From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id mnXVGZhWaGJdWwAAbAwnHQ (envelope-from ) for ; Tue, 26 Apr 2022 22:31:20 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id QLy+F5hWaGLSKQEAG6o9tA (envelope-from ) for ; Tue, 26 Apr 2022 22:31:20 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 0ABB1389F6 for ; Tue, 26 Apr 2022 22:31:19 +0200 (CEST) Received: from localhost ([::1]:57946 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1njRqB-0005Dp-2f for larch@yhetil.org; Tue, 26 Apr 2022 16:31:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46118) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1njRpv-0004tP-2A for guix-patches@gnu.org; Tue, 26 Apr 2022 16:31:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:46735) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1njRpu-00021D-L3 for guix-patches@gnu.org; Tue, 26 Apr 2022 16:31:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1njRpu-000060-FS for guix-patches@gnu.org; Tue, 26 Apr 2022 16:31:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#54997] [PATCH 00/12] Add "least authority" program wrapper Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 26 Apr 2022 20:31:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 54997 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Thiago Jung Bauermann Cc: 54997@debbugs.gnu.org Received: via spool by 54997-submit@debbugs.gnu.org id=B54997.1651005058358 (code B ref 54997); Tue, 26 Apr 2022 20:31:02 +0000 Received: (at 54997) by debbugs.gnu.org; 26 Apr 2022 20:30:58 +0000 Received: from localhost ([127.0.0.1]:40632 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1njRpp-00005f-Tk for submit@debbugs.gnu.org; Tue, 26 Apr 2022 16:30:58 -0400 Received: from eggs.gnu.org ([209.51.188.92]:52726) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1njRpn-00005J-Tk for 54997@debbugs.gnu.org; Tue, 26 Apr 2022 16:30:56 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:40286) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1njRpi-0001tV-4X; Tue, 26 Apr 2022 16:30:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To: From; bh=8gnKYy43UuDSnx9b9nemxvlNyZvrY0eErZIIx0QKF9Q=; b=bqPY+XDEB10d/pwjbjC5 XyomJPI4YkyuZFBl7OfDmOkpKyigAPyK1dzrdRbPFlMBckwL6FIPXVVNj+xmwJyG52P1DAwHUxrbW 5NeP+kusHtdT8trwmkjNNhBX7uM3zIEKHtwncN6I8wx+mwOh9wXDd4Ggb9BGski/qf8kKUeEpZ56Y vMJGBP68l3tfgZV6zxCXEARxODDM8eMfWBDCFypf3rT4q+Mu/43fEjoCUKn+sgllgFe0X/fL/Imhi o9Rbu5K2BzIo0CHtOLzwsKPe1JqX7WPHD/YQIT0Ti4aziEy1Y6SEslT3xbqrEM0ZMtqYqqIqZrt9I ofareUh4LSoA9g==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:51529 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1njRph-0001CT-KZ; Tue, 26 Apr 2022 16:30:49 -0400 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= References: <20220417210453.27884-1-ludo@gnu.org> <20220417210453.27884-4-ludo@gnu.org> <87h76klv6j.fsf@kolabnow.com> Date: Tue, 26 Apr 2022 22:30:47 +0200 In-Reply-To: <87h76klv6j.fsf@kolabnow.com> (Thiago Jung Bauermann's message of "Fri, 22 Apr 2022 17:10:19 -0300") Message-ID: <87o80nk2o8.fsf_-_@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1651005080; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=8gnKYy43UuDSnx9b9nemxvlNyZvrY0eErZIIx0QKF9Q=; b=m6HpZqMCwY/xNbBzLIulH2MyMWz6KvOeAX9ykc2Br6pEXfQDb0eob8GN40MnY0hkUGgi4Y G58WIWp5/zfwrAYS2InwL+hf/udPd3bor2Vs+OMb/OckOj3oPyF0KfCMOCIOIXpehEulm1 zM5ea9gE3cgmjyFgwWFuFAl38YZleKyOCligdY/3BspfXPELUouBsR7cbSLyuJtBxAVXAw 7w7/E5OEDF6FlwmbCIYk0cfH2+xjNBbJCPQ56XUnjClIq1IrGt2p5bqkPY5RhBOeKQ0huF TpRrIL9yUZrug5cNWYSvbZrZvNmpjlp8/ZCoWMLpgC6TpBODMduJLAfaPme3Fw== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1651005080; a=rsa-sha256; cv=none; b=VtFrlv3eaCIWs3QwGIoAyypPmd/yH8XbKJ+cvc42ntS4tiT8AGBpWF13lrFXytgoCrumc1 bTqXO6boPfeQIB619vdUtxl/rjDy/jMhSY1kuuEmlo4XQgzioJ4Hd6Yqg9jiW7HT2xVU1S C1i7kzdjI2sNSWPq5CqslidXWfPYE4XDxs2HUjSl5iBzW3psYDX2thS/SRWugW0y0E1KzH l0yuY6qKH015GaFm+9tngl/XJGbQLp1DjnWQxW4u87hysH4udRgYZqrM6rhTYCewh81Qn/ dVoQc3C1m6vq8BonRaik8wFtcRnp/dEUS23lPnicq86m9dSdyWzyGl5dsyz2Cw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=bqPY+XDE; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -3.91 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gnu.org header.s=fencepost-gnu-org header.b=bqPY+XDE; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 0ABB1389F6 X-Spam-Score: -3.91 X-Migadu-Scanner: scn1.migadu.com X-TUID: drnqzOq3S0MA Hi! Thiago Jung Bauermann skribis: > I'm a bit concerned about running arbitrary commands as PID 1 of process > namespaces. A process running as PID 1 (even in a child namespace) is a > special case and is treated differently by the Linux kernel than any > other process, so it needs to be a program that has been designed to > work in that situation. There are two differences from regular > processes: > > 1. PID 1 inherits orphan processes and needs to wait() on them when they > quit, in order to avoid accumulating zombie processes in the system. > > 2. Unlike regular processes, PID 1 doesn't have default signal handlers. Good points. > Both of these aspects are described in more detail here: > > https://github.com/krallin/tini/issues/8#issuecomment-146135930 > > So to avoid an accumulation of zombie processes and other signal-related > problems, I suggest adding a =E2=80=9C(init-program ,tini)=E2=80=9D param= eter to > =E2=80=98least-authority-wrapper=E2=80=99 and executing =E2=80=98program= =E2=80=99 as a subprocess of > =E2=80=98tini=E2=80=99 or whatever was passed as the #:init-program (perh= aps #f could > mean running =E2=80=98program=E2=80=99 directly as PID 1). Hmm yes. It=E2=80=99s not great that the choice is between =E2=80=98unshar= e=E2=80=99=E2=80=94efficient but the process lives in the parent PID namespace=E2=80=94and =E2=80=98clon= e=E2=80=99=E2=80=94but then you have to fork twice. But yeah, you=E2=80=99re right. I=E2=80=99ll try what you suggest and send= a v2. > I mention this because I'm currently dealing with a problem that has > exactly this root cause: I'm working on updating the public-inbox > package to the latest version, and the testsuite is failing because it > tests that lei's daemon process is correctly terminated. But that > doesn't work because =E2=80=9Cguix build=E2=80=9D doesn't use a proper in= it program as > PID 1 and thus the daemon process goes to zombie state and the testsuite > thinks that it didn't go away. I'm hoping to send a patch to fix that > issue. Now that you mention it, this was discussed before: https://issues.guix.gnu.org/30948 I think we should do something about it in gnu-build-system.scm. Thanks for your feedback! Ludo=E2=80=99.