Configure buggy systemd service to terminate via SIGKILL

linux service systemd signals
7,707

Solution 1

systemd already supports this out of the box, and it is enabled by default.

The only thing you might want to customize is the timeout, which you can do with TimeoutStopSec=. For example:

[Service]
TimeoutStopSec=2

Now, systemd will send a SIGTERM, wait two seconds for the service to exit, and if it doesn't, it will send a SIGKILL.

If your service is not systemd-aware, you may need to provide the path to its PID file with PIDFile=.

Finally, you mentioned that your daemon spawns many processes. In this case, you might wish to set KillMode=control-group and systemd will send signals to all of the processes in the cgroup.

Solution 2

Since nobody mentioned needing Type=oneshot, here's a complete example which exits because of a timeout failure.

[Unit]
Description=timeout test

[Service]
Type=oneshot
TimeoutStartSec=2
ExecStart=/bin/sleep 10
Share:
7,707

Related videos on Youtube

Cloud
Author by

Cloud

Updated on September 18, 2022

Comments

  • Cloud
    Cloud over 1 year

    Background

    I've been asked to create a systemd script for a new service, foo_daemon, that sometimes gets into a "bad state", and won't die via SIGTERM (likely due to custom signal handler). This is problematic for developers, as they are instructed to start/stop/restart the service via:

    • systemctl start foo_daemon.service
    • systemctl stop foo_daemon.service
    • systemctl restart foo_daemon.service

    Problem

    Sometimes, due to foo_daemon getting into a bad state, we have to forcibly kill it via:

    • systemctl kill -s KILL foo_daemon.service

    Question

    How can I setup my systemd script for foo_daemon so that, whenever a user attempts to stop/restart the service, systemd will:

    • Attempt a graceful shutdown of foo_daemon via SIGTERM.
    • Give up to 2 seconds for shutdown/termination of foo_daemon to complete.
    • Attempt a forced shutdown of foo_daemon via SIGKILL if the process is still alive (so we don't have a risk of the PID being recycled and systemd issues SIGKILL against the wrong PID). The device we're testing spawns/forks numerous processes rapidly, so there is a rare but very real concern about PID recycling causing a problem.
    • If, in practise, I'm just being paranoid about PID recycling, I'm OK with the script just issuing SIGKILL against the process' PID without being concerned about killing a recycled PID.
    • user1686
      user1686 over 5 years
      Even if you spawn processes rapidly enough to roll over 4 million PIDs in two seconds, systemd does not sit in a loop checking "is this pid still alive? is this pid still alive?" because it doesn't need to; it is already informed about whether its immediate child processes are still alive or not (by means of ordinary SIGCHLD and waitpid()). So if it sees that the process exited after SIGTERM, it will simply mark the service as 'inactive' at that point – it will not bother with checking, waiting, and sending the SIGKILL at all.
  • Cloud
    Cloud over 5 years
    Thank you. One last question: let's assume the service is not systemd-aware. What could I add to the systemd script for this service so that systemd creates/manages the PID file? Additionally, the service can be multi-instance via template units, so we typically launch it via `systemctl start [email protected]", so would that impact the PID file logic in the script?
  • Michael Hampton
    Michael Hampton over 5 years
    @DevNull systemd does not create or manage PID files. There's no reason for it to do so. If your service doesn't create its own PID file, then if possible configure it to run in the foreground (instead of daemonizing) and set Type=simple in the systemd unit.
  • user1686
    user1686 over 5 years
    If the service has dependants, Type=forking has the advantage of (if the service was properly written) informing systemd when it's fully 'ready' which Type=simple cannot do. Daemonizing isn't a problem, even without a PID file – systemd will track down the main process anyway.
  • Michael Hampton
    Michael Hampton over 5 years
    @grawity True enough...though it's been my experience that services daemonize before they are actually ready to begin serving. A systemd-aware service using Type=notify is best for systemd, and many common services already do this. But probably not this legacy service. In the OP's case, he has a service which spawns many processes. The systemd docs warn about this case.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

proc-sys-fs-binfmt_misc.automount failed service
systemd service with multiple After
Configuring Systemd Service to run with root access
Disable all services, except ssh
get notification when systemd-monitored service enters failed state
docker Job for docker.service failed because the control process exited with error code
How can I configure a systemd service to restart periodically?
Systemd with multiple execStart
Running Python script via systemd fails to load module
Convenient way to check if system is using systemd or sysvinit in BASH?