Re: [systemd-devel] Cleaning up transient scopes
On tis, 2015-05-19 at 19:00 +0200, Lennart Poettering wrote: > On Thu, 05.03.15 10:12, Alexander Larsson (al...@redhat.com) wrote: > > > See, even when the sleep command died the scope still exists, and is > > even ACTIVE. > > This appears to work fine here on git. There were some fixes to > systemd-run made, but it would be cool if you could verify that this > works for you. I don't have a master build here, but its still an issue on F22 at least (although that is a bit older). The only fix i saw on master was a race condition though, but I can easily reproduce this with "slow" services. I.E: $ systemd-run --user --scope sleep 30 & [1] 3998 Running as unit run-3998.scope. $ systemctl status --user run-3998.scope ● run-3998.scope - /usr/bin/sleep 30 Loaded: loaded (/run/user/1000/systemd/user/run-3998.scope; static; vendor preset: enabled) Drop-In: /run/user/1000/systemd/user/run-3998.scope.d └─50-Description.conf Active: active (running) since Mon 2015-06-01 12:44:14 CEST; 8s ago CGroup: /user.slice/user-1000.slice/user@1000.service/run-3998.scope └─3998 /usr/bin/sleep 30 Jun 01 12:44:14 nano systemd[1631]: Started /usr/bin/sleep 30. Jun 01 12:44:14 nano systemd[1631]: Starting /usr/bin/sleep 30. [alex@nano ~]$ sleep 30 [1]+ Donesystemd-run --user --scope sleep 30 [alex@nano ~]$ systemctl status --user run-3998.scope ● run-3998.scope - /usr/bin/sleep 30 Loaded: loaded (/run/user/1000/systemd/user/run-3998.scope; static; vendor preset: enabled) Drop-In: /run/user/1000/systemd/user/run-3998.scope.d └─50-Description.conf Active: active (running) since Mon 2015-06-01 12:44:14 CEST; 45s ago Jun 01 12:44:14 nano systemd[1631]: Started /usr/bin/sleep 30. Jun 01 12:44:14 nano systemd[1631]: Starting /usr/bin/sleep 30. I.e. the scope is still there and is "active" even though it knows the one pid, main pid in it doesn't live anymore. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Alexander LarssonRed Hat, Inc al...@redhat.comalexander.lars...@gmail.com He's a fast talking overambitious dwarf on the run. She's a strong-willed cigar-chomping vampire with an evil twin sister. They fight crime! ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Cleaning up transient scopes
On Thu, 05.03.15 10:12, Alexander Larsson (al...@redhat.com) wrote: > See, even when the sleep command died the scope still exists, and is > even ACTIVE. This appears to work fine here on git. There were some fixes to systemd-run made, but it would be cool if you could verify that this works for you. > Also, while we're on the topic of scopes. Is there any way to hang some > random metadata off a unit during creation, that can be read back? For > xdg-app I'd like to put information like the app id, the exact version, > the security level, etc into the scope. Then anyone talking to the app > could go: > getpeercred => cgroup => scope => unfakable (by the app) data about > the application. Well, there are cgroup xattrs, but they are not accessible (neiher for read nor write) to unprivileged processes. You can embedd X- fields in unit files and even [X-Sections] in it, to add whatever you like to unit files. These fields will be ignored, and are supposed to be used for extending files with arbitrary fields of your choice. There's a TODO list item to then expose these fields on the bus for each unit, but that's not implemented right now, which means you need to read the unit files manually, and parse them again... So, nope, I have no nice answer for you... Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Cleaning up transient scopes
On tor, 2015-03-05 at 00:00 +0100, Lennart Poettering wrote: > On Wed, 04.03.15 18:51, Alexander Larsson (al...@redhat.com) wrote: > > > If i run a transient scope on the user systemd instance like: > > > > $ systemd-run --user --scope true > > > > Then the scope seems to live past the end of the process. Is there any > > way to make it automatically go away with the last process in the > > cgroup? > > Well, yes, the idea is that that just works. However, this is kinda > broken if the systemd instance managing your scope is not PID 1, as we > don't get SIGCHLD then. > > Do you create any subcgroups? presumably not? > > Normally it should just work then, but I must admit that --user scopes > got much less testing that system scopes... Oh, i'm not doing anything special at all: $ systemd-run --user --scope sleep 10 & [1] 10613 $ Running as unit run-10613.scope. systemd-ctl status --user run-10613.scope ● run-10613.scope - /usr/bin/sleep 10 Loaded: loaded (/run/user/1000/systemd/user/run-10613.scope; static) Drop-In: /run/user/1000/systemd/user/run-10613.scope.d └─50-Description.conf Active: active (running) since tor 2015-03-05 10:06:24 CET; 8s ago CGroup: /user.slice/user-1000.slice/user@1000.service/run-10613.scope └─10613 /usr/bin/sleep 10 mar 05 10:06:24 localhost.localdomain systemd[1405]: Starting /usr/bin/sleep 10. mar 05 10:06:24 localhost.localdomain systemd[1405]: Started /usr/bin/sleep 10. $ sleep 10 [1]+ Donesystemd-run --user --scope sleep 10 $ systemctl status --user run-10613.scope ● run-10613.scope - /usr/bin/sleep 10 Loaded: loaded (/run/user/1000/systemd/user/run-10613.scope; static) Drop-In: /run/user/1000/systemd/user/run-10613.scope.d └─50-Description.conf Active: active (running) since tor 2015-03-05 10:06:24 CET; 25s ago mar 05 10:06:24 localhost.localdomain systemd[1405]: Starting /usr/bin/sleep 10. mar 05 10:06:24 localhost.localdomain systemd[1405]: Started /usr/bin/sleep 10. See, even when the sleep command died the scope still exists, and is even ACTIVE. Also, while we're on the topic of scopes. Is there any way to hang some random metadata off a unit during creation, that can be read back? For xdg-app I'd like to put information like the app id, the exact version, the security level, etc into the scope. Then anyone talking to the app could go: getpeercred => cgroup => scope => unfakable (by the app) data about the application. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Alexander LarssonRed Hat, Inc al...@redhat.comalexander.lars...@gmail.com He's an uncontrollable coffee-fuelled filmmaker for the 21st century. She's an enchanted tomboy doctor with a song in her heart and a spring in her step. They fight crime! ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Cleaning up transient scopes
On Thu, Mar 5, 2015 at 12:00 AM, Lennart Poettering wrote: > On Wed, 04.03.15 18:51, Alexander Larsson (al...@redhat.com) wrote: > >> If i run a transient scope on the user systemd instance like: >> >> $ systemd-run --user --scope true >> >> Then the scope seems to live past the end of the process. Is there any >> way to make it automatically go away with the last process in the >> cgroup? > > Well, yes, the idea is that that just works. However, this is kinda > broken if the systemd instance managing your scope is not PID 1, as we > don't get SIGCHLD then. It has been broken for PID 1 too for some time, https://bugs.freedesktop.org/show_bug.cgi?id=86520 Umut > > Do you create any subcgroups? presumably not? > > Normally it should just work then, but I must admit that --user scopes > got much less testing that system scopes... > > Lennart > > -- > Lennart Poettering, Red Hat > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Cleaning up transient scopes
On Wed, 04.03.15 18:51, Alexander Larsson (al...@redhat.com) wrote: > If i run a transient scope on the user systemd instance like: > > $ systemd-run --user --scope true > > Then the scope seems to live past the end of the process. Is there any > way to make it automatically go away with the last process in the > cgroup? Well, yes, the idea is that that just works. However, this is kinda broken if the systemd instance managing your scope is not PID 1, as we don't get SIGCHLD then. Do you create any subcgroups? presumably not? Normally it should just work then, but I must admit that --user scopes got much less testing that system scopes... Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Cleaning up transient scopes
If i run a transient scope on the user systemd instance like: $ systemd-run --user --scope true Then the scope seems to live past the end of the process. Is there any way to make it automatically go away with the last process in the cgroup? -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Alexander LarssonRed Hat, Inc al...@redhat.comalexander.lars...@gmail.com He's a gun-slinging gay filmmaker possessed of the uncanny powers of an insect. She's an elegant tomboy widow with someone else's memories. They fight crime! ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
