MFC to RELENG_6:

| Fix system shutdown timeout handling by again supporting longer running
| shutdown procedures (which have a duration of more than 120 seconds).
|
| We have two user-space affecting shutdown timeouts: a "soft" one in
| /etc/rc.shutdown and a "hard" one in init(8). The first one can be
| configured via /etc/rc.conf variable "rcshutdown_timeout" and defaults
| to 30 seconds. The second one was originally (in 1998) intended to be
| configured via sysctl(8) variable "kern.shutdown_timeout" and defaults
| to 120 seconds.
|
| Unfortunately, the "kern.shutdown_timeout" was declared "unused" in 1999
| (as it obviously is actually not used within the kernel itself) and
| hence was intentionally but misleadingly removed in revision 1.107 from
| init_main.c. Kernel sysctl(8) variables are certainly a wrong way to
| control user-space processes in general, but in this particular case the
| sysctl(8) variable should have remained as it supports init(8), which
| isn't passed command line flags (which in turn could have been set via
| /etc/rc.conf), etc.
|
| As there is already a similar "kern.init_path" sysctl(8) variable which
| directly affects init(8), resurrect the init(8) shutdown timeout under
| sysctl(8) variable "kern.init_shutdown_timeout". But this time document
| it as being intentionally unused within the kernel and used by init(8).
| Also document it in the manpages init(8) and rc.conf(5).
|
| Reviewed by: phk
| MFC after: 2 weeks
|
| Revision  Changes    Path
| 1.48      +7 -1      src/sbin/init/init.8
| 1.61      +1 -1      src/sbin/init/init.c
| 1.264     +16 -1     src/share/man/man5/rc.conf.5
| 1.257     +11 -0     src/sys/kern/init_main.c

Approved by: re (scottl)

sbin/init/init.8

@@ -31,7 +31,7 @@
 .\"     @(#)init.8	8.3 (Berkeley) 4/18/94
 .\" $FreeBSD$
 .\"
-.Dd April 18, 1994
+.Dd September 15, 2005
 .Dt INIT 8
 .Os
 .Sh NAME
@@ -321,6 +321,12 @@ This script can be used to cleanly terminate specific programs such
 as
 .Nm innd
 (the InterNetNews server).
+If this script does not terminate within 120 seconds,
+.Nm
+will terminate it. The timeout can be configured via the
+.Xr sysctl 8
+variable
+.Va kern.init_shutdown_timeout .
 .Pp
 The role of
 .Nm

sbin/init/init.c

@@ -1520,7 +1520,7 @@ runshutdown(void)
 	}
 
 	len = sizeof(shutdowntimeout);
-	if (sysctlbyname("kern.shutdown_timeout",
+	if (sysctlbyname("kern.init_shutdown_timeout",
 			 &shutdowntimeout,
 			 &len, NULL, 0) == -1 || shutdowntimeout < 2)
 	    shutdowntimeout = DEATH_SCRIPT;

share/man/man5/rc.conf.5

@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd September 8, 2005
+.Dd September 15, 2005
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -3168,6 +3168,21 @@ If set, start a watchdog timer in the background which will terminate
 if
 .Xr shutdown 8
 has not completed within the specified time (in seconds).
+Notice that in addition to this soft timeout,
+.Xr init 8
+also applies a hard timeout for the execution of
+.Pa rc.shutdown .
+This is configured via
+.Xr sysctl 8
+variable
+.Va kern.init_shutdown_timeout
+and defaults to 120 seconds. Setting the value of
+.Va rcshutdown_timeout
+to more than 120 seconds will have no effect until the
+.Xr sysctl 8
+variable
+.Va kern.init_shutdown_timeout
+is also increased.
 .It Va virecover_enable
 .Pq Vt bool
 Set to

sys/kern/init_main.c

@@ -498,6 +498,17 @@ static char init_path[MAXPATHLEN] =
 SYSCTL_STRING(_kern, OID_AUTO, init_path, CTLFLAG_RD, init_path, 0,
 	"Path used to search the init process");
 
+/*
+ * Shutdown timeout of init(8).
+ * Unused within kernel, but used to control init(8), hence do not remove.
+ */
+#ifndef INIT_SHUTDOWN_TIMEOUT
+#define INIT_SHUTDOWN_TIMEOUT 120
+#endif
+static int init_shutdown_timeout = INIT_SHUTDOWN_TIMEOUT;
+SYSCTL_INT(_kern, OID_AUTO, init_shutdown_timeout,
+	CTLFLAG_RW, &init_shutdown_timeout, 0, "");
+
 /*
  * Start the initial user process; try exec'ing each pathname in init_path.
  * The program is invoked with one argument containing the boot flags.