Browse Source

shepherd: Unblock signals in the child process.

Fixes <https://bugs.gnu.org/41791>.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>.

This change mirrors changes made in the Shepherd 0.8.1, where signals
are blocked in the shepherd process in support of 'signalfd'.  The
regression was introduced with the switch to 0.8.1 in
3f9c62d1a8b345909adaeb22f454ad22554c55a1: child processes would not
receive SIGTERM upon 'herd stop SERVICE'.

* gnu/build/shepherd.scm <top level>: Autoload (shepherd system).
(make-forkexec-constructor/container): Call call to 'sigaction' and
'unblock-signals'.
gn-latest-20200725
Ludovic Courtès 1 year ago
parent
commit
b6b95685d0
No known key found for this signature in database GPG Key ID: 90B11993D9AEBB5
  1. 16
      gnu/build/shepherd.scm

16
gnu/build/shepherd.scm

@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@ -21,6 +21,7 @@
#:use-module (gnu build linux-container)
#:use-module (guix build utils)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26)
#:use-module (ice-9 match)
#:export (make-forkexec-constructor/container))
@ -91,7 +92,10 @@
;; XXX: Lazy-bind the Shepherd to avoid a compile-time dependency.
(module-autoload! (current-module)
'(shepherd service) '(read-pid-file exec-command))
'(shepherd service)
'(read-pid-file exec-command %precious-signals))
(module-autoload! (current-module)
'(shepherd system) '(unblock-signals))
(define* (read-pid-file/container pid pid-file #:key (max-delay 5))
"Read PID-FILE in the container namespaces of PID, which exists in a
@ -158,6 +162,14 @@ namespace, in addition to essential bind-mounts such /proc."
(let ((pid (run-container container-directory
mounts namespaces 1
(lambda ()
;; First restore the default handlers.
(for-each (cut sigaction <> SIG_DFL)
%precious-signals)
;; Unblock any signals that have been blocked
;; by the parent process.
(unblock-signals %precious-signals)
(mkdir-p "/var/run")
(clean-up pid-file)

Loading…
Cancel
Save