On Sun, 15.05.11 18:29, Miloslav TrmaÄ (mitr@xxxxxxxx) wrote: > > On Sun, May 15, 2011 at 3:56 PM, Lennart Poettering > <mzerqung@xxxxxxxxxxx> wrote: > >> 5) in old initscripts, there was /etc/init.d/halt with section for ups > >> shutdown. With that script gone, was that functionality ported to systemd > >> somehow? > Well, any such code is just inherently broken. It *cannot* work. > Such code has worked fine for more than ten years, and Fedora has > shipped it for a long time as well. Did we ship code that could not > ever have worked? Seems so. Racy code. Code that often works, but sometimes doesn't. > <snip> > > The point of UPS is to prevent data loss after all, > > and if you turn off the power before the kernel dealt with reboot() you > > invite data loss. > At that point, all non-root filesystems are unmounted; / has been > remounted read-only, which means the kernel has synced all dirty data, > and waited for the writeback to finish. So reboot() only needs to > write very little to the disks, if anything at all. The "UPS shutdown > command" doesn't turn off the power immediately, the UPS shuts down > after a delay, usually 30 seconds. 30 seconds was plenty to shut down > the system properly even 10 years ago, and AFAIK it is still plenty > today. Well, adding 30s-sleep()s here and there and everywhere is a hack, not a clean fix. But if you have a lot of sync to disk, and/or a slow disk, then 30s might not be enough and you are fucked. "We always did it this way" is not a fix for a problem. The race is real, and should be fixed properly. Lennart -- Lennart Poettering - Red Hat, Inc. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
