c53d2d54bd
KillMode=mixed and control group are used to indicate that all process should be killed off. SendSIGKILL is used for services that require a clean shutdown. These are typically database service where a SigKilled process would result in a lengthy recovery and who's shutdown or startup time is quite variable (so Timeout settings aren't of use). Here we take these two factors and refuse to start a service if there are existing processes within a control group. Databases, while generally having some protection against multiple instances running, lets not stress the rigor of these. Also ExecStartPre parts of the service aren't as rigoriously written to protect against against multiple use. closes #8630
196 lines
9.1 KiB
XML
196 lines
9.1 KiB
XML
<?xml version='1.0'?> <!--*-nxml-*-->
|
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
|
|
|
<!--
|
|
SPDX-License-Identifier: LGPL-2.1+
|
|
-->
|
|
|
|
<refentry id="systemd.kill">
|
|
<refentryinfo>
|
|
<title>systemd.kill</title>
|
|
<productname>systemd</productname>
|
|
</refentryinfo>
|
|
|
|
<refmeta>
|
|
<refentrytitle>systemd.kill</refentrytitle>
|
|
<manvolnum>5</manvolnum>
|
|
</refmeta>
|
|
|
|
<refnamediv>
|
|
<refname>systemd.kill</refname>
|
|
<refpurpose>Process killing procedure
|
|
configuration</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv>
|
|
<para><filename><replaceable>service</replaceable>.service</filename>,
|
|
<filename><replaceable>socket</replaceable>.socket</filename>,
|
|
<filename><replaceable>mount</replaceable>.mount</filename>,
|
|
<filename><replaceable>swap</replaceable>.swap</filename>,
|
|
<filename><replaceable>scope</replaceable>.scope</filename></para>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1>
|
|
<title>Description</title>
|
|
|
|
<para>Unit configuration files for services, sockets, mount
|
|
points, swap devices and scopes share a subset of configuration
|
|
options which define the killing procedure of processes belonging
|
|
to the unit.</para>
|
|
|
|
<para>This man page lists the configuration options shared by
|
|
these five unit types. See
|
|
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
|
for the common options shared by all unit configuration files, and
|
|
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
|
and
|
|
<citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
|
for more information on the configuration file options specific to
|
|
each unit type.</para>
|
|
|
|
<para>The kill procedure configuration options are configured in
|
|
the [Service], [Socket], [Mount] or [Swap] section, depending on
|
|
the unit type.</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Options</title>
|
|
|
|
<variablelist class='unit-directives'>
|
|
|
|
<varlistentry>
|
|
<term><varname>KillMode=</varname></term>
|
|
<listitem><para>Specifies how processes of this unit shall be
|
|
killed. One of
|
|
<option>control-group</option>,
|
|
<option>process</option>,
|
|
<option>mixed</option>,
|
|
<option>none</option>.</para>
|
|
|
|
<para>If set to <option>control-group</option>, all remaining
|
|
processes in the control group of this unit will be killed on
|
|
unit stop (for services: after the stop command is executed,
|
|
as configured with <varname>ExecStop=</varname>). If set to
|
|
<option>process</option>, only the main process itself is
|
|
killed. If set to <option>mixed</option>, the
|
|
<constant>SIGTERM</constant> signal (see below) is sent to the
|
|
main process while the subsequent <constant>SIGKILL</constant>
|
|
signal (see below) is sent to all remaining processes of the
|
|
unit's control group. If set to <option>none</option>, no
|
|
process is killed. In this case, only the stop command will be
|
|
executed on unit stop, but no process be killed otherwise.
|
|
Processes remaining alive after stop are left in their control
|
|
group and the control group continues to exist after stop
|
|
unless it is empty.</para>
|
|
|
|
<para>Processes will first be terminated via
|
|
<constant>SIGTERM</constant> (unless the signal to send is
|
|
changed via <varname>KillSignal=</varname>). Optionally, this
|
|
is immediately followed by a <constant>SIGHUP</constant> (if
|
|
enabled with <varname>SendSIGHUP=</varname>). If then, after a
|
|
delay (configured via the <varname>TimeoutStopSec=</varname>
|
|
option), processes still remain, the termination request is
|
|
repeated with the <constant>SIGKILL</constant> signal or the
|
|
signal specified via <varname>FinalKillSignal=</varname> (unless
|
|
this is disabled via the <varname>SendSIGKILL=</varname>
|
|
option). See
|
|
<citerefentry><refentrytitle>kill</refentrytitle><manvolnum>2</manvolnum></citerefentry>
|
|
for more information.</para>
|
|
|
|
<para>Defaults to
|
|
<option>control-group</option>.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>KillSignal=</varname></term>
|
|
<listitem><para>Specifies which signal to use when killing a
|
|
service. This controls the signal that is sent as first step
|
|
of shutting down a unit (see above), and is usually followed
|
|
by <constant>SIGKILL</constant> (see above and below). For a
|
|
list of valid signals, see
|
|
<citerefentry project='man-pages'><refentrytitle>signal</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
|
|
Defaults to <constant>SIGTERM</constant>. </para>
|
|
|
|
<para>Note that, right after sending the signal specified in
|
|
this setting, systemd will always send
|
|
<constant>SIGCONT</constant>, to ensure that even suspended
|
|
tasks can be terminated cleanly.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>SendSIGHUP=</varname></term>
|
|
<listitem><para>Specifies whether to send
|
|
<constant>SIGHUP</constant> to remaining processes immediately
|
|
after sending the signal configured with
|
|
<varname>KillSignal=</varname>. This is useful to indicate to
|
|
shells and shell-like programs that their connection has been
|
|
severed. Takes a boolean value. Defaults to "no".
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>SendSIGKILL=</varname></term>
|
|
<listitem><para>Specifies whether to send
|
|
<constant>SIGKILL</constant> (or the signal specified by
|
|
<varname>FinalKillSignal=</varname>) to remaining processes
|
|
after a timeout, if the normal shutdown procedure left
|
|
processes of the service around. When disabled, a
|
|
<varname>KillMode=</varname> of <constant>control-group</constant>
|
|
or <constant>mixed</constant> service will not restart if
|
|
processes from prior services exist within the control group.
|
|
Takes a boolean value. Defaults to "yes".
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>FinalKillSignal=</varname></term>
|
|
<listitem><para>Specifies which signal to send to remaining
|
|
processes after a timeout if <varname>SendSIGKILL=</varname>
|
|
is enabled. The signal configured here should be one that is
|
|
not typically caught and processed by services (<constant>SIGTERM</constant>
|
|
is not suitable). Developers can find it useful to use this to
|
|
generate a coredump to troubleshoot why a service did not
|
|
terminate upon receiving the initial <constant>SIGTERM</constant>
|
|
signal. This can be achieved by configuring <varname>LimitCORE=</varname>
|
|
and setting <varname>FinalKillSignal=</varname> to either
|
|
<constant>SIGQUIT</constant> or <constant>SIGABRT</constant>
|
|
Defaults to <constant>SIGKILL</constant>.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>WatchdogSignal=</varname></term>
|
|
<listitem><para>Specifies which signal to use to terminate the
|
|
service when the watchdog timeout expires (enabled through
|
|
<varname>WatchdogSec=</varname>). Defaults to <constant>SIGABRT</constant>.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>See Also</title>
|
|
<para>
|
|
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>kill</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
|
|
<citerefentry project='man-pages'><refentrytitle>signal</refentrytitle><manvolnum>7</manvolnum></citerefentry>
|
|
</para>
|
|
</refsect1>
|
|
|
|
</refentry>
|