From owner-freebsd-arch@FreeBSD.ORG Mon Aug 5 03:44:10 2013 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 8F5F0BAD; Mon, 5 Aug 2013 03:44:10 +0000 (UTC) (envelope-from alfred@freebsd.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id 7C934260F; Mon, 5 Aug 2013 03:44:10 +0000 (UTC) Received: from Alfreds-MacBook-Pro-9.local (c-67-180-208-218.hsd1.ca.comcast.net [67.180.208.218]) by elvis.mu.org (Postfix) with ESMTPSA id 5250C1A3C1C; Sun, 4 Aug 2013 20:44:04 -0700 (PDT) Message-ID: <51FF1F82.5050100@freebsd.org> Date: Sun, 04 Aug 2013 20:44:02 -0700 From: Alfred Perlstein User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130620 Thunderbird/17.0.7 MIME-Version: 1.0 To: Jilles Tjoelker Subject: Re: Reliable process tracking References: <20130804134658.GC35080@stack.nl> <20130804102708.36341a8a.trhodes@FreeBSD.org> <20130804164954.GA37887@stack.nl> In-Reply-To: <20130804164954.GA37887@stack.nl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Tom Rhodes , freebsd-arch@freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Aug 2013 03:44:10 -0000 On 8/4/13 9:49 AM, Jilles Tjoelker wrote: > On Sun, Aug 04, 2013 at 10:27:08AM -0400, Tom Rhodes wrote: >> On Sun, 4 Aug 2013 15:46:58 +0200 >> Jilles Tjoelker wrote: >>> When shutting down a service or requesting status, rc.subr currently >>> uses a combination of pidfiles and process names. This is fairly but not >>> completely reliable once it is set up correctly (which can take a lot of >>> work and possibly patching the daemon to use pidfile(3) from our >>> libutil). It is also incapable of killing multiprocess daemons such as >>> CGI web servers without cooperation of the daemon. >>> I think what is needed here is a facility that marks a process and all >>> of its descendants. Removing the mark should be a privileged or at least >>> an unusual operation; no unprivileged function specified by POSIX such >>> as setsid() should do this. >>> [snip] >>> Similar facilities in other operating systems: Linux cgroups, Solaris >>> process contracts. >> There is fscd - it does a lot of what you ask for. In fact, I had >> talked to a few people about bringing it into base but have not >> really figured out how I want to integrate it into rc. > I think fscd complements reliable process tracking; it does not provide > it. Fscd relies on rc.d's status, stop and restart to work and therefore > only works properly if those work properly. > Jilles, very exciting you are looking into this. Have you evaluated Linux's "cgroup" facility? From what I understand, it is a superset of your needs, so maybe taking some parts of it may help? http://en.wikipedia.org/wiki/Cgroups