cmd/containerboot: wait on tailscaled process only (#11897)

Modifies containerboot to wait on tailscaled process
only, not on any child process of containerboot.
Waiting on any subprocess was racing with Go's
exec.Cmd.Run, used to run iptables commands and
that starts its own subprocesses and waits on them.

Containerboot itself does not run anything else
except for tailscaled, so there shouldn't be a need
to wait on anything else.

Updates tailscale/tailscale#11593

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
pull/11901/head
Irbe Krumina 7 months ago committed by GitHub
parent 3672f29a4e
commit 45f0721530
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

@ -559,25 +559,26 @@ runLoop:
log.Println("Startup complete, waiting for shutdown signal") log.Println("Startup complete, waiting for shutdown signal")
startupTasksDone = true startupTasksDone = true
// Reap all processes, since we are PID1 and need to collect zombies. We can // Wait on tailscaled process. It won't
// only start doing this once we've stopped shelling out to things // be cleaned up by default when the
// `tailscale up`, otherwise this goroutine can reap the CLI subprocesses // container exits as it is not PID1.
// and wedge bringup. // TODO (irbekrm): perhaps we can
// replace the reaper by a running
// cmd.Wait in a goroutine immediately
// after starting tailscaled?
reaper := func() { reaper := func() {
defer wg.Done() defer wg.Done()
for { for {
var status unix.WaitStatus var status unix.WaitStatus
pid, err := unix.Wait4(-1, &status, 0, nil) _, err := unix.Wait4(daemonProcess.Pid, &status, 0, nil)
if errors.Is(err, unix.EINTR) { if errors.Is(err, unix.EINTR) {
continue continue
} }
if err != nil { if err != nil {
log.Fatalf("Waiting for exited processes: %v", err) log.Fatalf("Waiting for tailscaled to exit: %v", err)
}
if pid == daemonProcess.Pid {
log.Printf("Tailscaled exited")
os.Exit(0)
} }
log.Print("tailscaled exited")
os.Exit(0)
} }
} }
wg.Add(1) wg.Add(1)

Loading…
Cancel
Save