bin/64664: Reboot command needs to protect itself from signals

[Mike Hibler]

>Number:         64664
>Category:       bin
>Synopsis:       Reboot command needs to protect itself from signals
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 24 12:10:19 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Mike Hibler
>Release:        4.7-RELEASE
>Organization:
University of Utah
>Environment:
FreeBSD e.rroutetest.testbed.emulab.net 4.7-RELEASE FreeBSD 4.7-RELEASE #0: Thu Feb  5 19:56:28 MST 2004     root at node.fastbuild.testbed.emulab.net:/usr/src/sys/compile/TESTBED-LINKDELAY  i386
>Description:
      Invoking system("/sbin/reboot") from within a perl script causes the reboot command to be killed along with all the other processes, after it has STOPed init but before it has done the reboot syscall.  The result is that the system is terminally wedged.

The issue is that /sbin/reboot is not protecting itself adequately from signals.  It ignores SIGHUP, assuming that that is the worse thing its dying parent (or someone else) is going to try to do to it.  But it appears that perl, or at least this script, propogates the SIGTERM signal it receives on to reboot.

>How-To-Repeat:
      Doesn't happen all the time, its a timing thing.
>Fix:
      In the window between when reboot SIGTSTPs init and when it does the reboot syscall, reboot had better not die.  Thus it should block all possible signals during that window.

>Release-Note:
>Audit-Trail:
>Unformatted: