The danger of software suspend on servers

October 6, 2009

One of the interesting things about modern servers is that they often have the same sort of power-save support that desktops and laptops have, including the ability to be suspended in various ways. Usually this is harmless, but I am not convinced that it's a good idea in general. So, here's an amusing story to show why I feel that way.

We have some number of LTSP based X terminals that run regular X sessions on our collection of general login servers. This being the modern world, these sessions are full Gnome (or KDE) ones, and look pretty much like they would on a desktop machine (this is not always a great thing, as there are a number of applets and programs that make no sense on remote displays but don't notice this).

Once upon a time, relatively recently in fact, a user was logging out from their LTSP Gnome session and picked 'suspend' from the options menu. And, well, the machine did, because the server was capable of it and the software was willing to give it a go. Fortunately it was our least important and least used login server.

(For bonus points, the user did this on a Friday night.)

Now, part of how this happened was our slipup for not configuring Gnome to disable that particular feature (although, frankly, I blame Gnome for defaulting to allowing a remote session to suspend the machine). But part of it was because modern servers can be suspended, despite this not necessarily making a lot of sense.

(For extra amusement value, we almost didn't notice that this was what had happened, because when we came in on Monday morning it looked like the machine had spontaneously powered down so we just hit the power button and went on our way. We only clued in when we noticed an unusually large uptime for a machine that had been powered on that morning and then looked at the kernel logs.)

Written on 06 October 2009.
« The problem with security bugs is that they aren't bugs
A brief introduction to ZFS (disk) GUIDs »

Page tools: View Source, Add Comment.
Search:
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Tue Oct 6 00:01:02 2009
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.