Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
> The hint about non-empty cgroup + gap in PID sequence [1] suggest that > the parent and child are not the only two processes of the service. The gap in PIDs can be explained by a lot of processes starting at that moment. In that particular case: ``` May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: About to execute /usr/local/bin/gnome-keyring-daemon --start --components pkcs11,secrets May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Forked /usr/local/bin/gnome-keyring-daemon as 310 ... May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-remote-desktop.service: About to execute /usr/libexec/gnome-remote-desktop-daemon May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-remote-desktop.service: Forked /usr/libexec/gnome-remote-desktop-daemon as 311 ... May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-session-monitor.service: About to execute /usr/libexec/gnome-session-ctl --monitor May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-session-monitor.service: Forked /usr/libexec/gnome-session-ctl as 312 ... May 09 17:52:47 cb6d1c84f84e systemd[106]: session-migration.service: About to execute /usr/bin/session-migration May 09 17:52:47 cb6d1c84f84e systemd[106]: session-migration.service: Forked /usr/bin/session-migration as 313 ``` About non-empty cgroup I'm not sure. The status is: ``` ● gnome-keyring.service - Start gnome-keyring for the Secrets Service, and PKCS #11 Loaded: loaded (/usr/lib/systemd/user/gnome-keyring.service; enabled; vendor preset: enabled) Active: deactivating (stop-sigterm) Process: 310 ExecStart=/usr/local/bin/gnome-keyring-daemon --start --components pkcs11,secrets (code=exited, status=0/SUCCESS) Main PID: 310 (code=exited, status=0/SUCCESS) CGroup: /docker/df654b46027c96861325528cba8f18aa65fb8c77986ffe7ce575a582334aff17/user.slice/user-1000.slice/user@1000.service/app.slice/gnome-keyring.service ``` Then changes to (when it times out): ``` × gnome-keyring.service - Start gnome-keyring for the Secrets Service, and PKCS #11 Loaded: loaded (/usr/lib/systemd/user/gnome-keyring.service; enabled; vendor preset: enabled) Active: failed (Result: timeout) since Tue 2022-05-10 15:19:33 UTC; 315ms ago Process: 310 ExecStart=/usr/local/bin/gnome-keyring-daemon --start --components pkcs11,secrets (code=exited, status=0/SUCCESS) Main PID: 310 (code=exited, status=0/SUCCESS) ``` > [1] Can be parent's threads or concurrently spawned processes elsewhere in > the system. The processes that are related in one way or another... the gnome-keyring service which spawns one child (both exit): gnome-keyring-daemon --start --components pkcs11,secrets The org.freedesktop.secrets service (activated via dbus): gnome-keyring-daemon --start --foreground --components=secrets And the gnome-keyring-ssh service: gnome-keyring-daemon --start --components ssh Not a gnome-keyring expert, far from it. > That's very old. As far as most of the Debian project is concerned, > Debian 8 reached EOL in mid 2018. Yep, I'd like to know what's happening mainly out of curiosity (and maybe to learn something new). Because in my view it behaves really weird (like, "a process finishes, but it doesn't"). > To my knowledge Docker is not capable of running a proper > systemd-based userspace as a container. I.e. it does not implement > this: > https://systemd.io/CONTAINER_INTERFACE Well, I've managed to run GNOME in a docker container and connect to it over VNC: https://gist.github.com/x-yuri/dc6a9ce59ca823102903033da0143304 Although there's at least one major issue I haven't investigated yet. And there's also: https://hub.docker.com/r/jrei/systemd-ubuntu Which more or less worked for me under docker for another project. > As I understand, they are not interested in this, think this is out of > focus. Which is certainly their right. But if you want to run systemd > as container payload, then bettr use a different container manager, > like podman, lxc, systemd-spawn. They all are a lot more open to > supporting systemd as payload in a way that just works. Thanks for the suggestion, I'm considering them too. But I'd like to first find out what's happening here. > Docker is particularly borked when it comes to the way cgroups are set > up. And given that they are stuck on cgroupsv1 (or did that change?) i > see no perspective there. At least Docker 20.10.10 doesn't support it. > My educated guess: you are running in cgroupsv1 mode. cgroup empty > notifications do not work reliably in containers on cgroupsv1. Yep, in this case I'm using cgroupv1. Can this all be explained by "cgroup empty notifications do not work reliably in containers on cgroupsv1"? Adding `sleep 5` seems to resolve the issue, but I'm not sure if that's reliable. Let's put it this way, can the described behavior be explained like this? With cgroupv1 "empty cgroup" notifications in containers don't always reach systemd. As a result, if systemd doesn't receive an "empty
