[systemd-devel] failed to bring up bonding interface (dracut+system)
Hello. I'm using dracut to create initramfs and systemd. Dracut configures bond and all works fine, but then it shutdowns and switch rooti, mac address of slave interfaces (eth0 and eth1) changed, but bonding mac saves the same. After that bond interface not works. How to prevent this fail? If i rmmod igb driver and load it mac addresses change to normal and all works fine. dracut from current master, system - 212. my /proc/cmdline bond=bond0:eth0,eth1:mode=balance-xor,miimon=100,updelay=200,downdelay=200 net.ifnames=0 ip=bond0:auto6:9000 rd.bootif=0 rd.md=0 rd.dm=0 rd.lvm=0 rd.luks=0 console=tty0 console=ttyS1,115200 rw root=live:http://[2001:db8:0:f101:92e2:baff:fe31:44c]/image/mh-vm/image.squashfs rd.live.size=1G chef=http://[2001:db8:0:f101:92e2:baff:fe31:44c]/chef/vm09 rd.shell raid=noautodetect rdshell rd.debug rdnetdebug Invalid mac addresses is ba:ee:69:7c:ed:4e 4a:0f:e8:44:93:35 Valid mac addreses is 00:25:90:d5:bf:bc 00:25:90:d5:bf:bd -- Vasiliy Tolstov, e-mail: v.tols...@selfip.ru jabber: v...@selfip.ru ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 0/2] path_make_relative() fix and tests
I recently added path_make_relative() to path-util, and Lennart asked me to write a test case for it. It's good that he did, because that revealed a serious bug that I had somehow missed in my initial testing. Tanu Kaskinen (2): path-util: fix missing terminating zero test-path-util: add tests for path_make_relative() src/shared/path-util.c| 15 +-- src/test/test-path-util.c | 22 ++ 2 files changed, 27 insertions(+), 10 deletions(-) -- 1.9.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 2/2] test-path-util: add tests for path_make_relative()
---
src/test/test-path-util.c | 22 ++
1 file changed, 22 insertions(+)
diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c
index 0aa0bf1..9f8ae4d 100644
--- a/src/test/test-path-util.c
+++ b/src/test/test-path-util.c
@@ -170,10 +170,32 @@ static void test_fsck_exists(void) {
assert_se(fsck_exists(AbCdE) == -ENOENT);
}
+static void test_make_relative(void) {
+char *result;
+
+assert_se(path_make_relative(some/relative/path, /some/path,
result) 0);
+assert_se(path_make_relative(/some/path, some/relative/path,
result) 0);
+
+#define test(from_dir, to_path, expected) { \
+path_make_relative(from_dir, to_path, result); \
+assert_se(streq(result, expected)); \
+free(result); \
+}
+
+test(/, /, .);
+test(/, /some/path, some/path);
+test(/some/path, /some/path, .);
+test(/some/path, /some/path/in/subdir, in/subdir);
+test(/some/path, /, ../..);
+test(/some/path, /some/other/path, ../other/path);
+test(//extra/slashes///won'tfool///anybody//,
extra///slashesare/just///fine///, ../../../are/just/fine);
+}
+
int main(int argc, char **argv) {
test_path();
test_find_binary(argv[0]);
test_prefixes();
test_fsck_exists();
+test_make_relative();
return 0;
}
--
1.9.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/2] path-util: fix missing terminating zero
There was this code:
if (to_path_len 0)
memcpy(p, to_path, to_path_len);
That didn't add the terminating zero, so the resulting string was
corrupt if this code path was taken.
Using strcpy() instead of memcpy() solves this issue, and also
simplifies the code.
Previously there was special handling for shortening ../../ to
../.., but that has now been replaced by a path_kill_slashes() call,
which also makes the result prettier in case the input contains
redundant slashes that would otherwise be copied to the result.
