shutdown, and
> when the power fails you want to save your data *fast*). So, even for
> inits that actually understand SIGPWR - and most of them actually do -
> SIGPWR is a *terrible* default choice of signal to send as a shutdown
> request. It already has a use, and the use is not a normal shutdown.
right, agreed.
> Arguably, lxc.signal.halt should *always* be set to something else, be
> it SIGTERM, SIGUSR1, SIGUSR2, or even lolSIGRTMIN+3.
would have been a more obvious choice indeed, but they decided against
and this is also ok since this is not the kernel.
> So, if you're asking me to implement SIGPWR support in s6 because that's
> what lxd sends by default to signal a container shutdown, I will laugh
> at you, because you are being, uh, "ridicolous".
not really, catch it and let the user handle it, that way s6-svscan could be used
as process #1 in an LXC process namespace without problems.
> On the other hand, if
> you're telling me that s6-svscan needs to understand SIGPWR in case the
> kernel wants to signal a power failure, you actually have a good point,
> and yes, I should implement SIGPWR support when this signal exists.
right, it should be caught anyway and the user should decide via a hook
executable what to do about it (see if power returns after a while, sync and
suspend to disk if not naturally come to mind here).
s6 should also catch SIGWINCH (keyboard request) and let the user handle
it via a hook executable if the signal exists btw. dunno if it already does so.
you are absolutely right that one should not abuse SIGPWR to signal poweroff
to the "real" process #1 started by the kernel, there exist enough other signals
for that purpose.
next prev parent reply other threads:[~2020-02-23 16:51 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1beb6e35-d4be-60b8-fc52-af666c4fffe3@gmx.com>
2020-02-12 14:25 ` innerspacepilot
2020-02-12 21:54 ` Colin Booth
2020-02-12 22:16 ` Dewayne Geraghty
2020-02-14 9:38 ` Jeff
2020-02-14 12:38 ` Steve Litt
2020-02-15 10:47 ` fungal-net
2020-02-14 10:08 ` Jeff
2020-02-14 10:46 ` Jeff
2020-02-14 12:29 ` innerspacepilot
2020-02-14 12:45 ` Steve Litt
[not found] ` <CALZWFRLvtofWfP4kzxJ8_8_K3nzebPjCR-NsJ2MU22cSuaOLng@mail.gmail.com>
[not found] ` <20200214182241.15614126@mydesk.domain.cxm>
2020-02-17 19:46 ` Cameron Nemo
2020-02-23 16:11 ` Jeff
2020-02-17 14:39 ` Jeff
2020-02-14 14:02 ` Casper Ti. Vector
2020-02-17 14:45 ` Jeff
2020-02-17 14:50 ` Jeff
2020-02-14 13:15 ` Casper Ti. Vector
2020-02-14 13:39 ` innerspacepilot
2020-02-14 13:57 ` Casper Ti. Vector
2020-02-14 14:06 ` innerspacepilot
2020-02-14 14:25 ` Casper Ti. Vector
2020-02-14 18:30 ` Laurent Bercot
2020-02-17 10:00 ` innerspacepilot
2020-02-17 15:13 ` Jeff
2020-02-18 9:39 ` Laurent Bercot
2020-02-20 20:39 ` Serge E. Hallyn
2020-02-23 16:51 ` Jeff [this message]
2020-02-23 23:53 ` Laurent Bercot
2020-02-24 6:31 ` innerspacepilot
2020-02-24 10:23 ` Laurent Bercot
2020-02-24 13:00 ` Jeff
2020-02-24 19:53 ` Laurent Bercot
2020-02-24 13:12 ` innerspacepilot
2020-02-24 15:26 ` Serge E. Hallyn
2020-02-26 8:07 ` innerspacepilot
2020-02-28 6:39 ` Jan Braun
2020-02-28 9:45 ` Alex Suykov
2020-02-28 23:50 ` fungal-net
2020-02-29 13:44 ` Jonathan de Boyne Pollard
2020-02-29 18:20 ` Guillermo
2020-03-06 20:07 ` innerspacepilot
2020-03-06 20:09 ` innerspacepilot
2020-02-25 8:39 ` Jonathan de Boyne Pollard
2020-02-24 21:13 ` Guillermo
2020-02-24 22:25 ` Laurent Bercot
2020-02-24 22:49 ` Laurent Bercot
2020-02-24 23:08 ` Guillermo
2020-02-25 1:48 ` Laurent Bercot
2020-02-25 9:08 ` Jonathan de Boyne Pollard
2020-02-25 18:38 ` Guillermo
2020-03-16 12:49 ` Jeff
2020-03-16 17:13 ` Jeff
2020-02-24 23:03 ` Guillermo
2020-03-16 12:31 ` Jeff
2020-03-16 18:03 ` Laurent Bercot
2020-02-23 17:31 ` Jeff
2020-02-24 0:33 ` Laurent Bercot
2020-02-14 19:08 ` John W Higgins
2020-02-14 23:18 ` Laurent Bercot
2020-02-14 23:38 ` John W Higgins
2020-02-15 2:15 ` Laurent Bercot
2020-04-14 16:57 Maxim Vetsalo
-- strict thread matches above, loose matches on Subject: below --
2020-01-23 20:44 innerspacepilot
2020-01-31 4:39 ` Colin Booth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7003111582476686@vla3-6a5326aeb4ee.qloud-c.yandex.net \
--to=sysinit@yandex.com \
--cc=supervision@list.skarnet.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).