From Fedora Project Wiki
Line 47: Line 47:
<!-- Expand on the summary, if appropriate.  A couple sentences suffices to explain the goal, but the more details you can provide the better. -->
<!-- Expand on the summary, if appropriate.  A couple sentences suffices to explain the goal, but the more details you can provide the better. -->


Currently, services which have stalled or are misbehaving can prevent shutdown for up to 2 minutes. This causes extreme frustrating for our users - someone goes to shutdown or reboot and then unexpectedly has to wait a long time before they can do anything else.
Currently, a service that fails to stop at shutdown time can block shutdown for up to 2 minutes. This causes extreme frustrating for our users - someone goes to shutdown or reboot system, and then unexpectedly has to wait for a long time before they can do anything else.
 
When a service fails to shutdown when it is instructed to do so, it is not behaving properly, and it is preventing the system from behaving in an orderly and predictable manner. APIs exist for cases when services or apps legitimately need to prevent shutdown, and these allow the shutdown inhibit to be communicated to admins and users, so they understand what is happening.


The most common service to cause this issue is PackageKit, but there are others.
The most common service to cause this issue is PackageKit, but there are others.


The Workstation Working Group has been attempting to eliminate this bug for a number of years. Investigations have revealed that it's not possible to find and fix every misbehaving service: in some cases the misbehaviour comes from design flaws that cannot be reasonably fixed.
=== History ===
 
The Workstation Working Group has been [https://pagure.io/fedora-workstation/issue/163 attempting to deal with this issue for several years]. Investigations have revealed that it's not possible to find and fix every misbehaving service: in some cases the misbehaviour comes from design flaws that cannot be practically resolved.


An attempt has also been [https://github.com/systemd/systemd/pull/18386 made to have the unit timeout changed in upstream systemd]. That attempt did not go anywhere, despite various efforts to move it along.
An attempt has also been [https://github.com/systemd/systemd/pull/18386 made to have the unit timeout changed in upstream systemd]. That attempt did not go anywhere, despite various efforts to move it along.
To our knowledge, there are no issues that will result from forcing the affected services to stop after 15 seconds.


== Feedback ==
== Feedback ==

Revision as of 10:22, 21 December 2022

Shorter Shutdown Timer

Important.png
This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

A downstream configuration change to reduce the systemd unit timeout from 2 minutes to 15 seconds.

Owner

  • Name: catanzaro
  • Email: mcatanzaro at redhat dot com


Current status

  • Targeted release: Fedora Linux 38
  • Last updated: 2022-12-21
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

Currently, a service that fails to stop at shutdown time can block shutdown for up to 2 minutes. This causes extreme frustrating for our users - someone goes to shutdown or reboot system, and then unexpectedly has to wait for a long time before they can do anything else.

When a service fails to shutdown when it is instructed to do so, it is not behaving properly, and it is preventing the system from behaving in an orderly and predictable manner. APIs exist for cases when services or apps legitimately need to prevent shutdown, and these allow the shutdown inhibit to be communicated to admins and users, so they understand what is happening.

The most common service to cause this issue is PackageKit, but there are others.

History

The Workstation Working Group has been attempting to deal with this issue for several years. Investigations have revealed that it's not possible to find and fix every misbehaving service: in some cases the misbehaviour comes from design flaws that cannot be practically resolved.

An attempt has also been made to have the unit timeout changed in upstream systemd. That attempt did not go anywhere, despite various efforts to move it along.

To our knowledge, there are no issues that will result from forcing the affected services to stop after 15 seconds.

Feedback

The Workstation Working Group has a ticket where they have been tracking and discussing this issue. This change was also previously proposed to FESCo, where there was some discussion.

Benefit to Fedora

The primary benefit of the change will be to eliminate a very annoying and - frankly - embarrassing bug. Our users shouldn't have to randomly sit waiting for their machine to shutdown.

It will also encourage the correct use of shutdown inhibit APIs by services.

Scope

  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives: N/A (not needed for this Change)

Upgrade/compatibility impact

How To Test

Given the intermittent and unpredictable nature of the bug that is being targeted, the best way to test is by using the upcoming Fedora release. Are shutdown delays eliminated as intended? Do system services experience issues as a result of the change?

User Experience

This change will make the Fedora user experience less annoying.

Dependencies

No specific changes are required in other packages. However, service developers may want to take this opportunity to examine the shutdown behavior of their components.

Contingency Plan

  • Contingency mechanism: the change owners will revert the change in systemd.
  • Contingency deadline: if we back out the change it would be best to do it before beta freeze.
  • Blocks release? No.

Documentation

Documentation isn't required for this minor configuration change. Services that legitimately need to prevent system shutdown should use systemd inhibit. Desktop applications can use the XDG inhibit portal.

Release Notes