summaryrefslogtreecommitdiff
path: root/src/core/socket.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2012-04-13 23:24:47 +0200
committerLennart Poettering <lennart@poettering.net>2012-04-13 23:29:59 +0200
commitecedd90fcdf647f9a7b56b4934b65e30b2979b04 (patch)
tree6e8bc8e509801a7c3801c1e77244df6dec72ac1c /src/core/socket.c
parent3b6d9a7c50bd7217a0ca80d39fd30decbb0c935a (diff)
downloadsystemd-ecedd90fcdf647f9a7b56b4934b65e30b2979b04.tar.gz
service: place control command in subcgroup control/
Previously, we were brutally and onconditionally killing all processes in a service's cgroup before starting the service anew, in order to ensure that StartPre lines cannot be misused to spawn long-running processes. On logind-less systems this has the effect that restarting sshd necessarily calls all active ssh sessions, which is usually not desirable. With this patch control processes for a service are placed in a sub-cgroup called "control/". When starting a service anew we simply kill this cgroup, but not the main cgroup, in order to avoid killing any long-running non-control processes from previous runs. https://bugzilla.redhat.com/show_bug.cgi?id=805942
Diffstat (limited to 'src/core/socket.c')
-rw-r--r--src/core/socket.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/core/socket.c b/src/core/socket.c
index 37a0236156..a439717651 100644
--- a/src/core/socket.c
+++ b/src/core/socket.c
@@ -1150,6 +1150,7 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
UNIT(s)->manager->confirm_spawn,
UNIT(s)->cgroup_bondings,
UNIT(s)->cgroup_attributes,
+ NULL,
&pid);
strv_free(argv);
@@ -1240,7 +1241,8 @@ static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
goto fail;
- if ((r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, pid_set)) < 0) {
+ r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, pid_set, NULL);
+ if (r < 0) {
if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
log_warning("Failed to kill control group: %s", strerror(-r));
} else if (r > 0)
@@ -2127,7 +2129,8 @@ static int socket_kill(Unit *u, KillWho who, KillMode mode, int signo, DBusError
goto finish;
}
- if ((q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, pid_set)) < 0)
+ q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, pid_set, NULL);
+ if (q < 0)
if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
r = q;
}