---
src/shared/path-util.c | 15 +--
1 file changed, 5 insertions(+), 10 deletions(-)
diff --git a/src/shared/path-util.c b/src/shared/path-util.c
index 2f38c10..5863429 100644
--- a/src/shared/path-util.c
+++ b/src/shared/path-util.c
@@ -135,7 +135,6 @@ char *path_make_absolute_cwd(const char *p) {
int path_make_relative(const char *from_dir, const char *to_path, char **_r) {
char *r, *p;
unsigned n_parents;
-size_t to_path_len;
assert(from_dir);
assert(to_path);
@@ -168,6 +167,8 @@ int path_make_relative(const char *from_dir, const char
*to_path, char **_r) {
if (!r)
return -ENOMEM;
+path_kill_slashes(r);
+
*_r = r;
return 0;
}
@@ -202,21 +203,15 @@ int path_make_relative(const char *from_dir, const char
*to_path, char **_r) {
n_parents++;
}
-to_path_len = strlen(to_path);
-
-r = malloc(n_parents * 3 + to_path_len);
+r = malloc(n_parents * 3 + strlen(to_path) + 1);
if (!r)
return -ENOMEM;
for (p = r; n_parents 0; n_parents--, p += 3)
memcpy(p, ../, 3);
-if (to_path_len 0)
-memcpy(p, to_path, to_path_len);
-else
-/* to_path is a parent directory of from_dir. Let's remove
- * the redundant slash from the end of the result. */
-*(p - 1) = 0;
+strcpy(p, to_path);
+path_kill_slashes(r);
*_r = r;
return 0;
--
1.9.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [RFC][PATCH] sd-dhcp-client: return NULL from _unref() like the other sd-* libraries
On Sat, May 24, 2014 at 2:58 AM, Lennart Poettering lenn...@poettering.net wrote: On Thu, 22.05.14 15:29, Tom Gundersen (t...@jklm.no) wrote: Let's keep this behavior consistent across our libraries. In order to keep the refcounting working, a DONT_DESTROY macro similar to the one in sd-bus was introduced. The DON_DESTROY stuff you only really need when you dispatch some calback from a function call. It's there to make sure that the callback can drop the final ref for the object, but you can still access the object after it finished. There's no point in placing the macro in all functions, that's entirely unnecessary. I (intended to) place it in all functions that may indirectly dispatch a callback (even though it is deep down in the call chain). -t ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 3/3] nspawn: allow to bind mount journal on top of a non empty container journal dentry
On Thu, May 22, 2014 at 08:23:41AM +0200, Lennart Poettering wrote: On Tue, 29.04.14 00:15, Djalal Harouni (tix...@opendz.org) wrote: On Fri, Apr 25, 2014 at 08:30:36PM +0200, Tom Gundersen wrote: On Fri, Apr 11, 2014 at 2:45 AM, Djalal Harouni tix...@opendz.org wrote: Currently if nspawn was called with --link-journal=host or --link-journal=auto and the right /var/log/journal/machine-id/ exists then the bind mount the subdirectory into the container might fail due to the ~/mycontainer/var/log/journal/machine-id/ of the container not being empty. There is no reason to check if the container journal subdir is empty since there will be a bind mount on top of it. The user asked for a bind mount so give it. Note: a next call with --link-journal=guest may fail due to the /var/log/journal/machine-id/ on the host not being empty. https://bugs.freedesktop.org/show_bug.cgi?id=76193 Hm, so this will allow some journal entries to be saved on the host and some on the guest, but only one of them will be shown by journalctl --merge at any given time... Won't this be confusing? Either way I guess this case should be documented in the manpage (either that it is not allowed, or that it may be confusing)... Yes, to be honest, I'm also not sure! but I guess if the user wants to move to the host, perhaps give him a chance, or at least document as you have suggested, and warn during systemd-nspawn (will verify it later). So I'll wait to see what others think, or perhaps extend journalctl to make this part of --merge ... ? Thinking about this and after having merged your patch earlier, I have now changed this slightly again, and readded the error message, but downgraded it to a warning. THis means you get what you ask for by passing --link-journal= but at least you are informed that somethoing is weird. Ok, sounds good! yes we don't block users and we inform them. I'll try to write a doc patch and send it for the journalctl --merge that Tom reported! I hope this makes sense, Yes, thank you. I'm updating/rebasing the other two patches, will test them and send soon. Lennart -- Lennart Poettering, Red Hat -- Djalal Harouni http://opendz.org ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Device units and LXC
Hi! As of my understanding of systemd, device units depend hard udev. Units like network@.service contain lines like BindsTo=sys-subsystem-net-devices-%i.device Within a Linux container this is a problem because there is no udev. There systemd never receives an event for this device and the device unit never shows up. I'm wondering what we can do to improve the situation. At least for Ethernet devices systemd could just use sysfs to find out whether the device is present or not. What do you think? Thanks, //richard ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v3 2/2] nspawn: make nspawn robust to container failure
nspawn and the container child use eventfd to wait and notify each other
that they are ready so the container setup can be completed.