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
On Di, 10.05.22 08:44, Yuri Kanivetsky (yuri.kanivet...@gmail.com) wrote: > The one that produces the messages is 249.11 (that is running in a > docker container): > > https://packages.ubuntu.com/jammy/systemd > > The one running on the host is 215-17 (Debian 8). that's ancient... i figure this then also means you are stuck with cgroupv1. Which means cgroup empty notifications in containers typically don#t work. Lennart -- Lennart Poettering, Berlin
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
On Mo, 09.05.22 23:43, Yuri Kanivetsky (yuri.kanivet...@gmail.com) wrote: > Hi Andrei, > > Thanks for the suggestion. It becomes more verbose, but it still seems > like `systemd` fails to notice that `gnome-keyring` exited: > > May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Passing 0 fds to service > May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: > About to execute /usr/local/bin/gnome-keyring-daemon --start > --components pkcs11,secrets > May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Forked /usr/local/bin/gnome-keyring-daemon as 310 > May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Changed dead -> start > May 09 17:52:47 cb6d1c84f84e systemd[106]: Starting Start > gnome-keyring for the Secrets Service, and PKCS #11... > May 09 17:52:47 cb6d1c84f84e systemd[310]: Skipping PR_SET_MM, as > we don't have privileges. > May 09 17:52:47 cb6d1c84f84e systemd[310]: gnome-keyring.service: > Executing: /usr/local/bin/gnome-keyring-daemon --start --components > pkcs11,secrets My educated guess: you are running in cgroupsv1 mode. cgroup empty notifications do not work reliably in containers on cgroupsv1. Use cgroupsv2. (but i think docker doesn't support that) Lennart -- Lennart Poettering, Berlin
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
On Do, 05.05.22 04:41, Yuri Kanivetsky (yuri.kanivet...@gmail.com) wrote: > Hi, > > This might be not a systemd issue. But the behavior is weird, and I'm not > sure. > > I'm trying to run GNOME in a docker container. And gnome-keyring > fails to start: To my knowledge Docker is not capable of running a proper systemd-based userspace as a container. I.e. it does not implement this: https://systemd.io/CONTAINER_INTERFACE As I understand, they are not interested in this, think this is out of focus. Which is certainly their right. But if you want to run systemd as container payload, then bettr use a different container manager, like podman, lxc, systemd-spawn. They all are a lot more open to supporting systemd as payload in a way that just works. Docker is particularly borked when it comes to the way cgroups are set up. And given that they are stuck on cgroupsv1 (or did that change?) i see no perspective there. Lennart -- Lennart Poettering, Berlin
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
On Tue, 10 May 2022 at 08:44:27 +0300, Yuri Kanivetsky wrote: > The one running on the host is 215-17 (Debian 8). That's very old. As far as most of the Debian project is concerned, Debian 8 reached EOL in mid 2018. There is a separate Debian LTS team which picks up security support when the main Debian security team drops a release, but they also stopped supporting Debian 8 in mid 2020. If you are using ELTS (a third-party commercial offering), I'd suggest talking to the ELTS maintainers, rather than upstream or Debian - particularly if you are also using a Debian-8-derived kernel. smcv
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
The one that produces the messages is 249.11 (that is running in a docker container): https://packages.ubuntu.com/jammy/systemd The one running on the host is 215-17 (Debian 8). > But it sounds like systemd issue in one specific version you are using. On hosts with newer Debians the issue doesn't manifest itself (the systemd version inside docker remains the same). I'm trying to figure out what exactly is happening on Debian 8. If not a systemd issue... The things that come to mind are: a) the process is waiting to release some resources after exit() or return from main(), b) something PAM- or dbus-related, c) some threads that don't let it exit. Not a C programmer to know if those are possible (if something can not let a process terminate after exit() or return from main()). On Tue, May 10, 2022 at 8:09 AM Andrei Borzenkov wrote: > > On 09.05.2022 23:43, Yuri Kanivetsky wrote: > > Hi Andrei, > > > > Thanks for the suggestion. It becomes more verbose, but it still seems > > like `systemd` fails to notice that `gnome-keyring` exited: > > > > Probably > > ... > > > > > The child exits: > > > > May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[314]: -- main: > > return 0, gkd-main.c:1210 > > May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[314]: -- main: return > > 0, gkd-main.c:1210 > > May 09 17:52:47 cb6d1c84f84e systemd[106]: Child 314 > > (gnome-keyring-d) died (code=exited, status=0/SUCCESS) > > May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: > > Child 314 belongs to gnome-keyring.service. > > May 09 17:52:47 cb6d1c84f84e systemd[106]: Received SIGCHLD from > > PID 314 (n/a). > > What I miss is "cgroup is empty" message. For comparison: > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: Received SIGCHLD from > PID 73346 (sleep). > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: Child 73346 (sleep) > died (code=exited, status=0/SUCCESS) > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Child > 73346 belongs to oneshot.service. > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: > Control group is empty. > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: > Succeeded. > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: > Service will not restart (restart setting) > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: > Changed stop-sigterm -> dead > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Job > 986 oneshot.service/start finished, result=done > > May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: Finished test oneshot > forking service. > > > You never mentioned your systemd version so it is hard to say anything. > But it sounds like systemd issue in one specific version you are using. > > > > > The org.freedesktop.secrets service is activated: > > > > May 09 17:52:47 cb6d1c84f84e dbus-daemon[124]: [session uid=1000 > > pid=124] Activating service name='org.freedesktop.secrets' requested > > by ':1.16' (uid=1000 pid=243 comm="/usr/libexec/xdg-desktop-portal ") > > May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[348]: -- main: > > gkd-main.c:1046 > > May 09 17:52:47 cb6d1c84f84e org.freedesktop.secrets[348]: > > gnome-keyring-daemon: no process capabilities, insecure memory might > > get used > > May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[348]: couldn't > > access control socket: /run/user/1000/keyring/control: No such file or > > directory > > May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[348]: couldn't access > > control socket: /run/user/1000/keyring/control: No such file or > > directory > > May 09 17:52:47 cb6d1c84f84e dbus-daemon[124]: [session uid=1000 > > pid=124] Successfully activated service 'org.freedesktop.secrets' > > > > The gnome-keyring service times out: > > > > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > > State 'stop-sigterm' timed out. Killing. > > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > > Failed with result 'timeout'. > > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > > Service will not restart (restart setting) > > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > > Changed stop-sigterm -> failed > > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > > Job 167 gnome-keyring.service/start finished, result=failed > > May 09 17:54:17 cb6d1c84f84e systemd[106]: Failed to start Start > > gnome-keyring for the Secrets Service, and PKCS #11. > > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > > Unit entered failed state. > > > > More info here: > > > > https://gist.github.com/x-yuri/b12e8178a621372a4aa62c60693af37b#file-b-journal-gnome-keyring-gist-md > > > > Do you know any reason a process can remain alive after exit() or > > return from main()? Any threads started by PAM or anything > > dbus-related (wild guesses on my part)? Anything else I
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
On 09.05.2022 23:43, Yuri Kanivetsky wrote: > Hi Andrei, > > Thanks for the suggestion. It becomes more verbose, but it still seems > like `systemd` fails to notice that `gnome-keyring` exited: > Probably ... > > The child exits: > > May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[314]: -- main: > return 0, gkd-main.c:1210 > May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[314]: -- main: return > 0, gkd-main.c:1210 > May 09 17:52:47 cb6d1c84f84e systemd[106]: Child 314 > (gnome-keyring-d) died (code=exited, status=0/SUCCESS) > May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Child 314 belongs to gnome-keyring.service. > May 09 17:52:47 cb6d1c84f84e systemd[106]: Received SIGCHLD from > PID 314 (n/a). What I miss is "cgroup is empty" message. For comparison: May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: Received SIGCHLD from PID 73346 (sleep). May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: Child 73346 (sleep) died (code=exited, status=0/SUCCESS) May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Child 73346 belongs to oneshot.service. May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Control group is empty. May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Succeeded. May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Service will not restart (restart setting) May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Changed stop-sigterm -> dead May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: oneshot.service: Job 986 oneshot.service/start