search

aurae-runtime / auraed

Secure mTLS and gRPC backed runtime daemon. Alternative to systemd. Written in Rust.
https://aurae.io/auraed
Apache License 2.0
60 stars 11 forks source link

Prevent exit to prevent kernel panic #30

Open future-highway opened 1 year ago

future-highway commented 1 year ago

Via MalteJ, "auraed must not exit if something bad happens. When running as pid 1, we get a kernel panic, when pid 1 exits. We could trigger a reboot instead."

A panic in the daemon will only crash the thread, not the program, as everything is in a thread handled by tokio. As long as tokio's crash/exit is handled, then auraed can be prevented from exiting, hopefully.

A simple loop to restart the daemon may be an appropriate solution:

#[tokio::main]
async fn main() {
    loop {
        let exit_code = daemon().await;
        println!("daemon stopped with exit code: {}", exit_code);
        println!("restarting daemon...");
    }

    panic!("auraed should never exit!");
}

replacing https://github.com/aurae-runtime/auraed/blob/2b274806673ed958fbd5ac799cc7710cf463b758/src/bin/main.rs#L114

MalteJ commented 1 year ago

We should add a sleep at the end of the loop. Otherwise, if daemon() exits quickly we'd end up with 100% CPU usage and an infinite loop.

Vincinator commented 1 year ago

linking related Issue https://github.com/aurae-runtime/auraed/issues/22

future-highway commented 1 year ago

catch_unwind may also be useful