FWIW a shell is basically two alternating, non-overlapping event loops:
- a select() loop on the input terminal FD for getting keystrokes (e.g. GNU readline)
- the waitpid(-1) loop for running code, i.e. get the next process that exited
It never actually does both at the same time -- it doesn't wait for processes and stream input simultaneously, which is awkward without the self-pipe trick.
---
Regarding adversarial processes, yes you need something like Linux cgroups to solve that problem. In traditional Unix, a process that can run arbitrary code can always escape your attempts to kill it.
IIRC you can start a Linux process in a freezer cgroup, and stop everything in the cgroup. I recall reading the docs for an HPC platform that does that, and I'm sure Docker does it in some way too.
---
I'd be interested in where `supervise` is used in production ... it seems like there is a bigger story behind this article!
As far as your question, shells don't use signalfd() because it's Linux-only!
Most shells predate not just signalfd(), but Linux itself :) I wouldn't use it in a newer shell for portability.
If it ever came up, I probably I would use the self-pipe trick.
BTW I think there was some argument awhile ago that signalfd() is actually quite bad in the presence of threads, but a shell doesn't have threads so that doesn't matter.
https://cr.yp.to/docs/selfpipe.html
FWIW a shell is basically two alternating, non-overlapping event loops:
- a select() loop on the input terminal FD for getting keystrokes (e.g. GNU readline)
- the waitpid(-1) loop for running code, i.e. get the next process that exited
It never actually does both at the same time -- it doesn't wait for processes and stream input simultaneously, which is awkward without the self-pipe trick.
---
Regarding adversarial processes, yes you need something like Linux cgroups to solve that problem. In traditional Unix, a process that can run arbitrary code can always escape your attempts to kill it.
IIRC you can start a Linux process in a freezer cgroup, and stop everything in the cgroup. I recall reading the docs for an HPC platform that does that, and I'm sure Docker does it in some way too.
---
I'd be interested in where `supervise` is used in production ... it seems like there is a bigger story behind this article!
(copy of lobste.rs comment)