finished, result=done May 10 07:56:16 bor-Latitude-E5450 systemd[1593]: Finished test oneshot forking service. You never mentioned your systemd version so it is hard to say anything. But it sounds like systemd issue in one specific version you are using. > > The org.freedesktop.secrets service is activated: > > May 09 17:52:47 cb6d1c84f84e dbus-daemon[124]: [session uid=1000 > pid=124] Activating service name='org.freedesktop.secrets' requested > by ':1.16' (uid=1000 pid=243 comm="/usr/libexec/xdg-desktop-portal ") > May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[348]: -- main: > gkd-main.c:1046 > May 09 17:52:47 cb6d1c84f84e org.freedesktop.secrets[348]: > gnome-keyring-daemon: no process capabilities, insecure memory might > get used > May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[348]: couldn't > access control socket: /run/user/1000/keyring/control: No such file or > directory > May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[348]: couldn't access > control socket: /run/user/1000/keyring/control: No such file or > directory > May 09 17:52:47 cb6d1c84f84e dbus-daemon[124]: [session uid=1000 > pid=124] Successfully activated service 'org.freedesktop.secrets' > > The gnome-keyring service times out: > > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > State 'stop-sigterm' timed out. Killing. > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Failed with result 'timeout'. > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Service will not restart (restart setting) > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Changed stop-sigterm -> failed > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Job 167 gnome-keyring.service/start finished, result=failed > May 09 17:54:17 cb6d1c84f84e systemd[106]: Failed to start Start > gnome-keyring for the Secrets Service, and PKCS #11. > May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: > Unit entered failed state. > > More info here: > > https://gist.github.com/x-yuri/b12e8178a621372a4aa62c60693af37b#file-b-journal-gnome-keyring-gist-md > > Do you know any reason a process can remain alive after exit() or > return from main()? Any threads started by PAM or anything > dbus-related (wild guesses on my part)? Anything else I can check? > > Regards, > Yuri > > On Thu, May 5, 2022 at 8:19 AM Andrei Borzenkov wrote: >> >> On 05.05.2022 04:41, Yuri Kanivetsky wrote: >>> Hi, >>> >>> This might be not a systemd issue. But the behavior is weird, and I'm not >>> sure. >>> >>> I'm trying to run GNOME in a docker container. And gnome-keyring fails to >>> start: >>> >>> https://gist.github.com/x-yuri/c3c715ea6355633de4546ae957a66410 >>> >>> I added debug statements, and in the log I see: >>> >>> May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Start >>> gnome-keyring for the Secrets Service, and PKCS #11... >>> May 02 05:09:02 ab6aaba04124 gnome-keyring-d[309]: -- main: 1046 >>> May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: >>> gnome-keyring-daemon: no process capabilities, insecure memory might >>> get used >>> May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- >>> fork_and_print_environment: fork(), parent, 653 >>> May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- >>> fork_and_print_envir
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
Hi Andrei, Thanks for the suggestion. It becomes more verbose, but it still seems like `systemd` fails to notice that `gnome-keyring` exited: May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Passing 0 fds to service May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: About to execute /usr/local/bin/gnome-keyring-daemon --start --components pkcs11,secrets May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Forked /usr/local/bin/gnome-keyring-daemon as 310 May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Changed dead -> start May 09 17:52:47 cb6d1c84f84e systemd[106]: Starting Start gnome-keyring for the Secrets Service, and PKCS #11... May 09 17:52:47 cb6d1c84f84e systemd[310]: Skipping PR_SET_MM, as we don't have privileges. May 09 17:52:47 cb6d1c84f84e systemd[310]: gnome-keyring.service: Executing: /usr/local/bin/gnome-keyring-daemon --start --components pkcs11,secrets The main() starts: May 09 17:52:47 cb6d1c84f84e (g-daemon)[310]: -- main: gkd-main.c:1046 A child is forked: May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[310]: -- fork_and_print_environment: fork(), parent, gkd-main.c:653 May 09 17:52:47 cb6d1c84f84e (g-daemon)[310]: -- fork_and_print_environment: fork(), parent, gkd-main.c:653 May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[314]: -- fork_and_print_environment: fork(), child, gkd-main.c:684 May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[314]: -- fork_and_print_environment: fork(), child, gkd-main.c:684 May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[314]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[314]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory