1 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2 From: Tycho Andersen <tycho@tycho.ws>
3 Date: Wed, 4 Apr 2018 17:45:29 -0600
4 Subject: [PATCH] fix signal sending in lxc.init
6 The problem here is that these two clauses were ordered backwards: we first
7 check if the signal came from not the init pid, and if it did, then we give
8 a notice and return. The comment notes that this is intended to protect
9 against SIGCHLD, but we don't in fact know if the signal is a SIGCHLD yet,
10 because that's tested in the next hunk.
12 The symptom is that if I e.g. send SIGTERM from the outside world to the
13 container init, it ignores it and gives this notice. If we re-order these
14 clauses, it forwards non SIGCHLD signals, and ignores SIGCHLD signals from
15 things that aren't the real container process.
17 Signed-off-by: Tycho Andersen <tycho@tycho.ws>
19 src/lxc/start.c | 12 ++++++------
20 1 file changed, 6 insertions(+), 6 deletions(-)
22 diff --git a/src/lxc/start.c b/src/lxc/start.c
23 index ae13aae9..1982270e 100644
26 @@ -380,6 +380,12 @@ static int signal_handler(int fd, uint32_t events, void *data,
27 return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
30 + if (siginfo.ssi_signo != SIGCHLD) {
31 + kill(hdlr->pid, siginfo.ssi_signo);
32 + INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid);
33 + return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
36 /* More robustness, protect ourself from a SIGCHLD sent
37 * by a process different from the container init.
39 @@ -389,12 +395,6 @@ static int signal_handler(int fd, uint32_t events, void *data,
40 return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
43 - if (siginfo.ssi_signo != SIGCHLD) {
44 - kill(hdlr->pid, siginfo.ssi_signo);
45 - INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid);
46 - return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
49 if (siginfo.ssi_code == CLD_STOPPED) {
50 INFO("Container init process was stopped");
51 return hdlr->init_died ? LXC_MAINLOOP_CLOSE : 0;
projects / lxc.git / blob