tech-kern: Kernel <-> init communication for shutdown

Subject: Kernel <-> init communication for shutdown
To: None <tech-kern@netbsd.org>
From: Martin Husemann <martin@duskware.de>
List: tech-kern
Date: 01/14/2001 14:22:43

I'd like to propose a slight change to /sbin/init: there are several 
architectures which have some sort of "power" button on their keyboard
(or where the "power switch" more acts like a power button), for example
macs and sparcs. Currently this button/key is ignored. Then there are other
architectures, where the "power off" button can be intercepted (like the
i386 with ACPI and made to work like the other architectures mentioned).
Actually (maybe enabled/disabled by a kernel option) this could also be
mapped to the Ctrl-Alt-DEL keysequence.)

I would prefer if the machine would react to that key/button by doing a
"shutdown -p now".

I investigated a bit and found that Solaris and Linux both implement something
similar.

Both have a special init state entry in their /etc/initab that is executed
when the "user presses power-off button" event happens. The solaris kernel
seems to send SIGPWR to all processes (which defaults reaction is SIG_IGN),
init cathes this signal and changes into the "powerfail" state. Linux seems
to use SIGKILL for this (and only sends it to process 1).

On Solaris, when inside X (running CDE) the shutdown doesn't happen imediately,
but a requester prompts the user for the action he would like to happen, giving
him "shutdown", "suspend" and "abort" as options.

I don't know, how that requester can stop init from reacting to the SIGPWR
signal (which is obviously trapped by the window manager or some other
desktop component). Maybe init just sets a timeout and if some other signal
is send to it (SIGHUP?) before the timeout expires it hapilly continues.

I'd like to implement something like this for NetBSD and am looking for 
comments on design and possible implementations. I myself find SIGPWR more
appropriate to use than SIGKILL.

One open problem we have with this is obviously we can't use a "powerfail"
state in /etc/inittab to make this configurable. We'd need to invent a
new config file (say: /etc/powerfail) that maybe just is a shellscript and
is executed instead of calling "/sbin/shutdown -p now".


Comments, suggestions, problems with this?


Martin