The parent exits: May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[310]: -- fork_and_print_environment: exit(0), gkd-main.c:680 May 09 17:52:47 cb6d1c84f84e (g-daemon)[310]: -- fork_and_print_environment: exit(0), gkd-main.c:680 May 09 17:52:47 cb6d1c84f84e systemd[106]: Received SIGCHLD from PID 310 (gnome-keyring-d). May 09 17:52:47 cb6d1c84f84e systemd[106]: Child 310 (gnome-keyring-d) died (code=exited, status=0/SUCCESS) May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Child 310 belongs to gnome-keyring.service. May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Main process exited, code=exited, status=0/SUCCESS (success) May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Changed start -> stop-sigterm The child exits: May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[314]: -- main: return 0, gkd-main.c:1210 May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[314]: -- main: return 0, gkd-main.c:1210 May 09 17:52:47 cb6d1c84f84e systemd[106]: Child 314 (gnome-keyring-d) died (code=exited, status=0/SUCCESS) May 09 17:52:47 cb6d1c84f84e systemd[106]: gnome-keyring.service: Child 314 belongs to gnome-keyring.service. May 09 17:52:47 cb6d1c84f84e systemd[106]: Received SIGCHLD from PID 314 (n/a). The org.freedesktop.secrets service is activated: May 09 17:52:47 cb6d1c84f84e dbus-daemon[124]: [session uid=1000 pid=124] Activating service name='org.freedesktop.secrets' requested by ':1.16' (uid=1000 pid=243 comm="/usr/libexec/xdg-desktop-portal ") May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[348]: -- main: gkd-main.c:1046 May 09 17:52:47 cb6d1c84f84e org.freedesktop.secrets[348]: gnome-keyring-daemon: no process capabilities, insecure memory might get used May 09 17:52:47 cb6d1c84f84e gnome-keyring-daemon[348]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory May 09 17:52:47 cb6d1c84f84e gnome-keyring-d[348]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory May 09 17:52:47 cb6d1c84f84e dbus-daemon[124]: [session uid=1000 pid=124] Successfully activated service 'org.freedesktop.secrets' The gnome-keyring service times out: May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: State 'stop-sigterm' timed out. Killing. May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: Failed with result 'timeout'. May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: Service will not restart (restart setting) May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: Changed stop-sigterm -> failed May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: Job 167 gnome-keyring.service/start finished, result=failed May 09 17:54:17 cb6d1c84f84e systemd[106]: Failed to start Start gnome-keyring for the Secrets Service, and PKCS #11. May 09 17:54:17 cb6d1c84f84e systemd[106]: gnome-keyring.service: Unit entered failed state. More info here: https://gist.github.com/x-yuri/b12e8178a621372a4aa62c60693af37b#file-b-journal-gnome-keyri
Re: [systemd-devel] systemd tries to terminate a process that seems to have exited
On 05.05.2022 04:41, Yuri Kanivetsky wrote: > Hi, > > This might be not a systemd issue. But the behavior is weird, and I'm not > sure. > > I'm trying to run GNOME in a docker container. And gnome-keyring fails to > start: > > https://gist.github.com/x-yuri/c3c715ea6355633de4546ae957a66410 > > I added debug statements, and in the log I see: > > May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Start > gnome-keyring for the Secrets Service, and PKCS #11... > May 02 05:09:02 ab6aaba04124 gnome-keyring-d[309]: -- main: 1046 > May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: > gnome-keyring-daemon: no process capabilities, insecure memory might > get used > May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- > fork_and_print_environment: fork(), parent, 653 > May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- > fork_and_print_environment: fork(), child, 684 > May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: couldn't > access control socket: /run/user/1000/keyring/control: No such file or > directory > May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- > fork_and_print_environment: exit(0), 680 > May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- main: > return 0, 1210 > May 02 05:10:32 ab6aaba04124 systemd[109]: gnome-keyring.service: > State 'stop-sigterm' timed out. Killing. > May 02 05:10:32 ab6aaba04124 systemd[109]: gnome-keyring.service: > Failed with result 'timeout'. > May 02 05:10:32 ab6aaba04124 systemd[109]: Failed to start Start > gnome-keyring for the Secrets Service, and PKCS #11. > ... > > I can only reproduce it on Debian 8. Which kind of makes it > unimportant. But the behavior is so weird (either gnome-keyring is > blocked in/after exit(), or systemd tries to kill a process that > exited), that I can't help but think about what is really going on > there. > So run systemd user instance with debug level logging to see which process are still left.
