shepherd: Unblock signals in the child process.

Fixes <https://bugs.gnu.org/41791>. Reported by Tobias Geerinckx-Rice <me@tobias.gr>. This change mirrors changes made in the Shepherd 0.8.1, where signals are blocked in the shepherd process in support of 'signalfd'. The regression was introduced with the switch to 0.8.1 in 3f9c62d1a8b345909adaeb22f454ad22554c55a1: child processes would not receive SIGTERM upon 'herd stop SERVICE'. * gnu/build/shepherd.scm <top level>: Autoload (shepherd system). (make-forkexec-constructor/container): Call call to 'sigaction' and 'unblock-signals'.
2020-06-11 23:51:44 +02:00 · 2020-06-11 23:51:44 +02:00 · b6b95685d0
parent 648ae62112
commit b6b95685d0
1 changed files with 14 additions and 2 deletions
--- a/gnu/build/shepherd.scm
+++ b/gnu/build/shepherd.scm
@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@ -21,6 +21,7 @@ (define-module (gnu build shepherd)
  #:use-module (gnu build linux-container)
  #:use-module (guix build utils)
  #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-26)
  #:use-module (ice-9 match)
  #:export (make-forkexec-constructor/container))

@ -91,7 +92,10 @@ (define accounts

 ;; XXX: Lazy-bind the Shepherd to avoid a compile-time dependency.
 (module-autoload! (current-module)
-                  '(shepherd service) '(read-pid-file exec-command))
+                  '(shepherd service)
+                  '(read-pid-file exec-command %precious-signals))
+(module-autoload! (current-module)
+                  '(shepherd system) '(unblock-signals))

 (define* (read-pid-file/container pid pid-file #:key (max-delay 5))
  "Read PID-FILE in the container namespaces of PID, which exists in a
@ -158,6 +162,14 @@ (define mounts
    (let ((pid (run-container container-directory
                              mounts namespaces 1
                              (lambda ()
+                                ;; First restore the default handlers.
+                                (for-each (cut sigaction <> SIG_DFL)
+                                          %precious-signals)
+
+                                ;; Unblock any signals that have been blocked
+                                ;; by the parent process.
+                                (unblock-signals %precious-signals)
+
                                (mkdir-p "/var/run")
                                (clean-up pid-file)