[bug#54997] [PATCH 00/12] Add "least authority" program wrapper

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#54997] [PATCH 00/12] Add "least authority" program wrapper

From:	Ludovic Courtès
Subject:	[bug#54997] [PATCH 00/12] Add "least authority" program wrapper
Date:	Tue, 26 Apr 2022 22:30:47 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)

Hi!

Thiago Jung Bauermann <bauermann@kolabnow.com> skribis:

> I'm a bit concerned about running arbitrary commands as PID 1 of process
> namespaces. A process running as PID 1 (even in a child namespace) is a
> special case and is treated differently by the Linux kernel than any
> other process, so it needs to be a program that has been designed to
> work in that situation. There are two differences from regular
> processes:
>
> 1. PID 1 inherits orphan processes and needs to wait() on them when they
>    quit, in order to avoid accumulating zombie processes in the system.
>
> 2. Unlike regular processes, PID 1 doesn't have default signal handlers.

Good points.

> Both of these aspects are described in more detail here:
>
> https://github.com/krallin/tini/issues/8#issuecomment-146135930
>
> So to avoid an accumulation of zombie processes and other signal-related
> problems, I suggest adding a “(init-program ,tini)” parameter to
> ‘least-authority-wrapper’ and executing ‘program’ as a subprocess of
> ‘tini’ or whatever was passed as the #:init-program (perhaps #f could
> mean running ‘program’ directly as PID 1).

Hmm yes.  It’s not great that the choice is between ‘unshare’—efficient
but the process lives in the parent PID namespace—and ‘clone’—but then
you have to fork twice.

But yeah, you’re right.  I’ll try what you suggest and send a v2.

> I mention this because I'm currently dealing with a problem that has
> exactly this root cause: I'm working on updating the public-inbox
> package to the latest version, and the testsuite is failing because it
> tests that lei's daemon process is correctly terminated. But that
> doesn't work because “guix build” doesn't use a proper init program as
> PID 1 and thus the daemon process goes to zombie state and the testsuite
> thinks that it didn't go away. I'm hoping to send a patch to fix that
> issue.

Now that you mention it, this was discussed before:

  https://issues.guix.gnu.org/30948

I think we should do something about it in gnu-build-system.scm.

Thanks for your feedback!

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#54997] [PATCH 00/12] Add "least authority" program wrapper, Ludovic Courtès, 2022/04/17
- [bug#54997] [PATCH 01/12] gexp: Add 'references-file'., Ludovic Courtès, 2022/04/17
  - [bug#54997] [PATCH 02/12] file-systems: Avoid load-time warnings when attempting to load (guix store)., Ludovic Courtès, 2022/04/17
  - [bug#54997] [PATCH 03/12] linux-container: 'call-with-container' relays SIGTERM and SIGINT., Ludovic Courtès, 2022/04/17
  - [bug#54997] [PATCH 04/12] Add (guix least-authority)., Ludovic Courtès, 2022/04/17
    - [bug#54997] [PATCH 04/12] Add (guix least-authority)., Maxime Devos, 2022/04/18
    - [bug#54997] [PATCH 00/12] Add "least authority" program wrapper, Ludovic Courtès, 2022/04/19
    - [bug#54997] [PATCH 04/12] Add (guix least-authority)., Maxime Devos, 2022/04/18
    - [bug#54997] [PATCH 00/12] Add "least authority" program wrapper, Ludovic Courtès, 2022/04/19
    - [bug#54997] [PATCH 04/12] Add (guix least-authority)., Thiago Jung Bauermann, 2022/04/22
    - [bug#54997] [PATCH 00/12] Add "least authority" program wrapper, Ludovic Courtès <=
    - [bug#54997] [PATCH 00/12] Add "least authority" program wrapper, Thiago Jung Bauermann, 2022/04/28
    - [bug#54997] [PATCH 00/12] Add "least authority" program wrapper, Ludovic Courtès, 2022/04/26
    - [bug#54997] [PATCH v2 00/15] Add "least authority" program wrapper, Ludovic Courtès, 2022/04/27
    - [bug#54997] [PATCH v2 01/15] gexp: Add 'references-file'., Ludovic Courtès, 2022/04/27
    - [bug#54997] [PATCH v2 05/15] linux-container: Add #:child-is-pid1? parameter to 'call-with-container'., Ludovic Courtès, 2022/04/27
    - [bug#54997] [PATCH v2 03/15] linux-container: 'call-with-container' relays SIGTERM and SIGINT., Ludovic Courtès, 2022/04/27
    - [bug#54997] [PATCH v2 04/15] linux-container: Ensure signal-handling asyncs get a chance to run., Ludovic Courtès, 2022/04/27
    - [bug#54997] [PATCH v2 02/15] file-systems: Avoid load-time warnings when attempting to load (guix store)., Ludovic Courtès, 2022/04/27
    - [bug#54997] [PATCH v2 12/15] services: wesnothd: Grant write access to /var/run/wesnothd., Ludovic Courtès, 2022/04/27
    - [bug#54997] [PATCH v2 08/15] services: dicod: Use 'make-inetd-constructor'., Ludovic Courtès, 2022/04/27

Prev by Date: [bug#54997] [PATCH 00/12] Add "least authority" program wrapper
Next by Date: [bug#54827] [PATCH 0/1] gnu: Add emacs-cpreproc.
Previous by thread: [bug#54997] [PATCH 04/12] Add (guix least-authority).
Next by thread: [bug#54997] [PATCH 00/12] Add "least authority" program wrapper
Index(es):
- Date
- Thread