From owner-svn-src-all@freebsd.org Fri Nov 15 07:01:07 2019 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 900421BE58D; Fri, 15 Nov 2019 07:01:07 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 47Dq4z3LZxz4fTP; Fri, 15 Nov 2019 07:01:07 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 55F41D1A4; Fri, 15 Nov 2019 07:01:07 +0000 (UTC) (envelope-from avg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id xAF717D9071518; Fri, 15 Nov 2019 07:01:07 GMT (envelope-from avg@FreeBSD.org) Received: (from avg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id xAF714pR071505; Fri, 15 Nov 2019 07:01:04 GMT (envelope-from avg@FreeBSD.org) Message-Id: <201911150701.xAF714pR071505@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: avg set sender to avg@FreeBSD.org using -f From: Andriy Gapon Date: Fri, 15 Nov 2019 07:01:04 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-12@freebsd.org Subject: svn commit: r354725 - in stable/12: libexec/rc libexec/rc/rc.d sbin/init share/examples/jails share/man/man5 share/man/man8 usr.sbin/jail X-SVN-Group: stable-12 X-SVN-Commit-Author: avg X-SVN-Commit-Paths: in stable/12: libexec/rc libexec/rc/rc.d sbin/init share/examples/jails share/man/man5 share/man/man8 usr.sbin/jail X-SVN-Commit-Revision: 354725 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Nov 2019 07:01:07 -0000 Author: avg Date: Fri Nov 15 07:01:04 2019 New Revision: 354725 URL: https://svnweb.freebsd.org/changeset/base/354725 Log: MFC r353039: add ability to set watchdog timeout for a shutdown This change allows to specify a watchdog(9) timeout for a system shutdown. The timeout is activated when the watchdogd daemon is stopped. The idea is to a prevent any indefinite hang during late stages of the shutdown. The feature is implemented in rc.d/watchdogd, it builds upon watchdogd -x option. Note that the shutdown timeout is not actiavted when the watchdogd service is individually stopped by an operator. It is also not activated for the 'shutdown' to the single-user mode. In those cases it is assumed that the operator knows what they are doing and they have means to recover the system should it hang. Significant subchanges and implementation details: - the argument to rc.shutdown, completely unused before, is assigned to rc_shutdown variable that can be inspected by rc scripts - init(8) passes "single" or "reboot" as the argument, this is not changed - the argument is not mandatory and if it is not set then rc_shutdown is set to "unspecified" - however, the default jail management scripts and jail configuration examples have been updated to pass "jail" to rc.shutdown, just in case - the new timeout can be set via watchdogd_shutdown_timeout rc option - for consistency, the regular timeout can now be set via watchdogd_timeout rc option - watchdogd_shutdown_timeout and watchdogd_timeout override timeout specifications in watchdogd_flags - existing configurations, where the new rc options are not set, should keep working as before Modified: stable/12/libexec/rc/rc.conf stable/12/libexec/rc/rc.d/jail stable/12/libexec/rc/rc.d/watchdogd stable/12/libexec/rc/rc.shutdown stable/12/sbin/init/init.8 stable/12/share/examples/jails/jail.xxx.conf stable/12/share/examples/jails/jib stable/12/share/examples/jails/jng stable/12/share/man/man5/rc.conf.5 stable/12/share/man/man8/rc.8 stable/12/usr.sbin/jail/jail.8 stable/12/usr.sbin/jail/jail.conf.5 Directory Properties: stable/12/ (props changed) Modified: stable/12/libexec/rc/rc.conf ============================================================================== --- stable/12/libexec/rc/rc.conf Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/libexec/rc/rc.conf Fri Nov 15 07:01:04 2019 (r354725) @@ -683,6 +683,10 @@ harvest_mask="511" # Entropy device harvests all but t dmesg_enable="YES" # Save dmesg(8) to /var/run/dmesg.boot watchdogd_enable="NO" # Start the software watchdog daemon watchdogd_flags="" # Flags to watchdogd (if enabled) +watchdogd_timeout="" # watchdogd timeout, overrides -t in watchdogd_flags +watchdogd_shutdown_timeout="" # Timeout to use after watchdogd is stopped. + # Has effect only for system shutdown. + # Overrides -x in watchdogd_flags. devfs_rulesets="/etc/defaults/devfs.rules /etc/devfs.rules" # Files containing # devfs(8) rules. devfs_system_ruleset="" # The name (NOT number) of a ruleset to apply to /dev Modified: stable/12/libexec/rc/rc.d/jail ============================================================================== --- stable/12/libexec/rc/rc.d/jail Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/libexec/rc/rc.d/jail Fri Nov 15 07:01:04 2019 (r354725) @@ -168,7 +168,7 @@ parse_options() if [ -z "${_exec_start}" ]; then _exec_start="/bin/sh /etc/rc" if [ -z "${_exec_stop}" ]; then - _exec_stop="/bin/sh /etc/rc.shutdown" + _exec_stop="/bin/sh /etc/rc.shutdown jail" fi fi fi Modified: stable/12/libexec/rc/rc.d/watchdogd ============================================================================== --- stable/12/libexec/rc/rc.d/watchdogd Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/libexec/rc/rc.d/watchdogd Fri Nov 15 07:01:04 2019 (r354725) @@ -38,9 +38,55 @@ desc="Watchdog daemon" rcvar="watchdogd_enable" command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" +start_precmd="watchdogd_prestart" +stop_precmd="watchdogd_prestop" +stop_postcmd="watchdogd_poststop" +watchdog_command="/usr/sbin/watchdog" -load_rc_config $name +watchdogd_prestart() +{ + if [ -n "${watchdogd_timeout}" ] ; then + rc_flags="${rc_flags} -t ${watchdogd_timeout}" + fi + if [ -n "$watchdogd_shutdown_timeout" ] ; then + rc_flags="${rc_flags} -x ${watchdogd_shutdown_timeout}" + fi + return 0 +} -sig_stop="${watchdogd_sig_stop:-TERM}" +watchdogd_prestop() +{ + sig_stop="${watchdogd_sig_stop:-TERM}" +} +watchdogd_poststop() +{ + if [ ${watchdogd_shutdown_timeout:-0} -gt 0 ] ; then + case "${rc_shutdown}" in + "reboot") + info "watchdog timer is set to" \ + ${watchdogd_shutdown_timeout} "before shutdown" + return 0 + ;; + "single") + info "watchdog timer is disabled before going to" \ + "single user mode" + ${watchdog_command} -t 0 + ;; + "") + info "watchdog timer is disabled after administrative" \ + "${name} stop" + ${watchdog_command} -t 0 + ;; + *) + warn "unknown shutdown mode '${rc_shutdown}'" + warn "watchdog timer is set to ${watchdogd_shutdown_timeout}" + return 0 + ;; + esac + fi + return 0 +} + +load_rc_config $name run_rc_command "$1" Modified: stable/12/libexec/rc/rc.shutdown ============================================================================== --- stable/12/libexec/rc/rc.shutdown Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/libexec/rc/rc.shutdown Fri Nov 15 07:01:04 2019 (r354725) @@ -43,6 +43,8 @@ HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin export HOME PATH +rc_shutdown=${1:-"unspecified"} + . /etc/rc.subr load_rc_config Modified: stable/12/sbin/init/init.8 ============================================================================== --- stable/12/sbin/init/init.8 Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/sbin/init/init.8 Fri Nov 15 07:01:04 2019 (r354725) @@ -31,7 +31,7 @@ .\" @(#)init.8 8.3 (Berkeley) 4/18/94 .\" $FreeBSD$ .\" -.Dd August 15, 2018 +.Dd August 6, 2019 .Dt INIT 8 .Os .Sh NAME @@ -269,6 +269,15 @@ The timeout can be configured via the .Xr sysctl 8 variable .Va kern.init_shutdown_timeout . +.Pp +.Nm init +passes +.Dq Li single +as the argument to the shutdown script if return to single-user mode +is requested. +Otherwise, +.Dq Li reboot +argument is used. .Pp The role of .Nm Modified: stable/12/share/examples/jails/jail.xxx.conf ============================================================================== --- stable/12/share/examples/jails/jail.xxx.conf Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/share/examples/jails/jail.xxx.conf Fri Nov 15 07:01:04 2019 (r354725) @@ -23,7 +23,7 @@ xxx { # Standard recipe exec.start += "/bin/sh /etc/rc"; - exec.stop = "/bin/sh /etc/rc.shutdown"; + exec.stop = "/bin/sh /etc/rc.shutdown jail"; exec.consolelog = "/var/log/jail_xxx_console.log"; mount.devfs; # mount devfs Modified: stable/12/share/examples/jails/jib ============================================================================== --- stable/12/share/examples/jails/jib Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/share/examples/jails/jib Fri Nov 15 07:01:04 2019 (r354725) @@ -67,7 +67,7 @@ # # # Standard recipe # exec.start += "/bin/sh /etc/rc"; -# exec.stop = "/bin/sh /etc/rc.shutdown"; +# exec.stop = "/bin/sh /etc/rc.shutdown jail"; # exec.consolelog = "/var/log/jail_xxx_console.log"; # mount.devfs; # Modified: stable/12/share/examples/jails/jng ============================================================================== --- stable/12/share/examples/jails/jng Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/share/examples/jails/jng Fri Nov 15 07:01:04 2019 (r354725) @@ -67,7 +67,7 @@ # # # Standard recipe # exec.start += "/bin/sh /etc/rc"; -# exec.stop = "/bin/sh /etc/rc.shutdown"; +# exec.stop = "/bin/sh /etc/rc.shutdown jail"; # exec.consolelog = "/var/log/jail_xxx_console.log"; # mount.devfs; # Modified: stable/12/share/man/man5/rc.conf.5 ============================================================================== --- stable/12/share/man/man5/rc.conf.5 Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/share/man/man5/rc.conf.5 Fri Nov 15 07:01:04 2019 (r354725) @@ -3753,6 +3753,41 @@ is set to these are the flags passed to the .Xr watchdogd 8 daemon. +.It Va watchdogd_timeout +.Pq Vt int +If +.Va watchdogd_enable +is set to +.Dq Li YES , +this is a timeout that will be used by the +.Xr watchdogd 8 +daemon. +If this option is set, it overrides +.Fl t +in +.Va watchdogd_flags . +.It Va watchdogd_shutdown_timeout +.Pq Vt int +If +.Va watchdogd_enable +is set to +.Dq Li YES , +this is a timeout that will be set by the +.Xr watchdogd 8 +daemon when it exits during the system shutdown. +This timeout will not be set when returning to the single-user mode +or when the watchdogd service is stopped individually using the +.Xr service 8 +command or the rc.d script. +Note that the timeout will be applied if +.Xr watchdogd 8 +is stopped outside of +.Xr rc 8 +framework. +If this option is set, it overrides +.Fl x +in +.Va watchdogd_flags . .It Va devfs_rulesets .Pq Vt str List of files containing sets of rules for Modified: stable/12/share/man/man8/rc.8 ============================================================================== --- stable/12/share/man/man8/rc.8 Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/share/man/man8/rc.8 Fri Nov 15 07:01:04 2019 (r354725) @@ -189,6 +189,14 @@ also exists (because it was created by a script), then .Ss Operation of Nm rc.shutdown .Bl -enum .It +Set +.Va rc_shutdown +to the value of the first argument passed to +.Nm rc.shutdown +or to +.Dq Li unspecified +if no argument was passed. +.It Source .Pa /etc/rc.subr to load various Modified: stable/12/usr.sbin/jail/jail.8 ============================================================================== --- stable/12/usr.sbin/jail/jail.8 Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/usr.sbin/jail/jail.8 Fri Nov 15 07:01:04 2019 (r354725) @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 27, 2018 +.Dd August 6, 2019 .Dt JAIL 8 .Os .Sh NAME @@ -679,7 +679,7 @@ A value of .Dq inherit will keep the same environment, and .Dq new -will give the jail it's own environment (still originally inherited when +will give the jail its own environment (still originally inherited when the jail is created). .It Va linux.osname , linux.osrelease , linux.oss_version The Linux OS name, OS release, and OSS version associated with this jail. @@ -752,7 +752,7 @@ and after any .Va exec.prestop commands have completed. A typical command to run is -.Dq sh /etc/rc.shutdown . +.Dq sh /etc/rc.shutdown jail . .It Va exec.poststop Command(s) to run in the system environment after a jail is removed. .It Va exec.clean @@ -1101,7 +1101,7 @@ testjail { ip4.addr = 192.0.2.100; interface = ed0; exec.start = "/bin/sh /etc/rc"; - exec.stop = "/bin/sh /etc/rc.shutdown"; + exec.stop = "/bin/sh /etc/rc.shutdown jail"; } .Ed .Pp Modified: stable/12/usr.sbin/jail/jail.conf.5 ============================================================================== --- stable/12/usr.sbin/jail/jail.conf.5 Fri Nov 15 06:56:25 2019 (r354724) +++ stable/12/usr.sbin/jail/jail.conf.5 Fri Nov 15 07:01:04 2019 (r354725) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 13, 2014 +.Dd August 6, 2019 .Dt JAIL.CONF 5 .Os .Sh NAME @@ -182,7 +182,7 @@ in the middle of a string or a token. # Typical static defaults: # Use the rc scripts to start and stop jails. Mount jail's /dev. exec.start = "/bin/sh /etc/rc"; -exec.stop = "/bin/sh /etc/rc.shutdown"; +exec.stop = "/bin/sh /etc/rc.shutdown jail"; exec.clean; mount.devfs;