However in its current form the wait/notify event ignore errors that
may especially affect the child (container).
On errors the child will jump to the child_fail label and terminate
with _exit(EXIT_FAILURE) without notifying the parent. Since the eventfd
is created without the EFD_NONBLOCK flag, this leaves the parent
blocking on the eventfd_read() call. The container can also be killed
at any moment before execv() and the parent will not receive
notifications.
We can fix this by using cheap mechanisms, the new high level eventfd
API and handle SIGCHLD signals:
* Keep the cheap eventfd and EFD_NONBLOCK flag.
* Introduce eventfd states for parent and child to sync.
Child notifies parent with EVENTFD_CHILD_SUCCEEDED on success or
EVENTFD_CHILD_FAILED on failure and before _exit(). This prevents the
parent from waiting on an event that will never come.
* If the child is killed before execv() or before notifying the parent,
we install a NOP handler for SIGCHLD which will interrupt blocking calls
with EINTR. This gives a chance to the parent to call wait() and
terminate in main().
* If there are no errors, parent will block SIGCHLD, restore default
handler and notify child which will do execv(), then parent will pass
control to process_pty() to do its magic.
This was exposed in part by:
https://bugs.freedesktop.org/show_bug.cgi?id=76193
Reported-by: Tobias Hunger tobias.hun...@gmail.com
---
Makefile.am | 4 +-
src/nspawn/nspawn.c | 92 ++---
src/shared/eventfd-util.c | 169 ++
src/shared/eventfd-util.h | 43
4 files changed, 282 insertions(+), 26 deletions(-)
create mode 100644 src/shared/eventfd-util.c
create mode 100644 src/shared/eventfd-util.h
diff --git a/Makefile.am b/Makefile.am
index f517f19..4b60735 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -805,7 +805,9 @@ libsystemd_shared_la_SOURCES = \
src/shared/ring.c \
src/shared/ring.h \
src/shared/async.c \
- src/shared/async.h
+ src/shared/async.h \
+ src/shared/eventfd-util.c \
+ src/shared/eventfd-util.h
nodist_libsystemd_shared_la_SOURCES = \
src/shared/errno-from-name.h \
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index ad8df91..e59ed63 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -84,6 +84,7 @@
#include def.h
#include rtnl-util.h
#include udev-util.h
+#include eventfd-util.h
#include blkid-util.h
#include gpt.h
#include siphash24.h
@@ -2642,6 +2643,8 @@ static int wait_for_container(pid_t pid, ContainerStatus
*container) {
return r;
}
+static void nop_handler(int sig) {}
+
int main(int argc, char *argv[]) {
_cleanup_free_ char *kdbus_domain = NULL, *device_path = NULL,
*root_device = NULL, *home_device = NULL, *srv_device = NULL;
@@ -2653,8 +2656,8 @@ int main(int argc, char *argv[]) {
const char *console = NULL;
char veth_name[IFNAMSIZ];
bool secondary = false;
+sigset_t mask, mask_chld;
pid_t pid = 0;
-sigset_t mask;
log_parse_environment();
log_open();
@@ -2816,36 +2819,44 @@ int main(int argc, char *argv[]) {
sd_notify(0, READY=1);
assert_se(sigemptyset(mask) == 0);
+assert_se(sigemptyset(mask_chld) == 0);
+sigaddset(mask_chld, SIGCHLD);
sigset_add_many(mask, SIGCHLD, SIGWINCH, SIGTERM, SIGINT, -1);
assert_se(sigprocmask(SIG_BLOCK, mask, NULL) == 0);
for (;;) {
ContainerStatus container_status;
-int parent_ready_fd = -1, child_ready_fd = -1;
-eventfd_t x;
-
-parent_ready_fd = eventfd(0, EFD_CLOEXEC);
-if (parent_ready_fd 0) {
-log_error(Failed to create event fd: %m);
