process: Prevent NetNSProcess alive forever after SIGKILL
NetNSProcess are run in the following process tree: osmo-gsm-tester -> sudo -> bash (osmo-gsm-tester_netns_exec.sh) -> tcpdump. Lots of osmo-gsm-tester_netns_exec.sh scripts with tcpdump child process were spotted in prod setup of osmo-gsm-tester. Apparently that happens because sometimes tcpdump doesn't get killed in time with SIGTERM and SIGINT, and as a result SIGKILL is sent by osmo-gsm-tester as usual termination procedure. When SIGKILL is sent, the parent sudo process is instantly killed without possibility to forward the signal to its children, leaving the bash script and tcpdump alive. In order to fix it, catch SIGKILL for this process class and send instead SIGUSR1. Then, modify the script under sudo to handle SIGUSR1 as if it was a SIGKILL towards its children to make sure child process in the netns terminates. Change-Id: I2bf389c47bbbd75f46af413e7ba897be5be386e1
This commit is contained in:
parent
17a4ed9029
commit
e159cd206d
|
|
@ -363,6 +363,11 @@ class NetNSProcess(Process):
|
|||
# HACK: Since we run under sudo, only way to kill root-owned process is to kill as root...
|
||||
# This function is overwritten from Process.
|
||||
def send_signal(self, sig):
|
||||
if sig == signal.SIGKILL:
|
||||
# if we kill sudo, its children (bash running NETNS_EXEC_BIN +
|
||||
# tcpdump under it) are kept alive. Let's instead tell the script to
|
||||
# kill tcpdump:
|
||||
sig = signal.SIGUSR1
|
||||
kill_cmd = ('kill', '-%d' % int(sig), str(self.process_obj.pid))
|
||||
run_local_netns_sync(self.run_dir, self.name()+"-kill"+str(sig), self.netns, kill_cmd)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,41 @@
|
|||
#!/bin/bash
|
||||
netns="$1"
|
||||
shift
|
||||
|
||||
child_ps=0
|
||||
forward_kill() {
|
||||
sig="$1"
|
||||
echo "Caught signal SIG$sig!"
|
||||
if [ "$child_ps" != "0" ]; then
|
||||
echo "Killing $child_ps with SIG$sig!"
|
||||
kill -SIG${sig} $child_ps
|
||||
else
|
||||
exit 0
|
||||
fi
|
||||
}
|
||||
forward_kill_int() {
|
||||
forward_kill "INT"
|
||||
}
|
||||
forward_kill_term() {
|
||||
forward_kill "TERM"
|
||||
}
|
||||
forward_kill_usr1() {
|
||||
# Special signal received from osmo-gsm-tester to tell child to SIGKILL
|
||||
echo "Converting SIGUSR1->SIGKILL"
|
||||
forward_kill "KILL"
|
||||
}
|
||||
# Don't use 'set -e', otherwise traps are not triggered!
|
||||
trap forward_kill_int INT
|
||||
trap forward_kill_term TERM
|
||||
trap forward_kill_usr1 USR1
|
||||
|
||||
#TODO: Later on I may want to call myself with specific ENV and calling sudo in order to run inside the netns but with dropped privileges
|
||||
ip netns exec $netns "$@"
|
||||
ip netns exec $netns "$@" &
|
||||
child_ps=$!
|
||||
|
||||
echo "$$: waiting for $child_ps"
|
||||
wait "$child_ps"
|
||||
child_exit_code="$?"
|
||||
echo "child exited with $child_exit_code"
|
||||
|
||||
exit $child_exit_code
|
||||
|
|
|
|||
Loading…
Reference in New Issue