[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using CHILD_SUBREAPER in GNU Shepherd

From: Ludovic Courtès
Subject: Re: Using CHILD_SUBREAPER in GNU Shepherd
Date: Thu, 08 Jun 2017 14:44:37 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux)


address@hidden skribis:

> What this boils down to is allowing process supervisors to be much more
> reliable, even when not running as init, because they can track not just
> their children, but their children's children, and in general all
> transitive children. I'd like to add it to GNU Shepherd.
> It may require some re-architecting to take full advantage of it. I'm
> not sure yet.  I wrote a small tool using CHILD_SUBREAPER to provide
> some useful process supervision features:
> The relevant features are:
> - Guaranteed cleanup of all started processes
> - Usable in nested situations
> I'd like to get such features into GNU Shepherd. (maybe the latter is
> already possible, but explicit support can't hurt)
> Does this sound like a good idea?

It does!  We want to keep the Shepherd portable to GNU variants that
lack CHILD_SUBREAPER, so we’ll have to pay attention to it, but
hopefully that won’t be much of a problem.

There are prctl bindings in (guix build syscalls) so perhaps you could
copy/paste that (yeah…) in the Shepherd to begin with.

> There aren't many process supervisors out there which actually use
> CHILD_SUBREAPER, which I find rather disappointing, because it allows
> container-like cleanup without actually having root privileges.
> In the longer term, if we had this feature in the shepherd, we could
> make some container-like guarantees about starting up daemons and
> applications out of Guix on foreign distros: Not only will the
> dependencies be pulled from the store, but also absolutely no processes
> can be remaining on the system after the daemon is terminated, if it is
> started with the shepherd. That would a really unique guarantee!
> It could also help with store garbage collection, perhaps?

Hmm I don’t think it would help with GC of /gnu/store items.  Or did you
mean something else?

Thanks for the suggestion, looking forward to a WIP patch!  :-)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]