I have a program spawning and communicating with CPU heavy, unstable processes, not created by me. If my app crashes or is killed by SIGKILL
, I want the subprocesses to get killed as well, so the user don´t have to track them down and kill them manually.
I know this topic has been covered before, but I have tried all methods described, and none of them seem to live up to survive the test.
I know it must be possible, since terminals do it all the time. If I run something in a terminal, and kill the terminal, the stuff always dies.
I have tried atexit
, double fork and ptys
. atexit
doesn't work for sigkill
; double fork doesn't work at all; and ptys
I have found no way to work with using python.
Today, I found out about prctl(PR_SET_PDEATHSIG, SIGKILL)
, which should be a way for child processes to order a kill on themselves, when their parent dies.
I tried to use it with popen
, but it seams to have no effect at all:
import ctypes, subprocess
libc = ctypes.CDLL('/lib/libc.so.6')
PR_SET_PDEATHSIG = 1; TERM = 15
implant_bomb = lambda: libc.prctl(PR_SET_PDEATHSIG, TERM)
subprocess.Popen(['gnuchess'], preexec_fn=implant_bomb)
In the above, the child is created and the parent exits. Now you would expect gnuchess
to receive a SIGKILL
and die, but it doesn't. I can still find it in my process manager using 100% CPU.
Can anybody tell me if there is something wrong with my use of prctl
?,
or do you know how terminals manage to kill their children?
prctl's PR_SET_DEATHSIG
can only be set for this very process that's calling prctl -- not for any other process, including this specific process's children. The way the man page I'm pointing to expresses this is "This value is cleared upon a fork()" -- fork
, of course, is the way other processes are spawned (in Linux and any other Unix-y OS).
If you have no control over the code you want to run in subprocesses (as would be the case, essentially, for your gnuchess
example), I suggest you first spawn a separate small "monitor" process with the role of keeping track of all of its siblings (your parent process can let the monitor know about those siblings' pids as it spawns them) and sending them killer signals when the common parent dies (the monitor needs to poll for that, waking up every N seconds for some N of your choice to check if the parent's still alive; use select
to wait for more info from the parent with a timeout of N seconds, within a loop).
Not trivial, but then such system tasks often aren't. Terminals do it differently (via the concept of a "controlling terminal" for a process group) but of course it's trivial for any child to block THAT off (double forks, nohup
, and so on).