Project

General

Profile

Feature #8260

Check if we need to keep memlockd running longer

Added by intrigeri almost 4 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
11/13/2014
Due date:
% Done:

100%

QA Check:
Feature Branch:
Type of work:
Test
Blueprint:
Starter:
Affected tool:

Description

Our previous usage of sendsigs.omit.d to prevent sysvinit from killing memlockd on shutdown doesn't work with systemd. We should evaluate if it's worth keeping memlockd running a few more seconds, and if it is, then we should find a way to keep it around as late as possible.

If we do need to keep it around, http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons/ should be a good starting point.

History

#1 Updated by intrigeri over 3 years ago

  • Subject changed from Keep memlockd running as late as needed when running under systemd to Check if we need to keep memlockd running longer
  • Description updated (diff)
  • Type of work changed from Research to Test

In my VMs, I've never seen memory erasure fail on Tails/Jessie due to memlockd not living long enough. Next step is to test this on various bare metal hardware, and see if there's actually a problem to solve.

#2 Updated by intrigeri over 3 years ago

  • Parent task deleted (#5821)

Unparenting, so I can close the parent ticket. This is a follow-up.

#3 Updated by intrigeri over 3 years ago

  • Target version changed from Sustainability_M1 to Tails_2.0

#4 Updated by intrigeri almost 3 years ago

  • Status changed from Confirmed to Resolved
  • Assignee deleted (intrigeri)
  • % Done changed from 0 to 100

intrigeri wrote:

In my VMs, I've never seen memory erasure fail on Tails/Jessie due to memlockd not living long enough. Next step is to test this on various bare metal hardware, and see if there's actually a problem to solve.

I've tested on a few machines and have not seen issues.

Also available in: Atom PDF