stop timer. since watchdogd rc.d script is marked as 'shutdown'
it will exit (on shutdown) and stop timer. if system happens to
hung after watchdogd exited, manual reset is required. when one
operates in "lights-out" type of environments and without
readily available "remote hands" it could create a problem.
this provides ability to override "stop signal" for watchdogd.
default behavior is preserved, i.e. watchdogd will still be killed
via SIGTERM and timer will be stopped. in order to activate new
feature, one needs to put
watchdogd_sig_stop="KILL"
into /etc/rc.conf and also make sure watchdogd timeout is set
to long enough value allowing system to come back online before
timeout fires.
Obtained from: Netflix
MFC after: 1 week
systems are fully "ready to go".
'FILESYSTEMS' states: "This is a dummy dependency, for services which
require file systems to be mounted before starting." However, we have
'var' which is was run after 'FILESYSTEMS' and can mount /var if it
already isn't mounted. Furthermore, several scripts cannot use /var
until 'cleanvar' has done its thing. Thus "FILESYSTEMS" hasn't really
meant all critical file systems are fully usable.
The main benefit is that watchdogd would shutdown after most of other
daemons/servers and thus, for example, would remedy a system hang caused
by unlucky X server shutdown.
Reviewed by: dougb (earlier version)
MFC after: 2 weeks
assignments to the literal values it would have returned.
The concept of set_rcvar() was nice in theory, but the forks
it creates are a drag on the startup process, which is especially
noticeable on slower systems, such as embedded ones.
During the discussion on freebsd-rc@ a preference was expressed for
using ${name}_enable instead of the literal values. However the
code portability concept doesn't really apply since there are so
many other places where the literal name has to be searched for
and replaced. Also, using the literal value is also a tiny bit
faster than dereferencing the variables, and every little bit helps.
to allow them to do a "clean" shutdown.
I purposely avoided making changes to network-related stuff since the
system shutting down is pretty conclusive, and there may be complicated
dependencies on the network that I would rather not try to unravel.
I also skipped kerberos-related stuff for the reasons above, and
because I have no way to test it.
debug.watchdog since it is not created by hardware watchdog(4) devices.
The watchdog(4) device is always compiled in the kernel, so removing the
check should not cause any problems.
Approved by: phk
This commit has two pieces. One half is the watchdog kernel code which lives
primarily in hardclock() in sys/kern/kern_clock.c. The other half is a userland
daemon which, when run, will keep the watchdog from firing while the userland
is intact and functioning.
Approved by: jeff (mentor)
