diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2020-06-11 23:51:44 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2020-06-12 00:04:42 +0200 |
| commit | b6b95685d0b478698d648f13afd927b1e1700d99 (patch) | |
| tree | 98c5ac21270ea4b0a309ad6f616f991737c7d54f /gnu/build/shepherd.scm | |
| parent | 648ae62112f62bc2106fb36d45c83fda787d3bed (diff) | |
shepherd: Unblock signals in the child process.
Fixes <https://bugs.gnu.org/41791>.
Reported by Tobias Geerinckx-Rice <me@tobias.gr>.
This change mirrors changes made in the Shepherd 0.8.1, where signals
are blocked in the shepherd process in support of 'signalfd'. The
regression was introduced with the switch to 0.8.1 in
3f9c62d1a8b345909adaeb22f454ad22554c55a1: child processes would not
receive SIGTERM upon 'herd stop SERVICE'.
* gnu/build/shepherd.scm <top level>: Autoload (shepherd system).
(make-forkexec-constructor/container): Call call to 'sigaction' and
'unblock-signals'.
Diffstat (limited to 'gnu/build/shepherd.scm')
| -rw-r--r-- | gnu/build/shepherd.scm | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/gnu/build/shepherd.scm b/gnu/build/shepherd.scm index 14bdf4edb8..47920a7b74 100644 --- a/gnu/build/shepherd.scm +++ b/gnu/build/shepherd.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -21,6 +21,7 @@ #:use-module (gnu build linux-container) #:use-module (guix build utils) #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) #:use-module (ice-9 match) #:export (make-forkexec-constructor/container)) @@ -91,7 +92,10 @@ ;; XXX: Lazy-bind the Shepherd to avoid a compile-time dependency. (module-autoload! (current-module) - '(shepherd service) '(read-pid-file exec-command)) + '(shepherd service) + '(read-pid-file exec-command %precious-signals)) +(module-autoload! (current-module) + '(shepherd system) '(unblock-signals)) (define* (read-pid-file/container pid pid-file #:key (max-delay 5)) "Read PID-FILE in the container namespaces of PID, which exists in a @@ -158,6 +162,14 @@ namespace, in addition to essential bind-mounts such /proc." (let ((pid (run-container container-directory mounts namespaces 1 (lambda () + ;; First restore the default handlers. + (for-each (cut sigaction <> SIG_DFL) + %precious-signals) + + ;; Unblock any signals that have been blocked + ;; by the parent process. + (unblock-signals %precious-signals) + (mkdir-p "/var/run") (clean-up pid-file) |