On Sat, Jul 9, 2016 at 7:27 PM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Sat, Jul 9, 2016 at 5:09 PM, Ben Rosser <rosser....@gmail.com> wrote: > > On Sat, Jul 9, 2016 at 4:56 PM, Chris Murphy <li...@colorremedies.com> > > wrote: > >> > >> I think this needs to be rethought. The options right now are, modify > >> an as yet unknown quantity of background programs so they aren't > >> killed on user logout; vs logout/restart/shutdown likely hanging for > >> 90 seconds. It seems the work around would be to modify screen and > >> tmux, and then run all such background tasks in either screen or tmux. > >> But, that's kinda, wow... bit of a hammer. > > > > > > A thought occurred to me: would it be possible to instead implement a > > whitelist of *binaries* that are allowed to linger, rather than going > around > > patching everything? So for example rather than having to modify the > > codebase of screen, we have a (sysadmin-modifiable) whitelist that says > > /usr/bin/screen is allowed to linger? Perhaps this would be something > > shipped by the screen package, so /usr/bin/screen is only whitelisted if > the > > package providing it installed. > > This is pretty useless if systemd does no logging of having killed the > process. That's the difference between managing system resources, and > putting every backgrounded task on "double secret probation". It's > also pretty useless for newly written shell scripts written in any > language. Well, the idea was that binaries shipped by Fedora that we *know* need to be whitelisted could have that information be part of the package that ships them, while admins could add whatever scripts they write themselves to a separate whitelist (that's what I meant by "sysadmin-modifiable"). But you're right, since systemd doesn't log what processes it kills there would be no way to implement such a thing at the moment. Oh well. Ben Rosser
-- devel mailing list devel@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