+int eventfds[2] = { -1, -1 };
+struct sigaction sa = {
+.sa_handler = nop_handler,
+.sa_flags = SA_NOCLDSTOP,
+};
+
+/* Child can be killed before execv(), so handle SIGCHLD
+ * in order to interrupt parent's blocking calls and
+ * give it a chance to call wait() and terminate. */
+r = sigprocmask(SIG_UNBLOCK, mask_chld, NULL);
+if (r 0) {
+log_error(Failed to change the signal mask: %m);
goto finish;
}
-child_ready_fd = eventfd(0, EFD_CLOEXEC);
-if (child_ready_fd 0) {
-log_error(Failed to create event fd: %m);
+r = sigaction(SIGCHLD, sa, NULL);
+if (r 0) {
+log_error(Failed to install SIGCHLD handler: %m);
Re: [systemd-devel] [RFC] nspawn: make nspawn robust to container failure
On Thu, May 22, 2014 at 02:52:08AM +0200, Lennart Poettering wrote: On Fri, 02.05.14 16:45, Djalal Harouni (tix...@opendz.org) wrote: nspawn and the container child use eventfd to wait and notify each other that they are ready so the container setup can be completed. Looks good, but doesn't apply anymore, could you rebase please? Ok, I just did, the new clean thread: http://lists.freedesktop.org/archives/systemd-devel/2014-May/019446.html Sorry for the delay in reviewing, Ok, no worries! just in time for a release?! :-) Thanks! Lennart -- Lennart Poettering, Red Hat -- Djalal Harouni http://opendz.org ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] test-unit-file: skip if unit_file_get_list returns permission denied
---
src/test/test-unit-file.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
index 63a8a7d..4813342 100644
--- a/src/test/test-unit-file.c
+++ b/src/test/test-unit-file.c
@@ -48,6 +48,12 @@ static int test_unit_file_get_set(void) {
assert(h);
r = unit_file_get_list(UNIT_FILE_SYSTEM, NULL, h);
+
+if (r == -EPERM || r == -EACCES) {
+printf(Skipping test: unit_file_get_list: %s, strerror(-r));
+return EXIT_TEST_SKIP;
+}
+
log_full(r == 0 ? LOG_INFO : LOG_ERR,
unit_file_get_list: %s, strerror(-r));
if (r 0)
--
1.8.4.5
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] Fix several small typos
On Fri, May 23, 2014 at 11:56:42AM -0700, Jonathan Boulle wrote: Fix some small comment/log typos Applied. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Device units and LXC
On Sat, 24.05.14 15:19, Richard Weinberger (rich...@nod.at) wrote: Hi! As of my understanding of systemd, device units depend hard udev. Units like network@.service contain lines like BindsTo=sys-subsystem-net-devices-%i.device Within a Linux container this is a problem because there is no udev. There systemd never receives an event for this device and the device unit never shows up. I'm wondering what we can do to improve the situation. At least for Ethernet devices systemd could just use sysfs to find out whether the device is present or not. We were considering doing something like that, but ultimately the network managing software anyway needs to know that it runs in a container and not rely on udev properties and suchlike if so. But if it needs that then thee's no point in faking device availabality in the containers. systemd-networkd gets this right, please talk to the authors of your network managing software to follow the same scheme (or, alternatively, just use systemd-networkd...) Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] test-unit-file: skip if unit_file_get_list returns permission denied
On Sat, 24.05.14 12:16, Cristian Rodríguez (crrodrig...@opensuse.org) wrote:
Applied. Thanks!
