[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Using CHILD_SUBREAPER in GNU Shepherd
From: |
Ludovic Courtès |
Subject: |
Re: Using CHILD_SUBREAPER in GNU Shepherd |
Date: |
Thu, 08 Jun 2017 14:44:37 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) |
Hello!
address@hidden skribis:
> What this boils down to is allowing process supervisors to be much more
> reliable, even when not running as init, because they can track not just
> their children, but their children's children, and in general all
> transitive children. I'd like to add it to GNU Shepherd.
>
> It may require some re-architecting to take full advantage of it. I'm
> not sure yet. I wrote a small tool using CHILD_SUBREAPER to provide
> some useful process supervision features:
> https://github.com/catern/supervise
>
> The relevant features are:
> - Guaranteed cleanup of all started processes
> - Usable in nested situations
> I'd like to get such features into GNU Shepherd. (maybe the latter is
> already possible, but explicit support can't hurt)
>
> Does this sound like a good idea?
It does! We want to keep the Shepherd portable to GNU variants that
lack CHILD_SUBREAPER, so we’ll have to pay attention to it, but
hopefully that won’t be much of a problem.
There are prctl bindings in (guix build syscalls) so perhaps you could
copy/paste that (yeah…) in the Shepherd to begin with.
> There aren't many process supervisors out there which actually use
> CHILD_SUBREAPER, which I find rather disappointing, because it allows
> container-like cleanup without actually having root privileges.
>
> In the longer term, if we had this feature in the shepherd, we could
> make some container-like guarantees about starting up daemons and
> applications out of Guix on foreign distros: Not only will the
> dependencies be pulled from the store, but also absolutely no processes
> can be remaining on the system after the daemon is terminated, if it is
> started with the shepherd. That would a really unique guarantee!
>
> It could also help with store garbage collection, perhaps?
Hmm I don’t think it would help with GC of /gnu/store items. Or did you
mean something else?
Thanks for the suggestion, looking forward to a WIP patch! :-)
Ludo’.