From: Alexander Kjeldaas <ak@formalprivacy.com>
To: Eelco Dolstra <eelco.dolstra@logicblox.com>
Cc: guix-devel <guix-devel@gnu.org>, "Ludovic Courtès" <ludo@gnu.org>,
nix-dev <nix-dev@lists.science.uu.nl>
Subject: Re: Avoiding threads in the daemon
Date: Sat, 20 Dec 2014 01:11:47 +0100 [thread overview]
Message-ID: <CAHVSqQe9LuK5T6gZF9ap9Fre+0YMKZDQQuU=Oa-=2GOx9wAgHw@mail.gmail.com> (raw)
In-Reply-To: <54946C7A.9020804@logicblox.com>
[-- Attachment #1.1: Type: text/plain, Size: 1611 bytes --]
On Fri, Dec 19, 2014 at 7:20 PM, Eelco Dolstra <eelco.dolstra@logicblox.com>
wrote:
> Hi,
>
> On 18/12/14 17:32, Ludovic Courtès wrote:
>
> > Thus, I think Nix commit 49fe95 (which introduces monitor-fd.hh, which
> > uses std::thread just for convenience) should be reverted, along with
> > the subsequent commits to that file; then commit 524f89 can be reverted.
>
> I really don't want to get rid of threads because they're useful and I
> want to
> use them more in the future (e.g. build.cc would be much simpler if it used
> threads rather than the current event-driven approach; nix-daemon could
> handle
> client connections with a thread rather than a process; etc.).
>
> I see a few ways to get PID namespaces back:
>
> * Do a regular fork followed by clone(... | CLONE_NEWPID | CLONE_PARENT)
> (after
> which the intermediate process can exit).
>
> * Call setuid/setgid via syscall() to bypass the locking in the Glibc
> wrappers.
> However, there might be other problematic functions so this is not a great
> solution.
>
> * Get the Glibc folks to provide a way to run at-fork handlers with
> clone().
>
> Clearly the first option is the easiest.
>
>
There is a 4th solution - use a fork()-service. What you do is you fork() a
specific child, the fork()-service, when you start your process, before any
mutex is held and while you control the full state of your program. You
then communicate with this service using pipes, or your favorite IPC
mechanism. The fork()-service never starts any thread, and can safely fork
off any child you need.
Alexander
[-- Attachment #1.2: Type: text/html, Size: 2073 bytes --]
[-- Attachment #2: Type: text/plain, Size: 149 bytes --]
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
next prev parent reply other threads:[~2014-12-20 0:11 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-18 16:32 Avoiding threads in the daemon Ludovic Courtès
2014-12-19 18:20 ` Eelco Dolstra
2014-12-19 18:41 ` Shea Levy
2014-12-19 18:46 ` Eelco Dolstra
2014-12-19 21:31 ` Ludovic Courtès
2014-12-19 21:36 ` Luca Bruno
2014-12-20 0:11 ` Alexander Kjeldaas [this message]
2014-12-23 16:26 ` Eelco Dolstra
2014-12-26 22:02 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHVSqQe9LuK5T6gZF9ap9Fre+0YMKZDQQuU=Oa-=2GOx9wAgHw@mail.gmail.com' \
--to=ak@formalprivacy.com \
--cc=eelco.dolstra@logicblox.com \
--cc=guix-devel@gnu.org \
--cc=ludo@gnu.org \
--cc=nix-dev@lists.science.uu.nl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).