---
src/test/test-unit-file.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/test/test-unit-file.c b/src/test/test-unit-file.c
index 63a8a7d..4813342 100644
--- a/src/test/test-unit-file.c
+++ b/src/test/test-unit-file.c
@@ -48,6 +48,12 @@ static int test_unit_file_get_set(void) {
assert(h);
r = unit_file_get_list(UNIT_FILE_SYSTEM, NULL, h);
+
+if (r == -EPERM || r == -EACCES) {
+printf(Skipping test: unit_file_get_list: %s,
strerror(-r));
+return EXIT_TEST_SKIP;
+}
+
log_full(r == 0 ? LOG_INFO : LOG_ERR,
unit_file_get_list: %s, strerror(-r));
if (r 0)
Lennart
--
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/2] test-path-util: add tests for path_make_relative()
On Sat, 24.05.14 12:01, Tanu Kaskinen (tanu.kaski...@linux.intel.com) wrote:
Thanks a lot for putting this together! Much appreciated! Applied!
---
src/test/test-path-util.c | 22 ++
1 file changed, 22 insertions(+)
diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c
index 0aa0bf1..9f8ae4d 100644
--- a/src/test/test-path-util.c
+++ b/src/test/test-path-util.c
@@ -170,10 +170,32 @@ static void test_fsck_exists(void) {
assert_se(fsck_exists(AbCdE) == -ENOENT);
}
+static void test_make_relative(void) {
+char *result;
+
+assert_se(path_make_relative(some/relative/path, /some/path,
result) 0);
+assert_se(path_make_relative(/some/path, some/relative/path,
result) 0);
+
+#define test(from_dir, to_path, expected) { \
+path_make_relative(from_dir, to_path, result); \
+assert_se(streq(result, expected)); \
+free(result); \
+}
+
+test(/, /, .);
+test(/, /some/path, some/path);
+test(/some/path, /some/path, .);
+test(/some/path, /some/path/in/subdir, in/subdir);
+test(/some/path, /, ../..);
+test(/some/path, /some/other/path, ../other/path);
+test(//extra/slashes///won'tfool///anybody//,
extra///slashesare/just///fine///, ../../../are/just/fine);
+}
+
int main(int argc, char **argv) {
test_path();
test_find_binary(argv[0]);
test_prefixes();
test_fsck_exists();
+test_make_relative();
return 0;
}
Lennart
--
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH v3 2/2] nspawn: make nspawn robust to container failure
On Sat, 24.05.14 14:58, Djalal Harouni (tix...@opendz.org) wrote:
Applied both. Thanks!
However, I am not too convinced about the clone() thing in
shared/eventfd-util.[ch]. That sounds too specific to be shared betwen
more than one tool. I have the suspicion that we really should move that
code back into nspawn.
Anyway, merged this for now, as we can fix this later, and nspawn is
moving to quickly that this is likely to happen to get fixed soonishly.
Thanks!
nspawn and the container child use eventfd to wait and notify each other
that they are ready so the container setup can be completed.
However in its current form the wait/notify event ignore errors that
may especially affect the child (container).
On errors the child will jump to the child_fail label and terminate
with _exit(EXIT_FAILURE) without notifying the parent. Since the eventfd
is created without the EFD_NONBLOCK flag, this leaves the parent
blocking on the eventfd_read() call. The container can also be killed
at any moment before execv() and the parent will not receive
notifications.
