Hi,
‘terminate-process’ in (shepherd service) assumes that, once it has sent
SIGKILL to a given PID, it eventually gets a SIGCHLD notification for
that PID.
Unfortunately there are corner cases where it doesn’t hold. Take PID 2:
--8<---------------cut here---------------start------------->8---
$ ps x 2
PID TTY STAT TIME COMMAND
2 ? S 0:00 [kthreadd]
--8<---------------cut here---------------end--------------->8---
That’s not a “real” process, so when you (kill 2 SIGKILL), nothing
happens. Thus, ‘terminate-process’ never returns; the corresponding
service stays in “stopping” state and you cannot halt your machine.
You may wonder how we end up calling ‘terminate-process’ with a “bogus”
PID. It normally never happens, but it can happen with a combination of
‘make-forkexec-constructor’ with #:pid-file and
‘least-authority-wrapper’: the PID file of the wrapper may read “2” (the
PID inside the least-authority PID namespace), so ‘herd stop’ on that
service will end up doing (kill 2 SIGKILL).
Ludo’.
