[lsb-discuss] gLSB: sysinit: clearify algorithm for determining status of programs

Thorsten Kukuk kukuk at suse.de
Wed Sep 3 22:15:49 PDT 2003


On Wed, Sep 03, Tobias Burnus wrote:

> Hello again,
> 
> the gLSB 1.3 initfunctions.sgml contains:
> "If an entry is found in /var/run/basename.pid, then that value is
>  returned. Compliant implementations of the LSB may attempt other
>  mechanisms for determining the pid(s), although this is not required
>  (and not recommended, since a user can trick startup scripts by creating
>  processes that appear to be system programs in the process list thus
>  creating a potential security exposure)."
> 
> This explicily allows this: first checking for the pidfile and then,
> if it doesn't exist, checking the /proc system (using e.g. pidof).
> 
> There are two possible reasons for the case that there is no pidfile
> present: (a) the program doesn't use pidfiles (implicitly assumed above)
> or (b) it is not running.
> 
> This makes trouble when a daemon is started twice with different
> pid and coniguration files. My all ready cited example,
>   /usr/sbin/sshd                                 (/var/run/sshd.pid)
>   /usr/sbin/sshd -f /etc/ssh/sshd_config2 -p 123 (/var/run/zedv-sshd.pid),
> shows that   pidof $BIN  ==  pidof /usr/sbin/sshd  has no chance to
> discriminate those two. Considering that one can pass a basename instead of
> a pathname to pidofproc and killproc, things are even worse. 
> 
> I therefore would like to prohibit the checking of other pids but those
> given in the pidfile. My main problem is that at least three distributions
> use the pidof fallback: RedHat, SuSE and Debian. Thus I'm a bit reluctant to
> simply disallow this.
> 
> 
> Therefore I would really appreciate to get some feedback from the
> distributions.

I don't like it at all and I don't see a real reason why we should
change it in this way. Maybe we can say, that, if a pidfile is
given on commandline, only this should be used and no fallback
method?

  Thorsten

-- 
Thorsten Kukuk       http://www.suse.de/~kukuk/        kukuk at suse.de
SuSE Linux AG        Deutschherrnstr. 15-19        D-90429 Nuernberg
--------------------------------------------------------------------    
Key fingerprint = A368 676B 5E1B 3E46 CFCE  2D97 F8FD 4E23 56C6 FB4B




More information about the lsb-discuss mailing list