Re: switch-root, init, SIGHUP

[Lennart Poettering <lennart@xxxxxxxxxxxxxx>]

On Mo, 20.01.25 18:21, James Muir (jamesmui) (jamesmui@xxxxxxxxx) wrote:

> > Are you sure you are setting argv[0][0] properly? the killing spree we
> > do on switch root should exclude processes marked like that.
>
> When I check /proc/<pid>/cmdline, I see the '@' character.
>
> It is not clear to me if the '@' is necessary because the process is
> invoked using the "init" kernel parameter.

That detail doesn't matter. It's irrelevant how the process gets
started. In particular as I understand you you fork()ed once,
i.e. init= starts PID 1, but this is not PID 1 we are talking about
here...

> Doesn't that mean it gets executed after the switch-root killing
> spree? (i.e. it gets executed when PID 1 from the initial ramdisk
> re-executes to run the new init).

do you actually invoke the systemd binary in the initrd already, and
the ask it to switch root, or how does that work?

> I think the SIGHUP must come from the new PID 1.

sigaction() actually tells you exactly where a signal comes from, if
you let it via the siginfo_t structure optionally delivered to your
signal handler. hence you can relatively easily figure this out. The
si_pid specifies the source pid. And si_code tells you if this was
sent by the kernel or by userspace, i.e. SI_KERNEL, SI_USER and so on.

> > Note that we'll also possibly reinitialize the tty on switch root,
> > maybe your tool has the tty open and gets a SIGHUP because of that.
>
> Brian M also suggested that might be the cause, but I don't see any
> ttys when I do "ls -l /proc/<pid>/fd".

it's not so much about that, but about which ctty your process has.

Lennart

--
Lennart Poettering, Berlin