Page MenuHomeFreeBSD
Differential D23223

auditd_stop: wait_for_pids instead of sleeping
ClosedPublic
Actions

Authored by rlibby on Jan 17 2020, 7:08 AM.
Tags
None
Referenced Files
Unknown Object (File)
Jan 18 2024, 9:55 PM
Unknown Object (File)
Dec 22 2023, 9:53 PM
Unknown Object (File)
Nov 19 2023, 12:13 PM
Unknown Object (File)
Nov 14 2023, 9:12 PM
Unknown Object (File)
Aug 26 2023, 8:25 PM
Unknown Object (File)
Aug 13 2023, 4:47 AM
Unknown Object (File)
Jul 4 2023, 6:57 AM
Unknown Object (File)
May 24 2023, 12:46 PM
View All 15 Files
Subscribers
asomers
brueffer
cem
csjp
imp
rwatson

Details

Reviewers
rwatson
asomers
Commits
rS357611: auditd_stop: wait_for_pids instead of sleeping
Summary

It's faster and more reliable to wait_for_pids than to sleep 1.

This greatly reduces the time to run the /usr/tests/sys/audit tests.
audit has hundreds of tests, and each slept for one second due to
auditd_stop.

Test Plan

time kyua test -k /usr/tests/sys/audit/Kyuafile

Before:

418/418 passed (0 failed)
      533.65 real        15.86 user        29.62 sys

vs after:

418/418 passed (0 failed)
      104.93 real        15.35 user        30.30 sys

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 28716
Build 26731: arc lint + arc unit

Event Timeline

rlibby created this revision.Jan 17 2020, 7:08 AM
Harbormaster completed remote builds in B28716: Diff 66885.Jan 17 2020, 7:08 AM
cem added a subscriber: cem.Feb 4 2020, 10:02 PM

Seems like there is a possible race condition here where $rc_pid exits and is recycled before we check for exit.

cem added a comment.Feb 4 2020, 10:09 PM

I don't see any reason auditd cannot just use the default stop action, which sends SIGTERM. auditd handles sigterm and performs more or less the same shutdown actions as those triggered by audit -t (AUDIT_TRIGGER_CLOSE_AND_DIE). I would suggest just removing the auditd_stop() function entirely.

rlibby added a comment.Feb 4 2020, 10:12 PM
In D23223#515931, @cem wrote:

Seems like there is a possible race condition here where $rc_pid exits and is recycled before we check for exit.

There totally is. I thought just to do it this way because it's what everybody else does, including the built-in stop command in rc.subr.

However, I think it's unlikely that this race will be expressed, unless we aggressively recycle pids, in which case I think a lot of stuff will break. Also, I wasn't sure what kind of job control might be relied upon in this context.

IOW, I think you're right, and it's a bigger problem.

rlibby added a comment.Feb 4 2020, 10:29 PM
In D23223#515942, @cem wrote:

I don't see any reason auditd cannot just use the default stop action, which sends SIGTERM. auditd handles sigterm and performs more or less the same shutdown actions as those triggered by audit -t (AUDIT_TRIGGER_CLOSE_AND_DIE). I would suggest just removing the auditd_stop() function entirely.

This sounds reasonable to me, I just wasn't personally confident enough that it was true. Is there a maintainer who can speak to this? There seems to be a difference, e.g. auditd_reap_children(), and whatever is going on with launchd (but doesn't apply to us?).

cem added subscribers: rwatson, csjp, asomers, brueffer.Feb 4 2020, 11:40 PM
In D23223#515944, @rlibby wrote:

This sounds reasonable to me, I just wasn't personally confident enough that it was true. Is there a maintainer who can speak to this? There seems to be a difference, e.g. auditd_reap_children(), and whatever is going on with launchd (but doesn't apply to us?).

I've CCed folks who have been involved with OpenBSM. I don't believe the launchd stuff applies to us, and I'm not sure why the existing path doesn't reap children.

asomers accepted this revision.Feb 4 2020, 11:55 PM

Good catch! I don't see any reason not to do it your way. In fact, @rwatson anticipated that in his original commit message.

r162605 | rwatson | 2006-09-24 11:31:04 -0600 (Sun, 24 Sep 2006) | 13 lines

Sleep for one second after calling audit -t to give the audit daemon a
chance to actually terminate the audit service and exit.  Otherwise, on
an rc.d/auditd restart, the new audit daemon instance may try to start
auditing while the previous session is still running.  Likewise, this
ensures a chance for auditd to terminate the audit trail at system
shutdown.

Perhaps more ideally, the script would wait synchronously for auditd to
exit rather than for an arbitrary but short period of time.

MFC after:	3 days
Obtained from:	TrustedBSD Project
This revision is now accepted and ready to land.Feb 4 2020, 11:55 PM
Closed by commit rS357611: auditd_stop: wait_for_pids instead of sleeping (authored by rlibby). · Explain WhyFeb 6 2020, 8:32 AM
This revision was automatically updated to reflect the committed changes.
rlibby added a commit: rS357611: auditd_stop: wait_for_pids instead of sleeping.
Herald added a subscriber: imp. · View Herald TranscriptFeb 6 2020, 8:32 AM

Revision Contents
Changeset List

PathSize
libexec/
rc/
rc.d/
4 lines

Diff 66885

View Options

libexec/rc/rc.d/auditd

Loading...