We can fix this by using cheap mechanisms, the new high level eventfd
API and handle SIGCHLD signals:
* Keep the cheap eventfd and EFD_NONBLOCK flag.
* Introduce eventfd states for parent and child to sync.
Child notifies parent with EVENTFD_CHILD_SUCCEEDED on success or
EVENTFD_CHILD_FAILED on failure and before _exit(). This prevents the
parent from waiting on an event that will never come.
* If the child is killed before execv() or before notifying the parent,
we install a NOP handler for SIGCHLD which will interrupt blocking calls
with EINTR. This gives a chance to the parent to call wait() and
terminate in main().
* If there are no errors, parent will block SIGCHLD, restore default
handler and notify child which will do execv(), then parent will pass
control to process_pty() to do its magic.
This was exposed in part by:
https://bugs.freedesktop.org/show_bug.cgi?id=76193
Reported-by: Tobias Hunger tobias.hun...@gmail.com
---
Makefile.am | 4 +-
src/nspawn/nspawn.c | 92 ++---
src/shared/eventfd-util.c | 169
++
src/shared/eventfd-util.h | 43
4 files changed, 282 insertions(+), 26 deletions(-)
create mode 100644 src/shared/eventfd-util.c
create mode 100644 src/shared/eventfd-util.h
diff --git a/Makefile.am b/Makefile.am
index f517f19..4b60735 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -805,7 +805,9 @@ libsystemd_shared_la_SOURCES = \
src/shared/ring.c \
src/shared/ring.h \
src/shared/async.c \
- src/shared/async.h
+ src/shared/async.h \
+ src/shared/eventfd-util.c \
+ src/shared/eventfd-util.h
nodist_libsystemd_shared_la_SOURCES = \
src/shared/errno-from-name.h \
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index ad8df91..e59ed63 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -84,6 +84,7 @@
#include def.h
#include rtnl-util.h
#include udev-util.h
+#include eventfd-util.h
#include blkid-util.h
#include gpt.h
#include siphash24.h
@@ -2642,6 +2643,8 @@ static int wait_for_container(pid_t pid,
ContainerStatus *container) {
return r;
}
+static void nop_handler(int sig) {}
+
int main(int argc, char *argv[]) {
_cleanup_free_ char *kdbus_domain = NULL, *device_path = NULL,
*root_device = NULL, *home_device = NULL, *srv_device = NULL;
@@ -2653,8 +2656,8 @@ int main(int argc, char *argv[]) {
const char *console = NULL;
char veth_name[IFNAMSIZ];
bool secondary = false;
+sigset_t mask, mask_chld;
pid_t pid = 0;
-sigset_t mask;
log_parse_environment();
log_open();
@@ -2816,36 +2819,44 @@ int main(int argc, char *argv[]) {
sd_notify(0, READY=1);
assert_se(sigemptyset(mask) == 0);
+assert_se(sigemptyset(mask_chld) == 0);
+sigaddset(mask_chld, SIGCHLD);
sigset_add_many(mask, SIGCHLD, SIGWINCH, SIGTERM, SIGINT, -1);
assert_se(sigprocmask(SIG_BLOCK, mask, NULL) == 0);
for (;;) {
ContainerStatus container_status;
-int parent_ready_fd = -1, child_ready_fd = -1;
-eventfd_t x;
-
-parent_ready_fd = eventfd(0, EFD_CLOEXEC);
-if (parent_ready_fd 0) {
-log_error(Failed to create event fd: %m);
+int eventfds[2] = { -1, -1 };
+struct sigaction sa = {
+.sa_handler = nop_handler,
+.sa_flags = SA_NOCLDSTOP,
+};
+
+/* Child can be killed before execv(), so handle SIGCHLD
+ * in order to interrupt parent's blocking calls and
+ * give it a chance to call wait() and terminate.
