5fda0d60c1
This change allows to specify a watchdog(9) timeout for a system shutdown. The timeout is activated when the watchdogd daemon is stopped. The idea is to a prevent any indefinite hang during late stages of the shutdown. The feature is implemented in rc.d/watchdogd, it builds upon watchdogd -x option. Note that the shutdown timeout is not actiavted when the watchdogd service is individually stopped by an operator. It is also not activated for the 'shutdown' to the single-user mode. In those cases it is assumed that the operator knows what they are doing and they have means to recover the system should it hang. Significant subchanges and implementation details: - the argument to rc.shutdown, completely unused before, is assigned to rc_shutdown variable that can be inspected by rc scripts - init(8) passes "single" or "reboot" as the argument, this is not changed - the argument is not mandatory and if it is not set then rc_shutdown is set to "unspecified" - however, the default jail management scripts and jail configuration examples have been updated to pass "jail" to rc.shutdown, just in case - the new timeout can be set via watchdogd_shutdown_timeout rc option - for consistency, the regular timeout can now be set via watchdogd_timeout rc option - watchdogd_shutdown_timeout and watchdogd_timeout override timeout specifications in watchdogd_flags - existing configurations, where the new rc options are not set, should keep working as before I am not particularly wed to any of the implementation specifics. I am open to changing or removing any of them as long as the provided functionality is the same (or very close) to the proposed one. For example, I think it can be implemented without using watchdogd -x, by means of watchdog(1) alone. In that case there would be a small window between stopping watchdogd and running watchdog, but I think that that is acceptable. Reviewed by: bcr (man page changes) MFC after: 5 weeks Relnotes: yes Differential Revision: https://reviews.freebsd.org/D21221
# $FreeBSD$ The below 4 samples require a VIMAGE enabled kernel: # (as root) $ cp VIMAGE /usr/src/sys/amd64/conf/ $ cd /usr/src $ make KERNCONF=VIMAGE kernel $ reboot FreeBSD 12 has VIMAGE enabled in GENERIC on amd64. In that case, for jng simply load the ng_ether module first (ng_bridge and ng_eiface will load on demand): # (as root) # Load the ng_ether module at boot: $ sysrc kld_list+=ng_ether # Load ng_ether at once without rebooting: $ kldload ng_ether Sample 1: jail.conf(5) $ cp jib jng /usr/sbin/ $ cat jail.xxx.conf >> /etc/jail.conf $ vi /etc/jail.conf # NB: Customize root directory and bridge interface $ sysrc jail_enable=YES # NB: Assumes jail_list="" (meaning ``all jails in jail.conf'') # NB: Assumes rc_conf_files="" (``below rc.conf(5) samples not used'') $ service jail start Sample 2: rc.conf(5) $ cp jib jng /usr/sbin/ $ cp rc.conf.jails /etc/ $ vi /etc/rc.conf.jails # NB: Customize root directory and bridge interface $ sysrc rc_conf_files+=/etc/rc.conf.jails # NB: Assumes /etc/jail.conf does not exist and jail_list="" $ service jail start Sample 3: Per-jail jail.conf(5) $ cp jib jng /usr/sbin/ $ cp jail.xxx.conf /etc/ $ vi /etc/jail.xxx.conf # NB: Customize root directory and bridge interface $ sysrc jail_enable=YES $ sysrc jail_list+=xxx # NB: Assumes rc_conf_files="" $ service jail start Sample 4: Per-jail rc.conf(5) $ cp jib jng /usr/sbin/ $ cp rcjail.xxx.conf /etc/ $ vi /etc/rcjail.xxx.conf # NB: Customize root directory and bridge interface $ sysrc jail_enable=YES $ sysrc jail_list+=xxx $ sysrc rc_conf_files+=/etc/rcjail.xxx.conf # NB: Assumes neither /etc/jail.conf nor /etc/jail.xxx.conf exist $ service jail start For additional recipes, see share/examples/netgraph for making and hooking together jails using netgraph as the virtual networking fabric.