diff options
author | Evgeny Vereshchagin <evvers@ya.ru> | 2017-02-06 23:59:33 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-06 23:59:33 +0300 |
commit | 1fb85797493dde55c9db9725970343a064e9e062 (patch) | |
tree | fc7ae452dc80ab0dd81e4bfbe023a2214630456e /man/systemd-notify.xml | |
parent | 6a1da642b33cb18bdceb1fee44ddec6db812541e (diff) | |
parent | aa2039457911cc89adbf73e8a9b26ce99110e23d (diff) |
Merge pull request #5239 from poettering/notify-access-all
man: document that sd_notify() is racy in some cases
Diffstat (limited to 'man/systemd-notify.xml')
-rw-r--r-- | man/systemd-notify.xml | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/man/systemd-notify.xml b/man/systemd-notify.xml index 4a8e119eb6..8c56a6b8ed 100644 --- a/man/systemd-notify.xml +++ b/man/systemd-notify.xml @@ -72,10 +72,24 @@ <para>The command line may carry a list of environment variables to send as part of the status update.</para> - <para>Note that systemd will refuse reception of status updates - from this command unless <varname>NotifyAccess=all</varname> is - set for the service unit this command is called from.</para> - + <para>Note that systemd will refuse reception of status updates from this command unless + <varname>NotifyAccess=</varname> is set for the service unit this command is called from.</para> + + <para>Note that <function>sd_notify()</function> notifications may be attributed to units correctly only if either + the sending process is still around at the time PID 1 processes the message, or if the sending process is + explicitly runtime-tracked by the service manager. The latter is the case if the service manager originally forked + off the process, i.e. on all processes that match <varname>NotifyAccess=</varname><option>main</option> or + <varname>NotifyAccess=</varname><option>exec</option>. Conversely, if an auxiliary process of the unit sends an + <function>sd_notify()</function> message and immediately exits, the service manager might not be able to properly + attribute the message to the unit, and thus will ignore it, even if + <varname>NotifyAccess=</varname><option>all</option> is set for it.</para> + + <para><command>systemd-notify</command> will first attempt to invoke <function>sd_notify()</function> pretending to + have the PID of the invoking process. This will only succeed when invoked with sufficient privileges. On failure, + it will then fall back to invoking it under its own PID. This behaviour is useful in order that when the tool is + invoked from a shell script the shell process — and not the <command>systemd-notify</command> process — appears as + sender of the message, which in turn is helpful if the shell process is the main process of a service, due to the + limitations of <varname>NotifyAccess=</varname><option>all</option> described above.</para> </refsect1> <refsect1> |