Re: Improving Shepherd

[Danny Milosavljevic <dannym@scratchpost.org>]

Hi Carlo,

On Mon, 05 Feb 2018 21:49:08 +1100
Carlo Zancanaro <carlo@zancanaro.id.au> wrote:

> User services - Alex has already sent a patch to the list to allow 
> generating user services from the Guix side. The idea is to 
> generate a Shepherd config file, allowing a user to invoke 
> shepherd manually to start their services.

>A further extension to 
> this would be to have something like systemd's "user sessions", 
> where the pid 1 Shepherd automatically starts a user's services 
> when they log in.

I assume that means "starts a user's shepherd when they log in".

elogind already emits a signal on dbus which tells you when a user logged in

        return sd_bus_emit_signal(
                        u->manager->bus,
                        "/org/freedesktop/login1",
                        "org.freedesktop.login1.Manager",
                        new_user ? "UserNew" : "UserRemoved",
                        "uo", (uint32_t) u->uid, p);

Also, a directory /run/user/<id> appears - which alternatively can be
monitored by inotify or something.

So the system shepherd could have a shepherd service which does

  while (1) {
     wait until /run/user/<id> appears
     vfork
       if child: setuid, exec user shepherd, _exit
       if parent: wait until child dies
  }

We better be sure that no one else can create directories in /run/user .

In non-pseudocode, both "wait until /run/user/<id> appears" and
"wait until child dies" would have to be in the same call,
maybe epoll or something.

Maybe call the service shepherd-nursery-service or something, like a star
nursery :)

> Child process control - this is my personal frustration, where 
> Shepherd loses track of processes that fork away (e.g. "emacs 
> --daemon"). I barely know anything about Linux process management, 
> but from my reading this can be solved through Linux namespaces 
> (if user namespaces are available). Could someone who knows more 
> about this let me know if that's a productive direction for me to 
> investigate? Or tell me a better way to go about it?

User namespaces just present a different set of names to your process
(via VFS) so it looks like a chroot basically.
It does nothing for processes except fake their ids and limit your
overview of them.

You probably want process groups (see setsid(2)) or maybe containers.