Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use systemd as subreaper #96

Closed
wants to merge 16 commits into from
Closed

Use systemd as subreaper #96

wants to merge 16 commits into from

Conversation

R1kaB3rN
Copy link
Member

@R1kaB3rN R1kaB3rN commented Apr 22, 2024
edited
Loading

Intended to be merged after 0.1 release, this pull request changes the subreaper from Valve's Reaper to systemd to reap spawned processes after a game is launched and exits.

When systemd is used as a subreaper process, a user-scoped transient unit will be created to reliably track/control all of the processes created at launch and to, optionally, manage their system resource usages (which is how Flatpak uses it). Systemd relies on Linux Control Groups (cgroups) to accomplish this, and all processes in the unit will be logically grouped together in a hierachical tree.

For clients, this means reaper does not need to be compiled on the system, eliminating the potential glibc locks when distributing reaper to old distributions, and all spawned subprocesses in that cgroup that fork/detach (e.g., winetricks) can reliably be killed. In addition, the entire process tree created after launching a game can be easily managed and monitored by the user via systemctl.

For example:

> systemctl status --user run-rc87623c08463475fbda10b1cc575cb38.scope;
● run-rc87623c08463475fbda10b1cc575cb38.scope - UMU_ID=1829980
     Loaded: loaded (/run/user/1000/systemd/transient/run-rc87623c08463475fbda10b1cc575cb38.scope; transient)
  Transient: yes
     Active: active (running) since Sun 2024-04-21 20:45:11 PDT; 3min 33s ago
      Tasks: 136 (limit: 18376)
     Memory: 1.7G (peak: 1.7G)
        CPU: 3min 33.516s
     CGroup: /user.slice/user-1000.slice/[email protected]/app.slice/run-rc87623c08463475fbda10b1cc575cb38.scope
             ├─18064 /home/foo/.local/share/umu/pressure-vessel/bin/pv-bwrap --args 21 /usr/lib/pressure-vessel/from-host/bin/press>
             ├─18122 /usr/lib/pressure-vessel/from-host/bin/pressure-vessel-adverb --generate-locales --fd 12 --regenerate-ld.so-cache >
             ├─18220 /home/foo/.local/share/Steam/compatibilitytools.d/GE-Proton9-4/files/bin/wineserver
             ├─18224 "C:\\windows\\system32\\services.exe"
             ├─18227 "C:\\windows\\system32\\winedevice.exe"
             ├─18237 "C:\\windows\\system32\\winedevice.exe"
             ├─18250 "C:\\windows\\system32\\plugplay.exe"
             ├─18256 "C:\\windows\\system32\\svchost.exe" -k LocalServiceNetworkRestricted
             ├─18268 "Z:\\home\\foo\\Games\\cafe-stella\\CafeStella.exe"
             ├─18270 "C:\\windows\\system32\\explorer.exe" /desktop
             ├─18277 "C:\\windows\\system32\\rpcss.exe"
             └─18287 "C:\\windows\\system32\\tabtip.exe"

Apr 21 20:45:11 archlinux systemd[709]: Started UMU_ID=1829980.

This unit can be closed via systemctl stop --user run-rc87623c08463475fbda10b1cc575cb38.scope from the CLI or getting the invocation ID from systemctl list-units --user -o json by its UMU_ID then stopping the unit by its name.

Subreaping via systemd will not apply to the umu Flatpak as Flatpaks apply the --die-with-parent option by default, and already uses transient scoped units internally to accomplish the same effect.

R1kaB3rN added 16 commits April 20, 2024 13:36
@R1kaB3rN
umu_consts: update logic
da58c5b
@R1kaB3rN
umu_plugins: delete enable_flatpak function
ec498eb 
- For now, execute the launcher within the Flatpak sandbox. Breaking out the sandbox via flatpak-spawn is discouraged and breaks Flatpak's security model. It may also require other Flatpak applications to make additional changes in their manifest, which they may not be supportive to do for this practice. Unless necessary or proven to be very problematic, execute within the Flatpak sandbox
@R1kaB3rN
umu_util: only copy umu_version.json and reaper
4a3eda0 
- To run games, the only required files to be in the user's home directory is the runtime platform and the reaper executable. The launcher files will remain in their system path that's been configured in build time.
@R1kaB3rN
Update Makefile to install umu-launcher in system path
45424b1 
- The directory /usr/share/steam/compatibilitytool.d is an official system path supported by Valve's Steam client to search for community-based tools and to use them as compatibility tools to run games. Instead of copying the umu-launcher directory to ~/.local/share/Steam/compatibilitytool.d we can install it in its system path. That way, there's less to copy/remove and the files there can be managed by the distribution's package manager
@R1kaB3rN
umu_util: don't pass compatibilitytools.d path
41bb93a 
- The system path compatibilitytools.d directory will be used instead
@R1kaB3rN
umu_consts: delete enum
449a51d
@R1kaB3rN
umu_run: update debug message
4823c3c
@R1kaB3rN
flatpak: limit access to ~/.local/share/Steam
d6ea130 
- The launcher only needs this directory to write Proton. For now, just limit access to this directory instead of exposing user's entire ~/.local/share
@R1kaB3rN
umu-launcher: hide umu-launcher compatibility tool
5dfed16 
- For now, hide this tool in the Steam client until the umu runtime platform is released.

- Related to Open-Wine-Components#4
@R1kaB3rN
Update tests
01bfdb4
@R1kaB3rN
Don't use Reaper as subreaper
5c65cbc 
- Instead of Valve's Reaper for subreaping, a user-transient scoped unit via systemd-run can be used instead when executing games. This is what Flatpak uses to provide resource isolation for flatpak-run commands, and this comes with some advantages such as allowing the management of processes and resource control via systemd and not requiring clients to compile Reaper. Currently, it is not possible to kill the entire process tree for a game if a gamescope window was closed. However, using systemd, if a gamescope was used for the running game and the window was closed, the entire process tree created can be killed by simply stopping it's systemd unit via `systemctl --user stop unitID` and monitored via `systemctl status --user status unitId`.
@R1kaB3rN
umu_run: use systemd as subreaper
ee929a3
@R1kaB3rN
umu_util: don't pass reference to umu system directory
b5e2e67 
- The launcher will not copy Reaper anymore
@R1kaB3rN
umu_util: update comments
9ae67b0
@R1kaB3rN
Update tests
84ca228
@R1kaB3rN
Remove subprojects from Makefile
2fdc6ee
@loathingKernel
Copy link
Contributor

loathingKernel commented Apr 22, 2024
edited
Loading

I am fully supportive of using and defaulting to systemd-run, but I am against completely removing reaper. IMO reaper should be present as a fallback.

@R1kaB3rN
Copy link
Member Author

I am fully supportive of using and defaulting to systemd-run, but I am against completely removing reaper. IMO reaper should be present as a fallback.

I'm actually have different thoughts about this, so I will close this. I think this will only be really useful if users want to apply limits or restrict capabilities to the subprocess and there is currently no use case for that. In comparison, the same effect can be achieved by building reaper into the launcher itself or using pressure-vessel-adverb --subreaper.

The former is much simpler, so I plan to just implement that instead and get rid of the reaper stuff.

@R1kaB3rN R1kaB3rN closed this May 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@R1kaB3rN @loathingKernel