summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/build/shepherd.scm16
1 files changed, 14 insertions, 2 deletions
diff --git a/gnu/build/shepherd.scm b/gnu/build/shepherd.scm
index 14bdf4edb8..47920a7b74 100644
--- a/gnu/build/shepherd.scm
+++ b/gnu/build/shepherd.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -21,6 +21,7 @@
   #:use-module (gnu build linux-container)
   #:use-module (guix build utils)
   #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-26)
   #:use-module (ice-9 match)
   #:export (make-forkexec-constructor/container))
 
@@ -91,7 +92,10 @@
 
 ;; XXX: Lazy-bind the Shepherd to avoid a compile-time dependency.
 (module-autoload! (current-module)
-                  '(shepherd service) '(read-pid-file exec-command))
+                  '(shepherd service)
+                  '(read-pid-file exec-command %precious-signals))
+(module-autoload! (current-module)
+                  '(shepherd system) '(unblock-signals))
 
 (define* (read-pid-file/container pid pid-file #:key (max-delay 5))
   "Read PID-FILE in the container namespaces of PID, which exists in a
@@ -158,6 +162,14 @@ namespace, in addition to essential bind-mounts such /proc."
     (let ((pid (run-container container-directory
                               mounts namespaces 1
                               (lambda ()
+                                ;; First restore the default handlers.
+                                (for-each (cut sigaction <> SIG_DFL)
+                                          %precious-signals)
+
+                                ;; Unblock any signals that have been blocked
+                                ;; by the parent process.
+                                (unblock-signals %precious-signals)
+
                                 (mkdir-p "/var/run")
                                 (clean-up pid-file)