Date: Wed, 24 Jun 2009 17:38:26 -0400 From: Michael Scheidell <scheidell@secnap.net> To: freebsd-jail@FreeBSD.org Subject: tracking down problem: kill won't inside a jail Message-ID: <4A429CD2.3030302@secnap.net>
next in thread | raw e-mail | index | archive | help
I am tracking down a problem, inside a 7.1 amd64 jail, kill won't work
(default -TERM) kill -QUIT does.
outside of jail, TERM works fine on same box, and I have verified that
same binaries and libraries are in use (i think)
newly created 7.1 amd64 jails (used ezjail.. don't know if they has any
issues)
/etc/rc.d/cron stop won't (that is just the symptoms I have been able to
track down). hardly anything will stop with TERM.
by default, rc.subr (and kill) uses SIGTERM, so I do a:
/etc/rc.d/cron stop
and I get (60 seconds of this:
/etc/rc.d/cron stop
Stopping cron.
Waiting for PIDS: 98104, 98104, 98104, 98104
(so, of course, if you reboot the system, and have 15 jails, all with
cron, none of the stop, and it times out)
going to another tty and typeing:
kill 98104
doen't help
kill -TERM 98104 doesn't help
state is:
ps -auxwwp 98104
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 98104 0.0 0.0 6692 1228 ?? SsJ 5:20PM 0:00.01
/usr/sbin/cron -s
ps -auxwwp 98104
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 98104 0.0 0.0 6692 1228 ?? IsJ 5:20PM 0:00.01
/usr/sbin/cron -s
kill -QUIT 98104 does! (so does INT,
again, inside jail, I need SIGQUIT, or INT outside, default TERM works
also, /etc/rc.d/cron start && sleep 2 && /etc/rc.d/cron stop seems to work
but sleep 60 seconds or more and it doesn't stop anymore.
outside jail, cron ps looks like this:
ps -auxwwp 98197
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 98197 0.0 0.0 6692 1116 ?? Is 5:21PM 0:00.01
/usr/sbin/cron -s
inside: (I guess the J means in jail?
root 98104 0.0 0.0 6692 1228 ?? SsJ 5:20PM 0:00.01
/usr/sbin/cron -s
ps -auxwwp 98104
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 98104 0.0 0.0 6692 1228 ?? IsJ 5:20PM 0:00.01
/usr/sbin/cron -s
where do I start looking?
id hate to put hundreds of /etc/rc.conf.d files with sigstop=SIGQUIT in
just to workaround it.
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
_________________________________________________________________________
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A429CD2.3030302>