[systemd-devel] systemd tries to terminate a process that seems to have exited
Hi, This might be not a systemd issue. But the behavior is weird, and I'm not sure. I'm trying to run GNOME in a docker container. And gnome-keyring fails to start: https://gist.github.com/x-yuri/c3c715ea6355633de4546ae957a66410 I added debug statements, and in the log I see: May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Start gnome-keyring for the Secrets Service, and PKCS #11... May 02 05:09:02 ab6aaba04124 gnome-keyring-d[309]: -- main: 1046 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: gnome-keyring-daemon: no process capabilities, insecure memory might get used May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- fork_and_print_environment: fork(), parent, 653 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- fork_and_print_environment: fork(), child, 684 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- fork_and_print_environment: exit(0), 680 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- main: return 0, 1210 May 02 05:10:32 ab6aaba04124 systemd[109]: gnome-keyring.service: State 'stop-sigterm' timed out. Killing. May 02 05:10:32 ab6aaba04124 systemd[109]: gnome-keyring.service: Failed with result 'timeout'. May 02 05:10:32 ab6aaba04124 systemd[109]: Failed to start Start gnome-keyring for the Secrets Service, and PKCS #11. A longer version (w/ lines about a service activation): May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Start gnome-keyring for the Secrets Service, and PKCS #11... May 02 05:09:02 ab6aaba04124 gnome-keyring-d[309]: -- main: 1046 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: gnome-keyring-daemon: no process capabilities, insecure memory might get used May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- fork_and_print_environment: fork(), parent, 653 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- fork_and_print_environment: fork(), child, 684 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- fork_and_print_environment: exit(0), 680 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- main: return 0, 1210 May 02 05:09:02 ab6aaba04124 dbus-daemon[124]: [session uid=1000 pid=124] Activating service name='org.freedesktop.secrets' requested by ':1.19' (uid=1000 pid=251 comm="/usr/libexec/xdg-desktop-portal ") May 02 05:09:02 ab6aaba04124 gnome-keyring-d[347]: -- main: 1046 May 02 05:09:02 ab6aaba04124 org.freedesktop.secrets[347]: gnome-keyring-daemon: no process capabilities, insecure memory might get used May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[347]: couldn't access control socket: /run/user/1000/keyring/control: No such file or directory May 02 05:09:02 ab6aaba04124 dbus-daemon[124]: [session uid=1000 pid=124] Successfully activated service 'org.freedesktop.secrets' May 02 05:10:32 ab6aaba04124 systemd[109]: gnome-keyring.service: State 'stop-sigterm' timed out. Killing. May 02 05:10:32 ab6aaba04124 systemd[109]: gnome-keyring.service: Failed with result 'timeout'. May 02 05:10:32 ab6aaba04124 systemd[109]: Failed to start Start gnome-keyring for the Secrets Service, and PKCS #11. And even longer version (with duplicate and intervening lines): May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Start gnome-keyring for the Secrets Service, and PKCS #11... May 02 05:09:02 ab6aaba04124 systemd[109]: Starting GNOME Remote Desktop... May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Monitor Session leader for GNOME Session... May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Session Migration... May 02 05:09:02 ab6aaba04124 systemd[109]: Starting Rewrite dynamic launcher portal entries... May 02 05:09:02 ab6aaba04124 systemd[109]: Finished Start gnome-keyring as SSH agent. May 02 05:09:02 ab6aaba04124 systemd[109]: Started OpenSSH Agent. May 02 05:09:02 ab6aaba04124 systemd[109]: Started Monitor Session leader for GNOME Session. May 02 05:09:02 ab6aaba04124 gnome-keyring-d[309]: -- main: 1046 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: gnome-keyring-daemon: no process capabilities, insecure memory might get used May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[309]: -- fork_and_print_environment: fork(), parent, 653 May 02 05:09:02 ab6aaba04124 gnome-keyring-d[309]: -- fork_and_print_environment: fork(), parent, 653 May 02 05:09:02 ab6aaba04124 systemd[109]: Finished Rewrite dynamic launcher portal entries. May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: -- fork_and_print_environment: fork(), child, 684 May 02 05:09:02 ab6aaba04124 gnome-keyring-daemon[321]: couldn't access control socket: /run/