upstart proposal on "kill signal/timeout" stanzas
Steffen Barszus
steffenbpunkt at googlemail.com
Thu May 16 05:49:26 UTC 2013
On Tue, 2013-05-14 at 08:02 -0700, Clint Byrum wrote:
> On 2013-05-14 07:49, Thomas Perschak wrote:
> > I would like to propose two new stanzas:
> > term signal
> > term timeout
> >
> > Currently, in upstart 1.5, the SIGTERM is send after 5 seconds and
> > the SIGKILL is send after the timeout specified with "kill timeout".
> > That is very confusing.
> >
> > If one wants to avoid beeing terminated one has to use "kill signal
> > SIGCONT" - but SIGKILL cannot be worked around.
> >
>
> The SIGKILL is absolutely necessary for system shut down. If your
> program must never be killed with SIGKILL, then you probably don't want
> a 'stop on' and need to have constructed your program in a way where it
> will not prevent the system from shutting down cleanly.
I have - contrary to the original poster - a case, where SIGKILL is not
wished for. Required would be to have a SIGTERM and wait as long as
required. Currently this is workarounded by a kill timeout of 45s (usual
termination is taking 15s).
> However, perhaps you can provide a concrete example of a program which
> should be given special privileges to delay a system shutdown
> indefinitely?
The example of shutting down virtual machines has already been given.
However, in my experience just not sending the SIGKILL will not work
because of the nature of upstart. It could happen, that required
resources are still shutdown while waiting for the shutdown of the
application. In my example (vdr - video disc recorder) the program never
hangs indefinitly, and you never want it to be killed. And you want the
shutdown of ressources it requires to be delayed until it has
terminated. This is not easy right now with upstart - if not nearly
impossible. On the good side - it mostly still works.
Another situation - completely different to the mentioned case - is that
you sometimes need a possibility to inhibit the shut down completely.
This would require that the shutdown is not initiated and denied based
on certain conditions, right in the beginning. I guess thats a matter of
policy-kit and its integration with upstart.
The use-case i have in mind for this is HTPC and (home-?)servers where
resources/services are still in use. (on-going recordings, on-going
streaming, apt still running, files open on a share - to name a few).
Everyone tries to solve that for himself right now in one way or the
other, mostly by intercepting the call to shutdown as good as possible
(redirecting powerbutton to a script, redirecting shutdown request in
all possible applications used etc).
More information about the upstart-devel
mailing list