Re: [libvirt] [PATCH 21/23] Add support for re-exec() of virtlockd upon SIGUSR1

On 08/09/2012 09:20 AM, Daniel P. Berrange wrote: s/upgrads/upgrades/ s/systemd/systems/ ? That says 'if virtlockd.service failed to report status, then send it SIGUSR1'. Don't you really want to check '$? = 0'? Rather than re-creating with the original default of 3, should we recreate with the number of elements read from JSON? (Of course, that means you can't call virHashCreate until later in the function, which may be too complex to wait for) This hunk belongs in the previous patch. This cast to (pid_t) might result in truncation. Should we be doing further sanity checking, such as ensuring the cast doesn't truncate and that the resulting pid is non-negative? Oh - now I see something that I wasn't catching when I complained about the earlier patches dealing with a fork/CLOEXEC/exec timing - you _aren't_ forking, but directly calling exec to overlay the current process with the new binary! Furthermore, although it looks like virtlockd calls fork to daemonize at startup, it never spawns any child processes - so we _don't_ have to worry about any O_CLOEXEC races on creation, or restoring CLOEXEC on restart, precisely because we never spawn off a child in another thread where the leak would be problematic. Still, I would feel a lot better if we document this clearly in the code (maybe 'this function is only safe to call from virtlockd' for all PreExec functions that clear CLOEXEC). Shouldn't 0600 be sufficient? We don't need to execute the .json file. -- Eric Blake eblake(a)redhat.com +1-919-301-3266 Libvirt virtualization library http://libvirt.org