Am 06.01.2023 um 18:06 schrieb Michael Catanzaro
<mcatanzaro(a)redhat.com>:
...
I think most of the feedback on this change can be summarized as:
(a) Specific services want longer timeouts.
This can already be configured via existing configuration mechanisms, so I think it's
safe enough to ignore this problem. E.g. if a quick shutdown will brick your Pinephone
modem or corrupt your database, then whatever service is involved there should request a
larger timeout.
As several posts have shown, it is specifically not safe to ignore the problem. It is a
mystery to me how you can come to this assessment.
We don't know if all affected services explicitly request a longer timeout. We
don't have a test procedure nor a QA criterion for this that is testable. We don't
know how many rely on the current default timeout because it has worked so far. And in
view of these known circumstances to introduce a "quick shutdown" so
nonchalantly and without exact data and tests is simply irresponsible and endangers the
good reputation of the distribution and especially Fedora Server known to run reliably
stable with (or in spite of) a quick release sequence.
And it does not take into account in any way the other fact, expressed here in several
posts, that it is not a problem of individual, singular processes, but the interaction of
several processes in the specific shutdown situation, whereby individual processes can not
terminate themselves as quickly as they do in normal circumstances. And it's obviously
a non-determinant random process that turns out differently for each shutdown.
The current timeout may not be perfect, but long experience shows that in the vast
majority of cases the value results in a safe, uncorrupted shutdown. We do not have a
wave of complaints about system corruption after shutdown.
And the current value may be the result of a wild guess. I do not know how it was
achieved. But replacing one wild guess with another wild guess that introduces additional,
unpredictable risks is not a sound and robust approach (and that is true not only for
server, by the way).
(b) Also, Fedora Server wants to opt out of this change entirely.
But I think all other Fedora editions and spins do want this change, so we shouldn't
make it a Workstation-specific change. Maybe we can change systemd defaults and Fedora
Server could install a configuration override?
You are welcome to do the work on such a configuration override. If you can guarantee to
successfully complete this task in time, that's OK. Our work schedule is already at
capacity, and without free resources, unfortunately.
--
Peter Boy
https://fedoraproject.org/wiki/User:Pboy
pboy(a)fedoraproject.org
Timezone: CET (UTC+1) / CEST (UTC+2)
Fedora Server Edition Working Group member
Fedora docs team contributor and board member
Java developer and enthusiast