From: Lennart Poettering <lennart@poettering.net>
To: NeilBrown <neilb@suse.de>
Cc: Andrey Borzenkov <arvidjaar@gmail.com>,
linux-raid@vger.kernel.org,
SystemD Devel <systemd-devel@lists.freedesktop.org>
Subject: Re: [systemd-devel] systemd kills mdmon if it was started manually by user
Date: Fri, 7 Jan 2011 02:42:01 +0100 [thread overview]
Message-ID: <20110107014200.GA28194@tango.0pointer.de> (raw)
In-Reply-To: <20110107121628.71146d21@notabene.brown>
On Fri, 07.01.11 12:16, NeilBrown (neilb@suse.de) wrote:
>
> On Fri, 7 Jan 2011 01:38:27 +0100 Lennart Poettering <lennart@poettering.net>
> wrote:
>
> > On Sat, 04.12.10 11:41, Andrey Borzenkov (arvidjaar@gmail.com) wrote:
> >
> > > If user starts array manually (mdadm -A -s as example) from within
> > > user session and array needs mdmon, mdmon becomes part of user session
> > > control group:
> >
> > Are you suggesting that mdadm forks off mdmon from within the user
> > session? This is horribly ugly and broken and they shouldn't do that.
>
> What alternative would you suggest?
Start it as a normal service like any other. But if you fork off the
daemon from the user session then the daemon will run in a very broken
context: the resource limits of the user apply, the audit trail will
point to the user (i.e. /proc/self/loginuid), the cgroup will be of the
user, the daemon cannot be supervised as every other daemon. Also, the
daemon will inherit all the other process properties from the user,
which is almost definitely wrong. i.e. the env block and so
on, the sig mask. gazillions of small little properties. Of course, a
big bunch of them you can reset in your code, but that's a race you
cannot win: the kernel adds new process properties all the time, and
you'd have to reset them manually.
It's is really essential that daemons are started from a clean process
environment, and are detached from the user session. SysV kinda provides
that, for everything started on boot and in a limited way for stuff
started via /sbin/service. systemd provides that too and much more
correct. But just forking off things just like that is not a good
solution.
A thinkable, relatively simple solution in a systemd world is to pull in
the mdmon service from the udev device. The udev device would do all the
necessary matching to figure out whether mdmon is needed or not. If you
care about non-systemd environments something like this of course
becomes a lot more complex.
> A daemon needs to be running while certain md arrays are running and writable.
Well, but auto-spawning it from the user session is not really a usable solution.
Lennart
--
Lennart Poettering - Red Hat, Inc.
prev parent reply other threads:[~2011-01-07 1:42 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-04 8:41 systemd kills mdmon if it was started manually by user Andrey Borzenkov
2010-12-04 9:12 ` Christian Parpart
2010-12-04 12:08 ` Andrey Borzenkov
2010-12-12 13:20 ` [systemd-devel] " Luca Berra
2011-01-07 0:40 ` Lennart Poettering
[not found] ` <20101204121413.GC11336@mother.pipebreaker.pl>
[not found] ` <AANLkTi=nTSdHc55f08G9sdEK6u8eXp276VOTHHr0jmXT@mail.gmail.com>
[not found] ` <20110125034434.GC7046@tango.0pointer.de>
[not found] ` <AANLkTik189VTXYpzLFqP=MNBg=Nx-Yq6BOKURtiby++B@mail.gmail.com>
[not found] ` <20110125042814.GA9727@tango.0pointer.de>
2011-02-04 19:55 ` Andrey Borzenkov
2011-02-08 9:48 ` [systemd-devel] " Lennart Poettering
2011-02-08 10:52 ` Andrey Borzenkov
2011-02-08 11:07 ` Lennart Poettering
2011-02-08 13:54 ` Andrey Borzenkov
2011-02-08 17:28 ` [systemd-devel] " Lennart Poettering
2011-10-23 8:00 ` Dan Williams
2011-10-24 8:04 ` Thomas Jarosch
2011-10-25 1:40 ` NeilBrown
2011-10-31 11:06 ` Lennart Poettering
2011-10-31 11:15 ` [systemd-devel] " Lennart Poettering
2011-11-02 0:44 ` NeilBrown
2011-11-02 1:16 ` Lennart Poettering
2011-11-02 2:03 ` NeilBrown
2011-11-02 13:32 ` Lennart Poettering
2011-11-02 14:33 ` Kay Sievers
2011-11-02 15:17 ` Lennart Poettering
2011-11-02 15:21 ` Kay Sievers
2011-11-02 15:29 ` [systemd-devel] " Lennart Poettering
2011-11-02 22:18 ` Williams, Dan J
2011-11-02 23:39 ` Lennart Poettering
2011-11-03 0:28 ` Williams, Dan J
2011-11-02 17:21 ` Williams, Dan J
2011-11-02 23:35 ` Lennart Poettering
2011-11-02 18:16 ` Williams, Dan J
2011-11-02 18:49 ` Kay Sievers
2011-11-02 19:31 ` Williams, Dan J
2011-11-02 19:51 ` Kay Sievers
2011-11-07 2:52 ` NeilBrown
2011-11-07 3:42 ` Kay Sievers
2011-11-07 4:30 ` NeilBrown
2011-11-07 12:00 ` Lennart Poettering
2011-11-07 19:09 ` Williams, Dan J
2011-11-08 14:43 ` Lennart Poettering
2011-11-08 23:27 ` Williams, Dan J
2011-11-08 0:11 ` Michal Soltys
2011-11-08 16:46 ` Michal Soltys
2011-11-08 20:32 ` Michal Soltys
2011-11-08 22:29 ` Williams, Dan J
2011-02-09 14:01 ` Lennart Poettering
2011-01-07 0:38 ` Lennart Poettering
2011-01-07 1:09 ` [systemd-devel] " Michael Biebl
2011-01-07 1:17 ` Roman Mamedov
2011-01-07 1:16 ` NeilBrown
2011-01-07 1:42 ` Lennart Poettering [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110107014200.GA28194@tango.0pointer.de \
--to=lennart@poettering.net \
--cc=arvidjaar@gmail.com \
--cc=linux-raid@vger.kernel.org \
--cc=neilb@suse.de \
--cc=systemd-devel@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).