[lxc-devel] [lxc/master] Sigterm handling

tych0 on Github lxc-bot at linuxcontainers.org
Mon Feb 5 14:20:48 UTC 2018 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 334 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180205/2b4ae548/attachment.bin>
-------------- next part --------------
From d4b5d7a8b418a14f6f97bc00df9b529eb09ea4f8 Mon Sep 17 00:00:00 2001
From: Tycho Andersen <tycho at tycho.ws>
Date: Mon, 5 Feb 2018 14:17:48 +0000
Subject: [PATCH 1/2] monitor: send SIGTERM to the container when SIGHUP is
 received

For the ->execute() case, we want to make sure the application dies when
SIGHUP is received. The next patch will ignore SIGHUP in the lxc monitor,
because tasks inside the container send SIGHUP to init to have it reload
its config sometimes, and we don't want to do that with init.lxc, since it
might actually kill the container if it forwards SIGHUP to the child and
the child can't handle it.

Signed-off-by: Tycho Andersen <tycho at tycho.ws>
---
 src/lxc/start.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/lxc/start.c b/src/lxc/start.c
index d79fbe239..ab928a91d 100644
--- a/src/lxc/start.c
+++ b/src/lxc/start.c
@@ -345,6 +345,12 @@ static int signal_handler(int fd, uint32_t events, void *data,
 		}
 	}
 
+	if (siginfo.ssi_signo == SIGHUP) {
+		kill(hdlr->pid, SIGTERM);
+		INFO("Killing %d since terminal hung up", hdlr->pid);
+		return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
+	}
+
 	/* More robustness, protect ourself from a SIGCHLD sent
 	 * by a process different from the container init.
 	 */

From 186dfb166aeddb92ef2e52a3bcad17ae05fa2030 Mon Sep 17 00:00:00 2001
From: Tycho Andersen <tycho at tycho.ws>
Date: Mon, 5 Feb 2018 14:19:25 +0000
Subject: [PATCH 2/2] lxc.init: ignore SIGHUP

see comment for details.

Signed-off-by: Tycho Andersen <tycho at tycho.ws>
---
 src/lxc/lxc_init.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/lxc/lxc_init.c b/src/lxc/lxc_init.c
index 594b00094..ff78eadd0 100644
--- a/src/lxc/lxc_init.c
+++ b/src/lxc/lxc_init.c
@@ -382,6 +382,17 @@ int main(int argc, char *argv[])
 
 		switch (was_interrupted) {
 		case 0:
+		/* Some applications send SIGHUP in order to get init to reload
+		 * its configuration. We don't want to forward this onto the
+		 * application itself, because it probably isn't expecting this
+		 * signal since it was expecting init to do something with it.
+		 *
+		 * Instead, let's explicitly ignore it here. The actual
+		 * terminal case is handled in the monitor's handler, which
+		 * sends this task a SIGTERM in the case of a SIGHUP, which is
+		 * what we want.
+		 */
+		case SIGHUP:
 			break;
 		case SIGPWR:
 		case SIGTERM:

More information about the lxc-devel mailing list