On 13 February 2014 15:05, Helmut Grohne <hel...@subdivi.de> wrote: > Hi Dimitri, > > On Thu, Feb 13, 2014 at 01:58:23PM +0000, Dmitrijs Ledkovs wrote: >> There is convention starting that processes whos name starts with '@' >> shouldn't be killed. It is used to indicate that process is needed to >> manage root device / cleanly unmount the root filesystem. >> >> At least mdadm supports it for it's 'mdmon' process which is daemon >> needed to manage containers (aka fakeraid controllers - Intel Matrix >> Raid and DDF). >> >> I've implemented a patch using pgrep, thus it's optional code in >> sendsigs if pgrep is not available. > > Are you sure that the described behaviour is desirable at all? > > I argue that evading sendsigs should be a privileged operation. If it > isn't, I can simply rename my process to start with an '@' and block > umounting filesystems possibly causing data loss (due to failing > umount). I am not sure that the drafted scenario can actually happen in > practise, but from a first glance it seems to be the case. Thus applying > your patch would open up the possibility for data loss. > > Do you concur with this reasoning? > > Yes -> Please close this bug. > No -> Please explain in what way my argument is flawed. >
Yes, but no don't close this bug-report. How about limiting it to processes running as root? E.g. pgrep -u root -f "^@" ? That way there is no loop-hole opened, since those processes could have written to /run/sendsigs.omit.d/ already. > Maybe mdmon should use the existing mechanism and write its PID to > /run/sendsigs.omit.d/mdmon instead? > This is what is currently done in mdadm/stop init script. Writing out a pidfile (and or otherwise copying them around is ok) but it is debian [derivative] specific as far as I can tell. Where is "@" convention is supported by a larger amount of distributions and other initsystems (e.g. systemd). ( http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons/ ) Writing out a pid-file should be avoided, especially since that is optional across all init systems and un-desirable for newer ones. Also, processes could be started off-root (e.g. initramfs) and/or otherwise not hold-up unmounting root. Thus I find "@" convention useful and lightweight self-identification. -- Regards, Dimitri. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
