#4088 server/be: SIGTERM handling is incorrect
Closed: Fixed 2 years ago by mzidek. Opened 2 years ago by atikhonov.

There are several issues with SIGTERM handling in the data_provider_be code:

(1) https://github.com/SSSD/sssd/pull/821 has left krb5_finalize() defined but not used.

(2) I see no reason to have be_process_finalize() at all: default server handler default_quit() frees main_ctx. And be_ctx is linked to main_ctx so will be freed by default handler as well (please, correct me if I am wrong).

(3) Moreover, it is just wrong to install two libtevent SIGTERM handlers both of which do orderly_shutdown()->exit(). Naturally only one of handlers will be executed (as process will be terminated with exit()) and libtevent docs doesn't say anything about order of execution. But chances are, be_process_finalize() is executed first (and exits) so default_quit() is not executed, main_ctx is not freed (and destructors are not executed)

So, my proposals are:
1) to get rid of krb5_finalize(), be_process_finalize() and be_process_install_sigterm_handler() completely.
2) to improve debug messages in default_quit()/orderly_shutdown() -- I do not understand why message is logged only to journal (sss_log) and only if status == 0. That makes reading of *.log difficult.

Metadata Update from @atikhonov:
- Issue assigned to atikhonov

2 years ago

Metadata Update from @atikhonov:
- Issue tagged with: PR

2 years ago

Commit 3f52de8 relates to this ticket

Metadata Update from @mzidek:
- Issue status updated to: Open (was: Closed)

2 years ago

Metadata Update from @mzidek:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

2 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/5052

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.