From owner-freebsd-ports-bugs@FreeBSD.ORG Sat Jul 24 12:30:05 2010 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D576D106564A for ; Sat, 24 Jul 2010 12:30:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 925DD8FC14 for ; Sat, 24 Jul 2010 12:30:05 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o6OCU551069373 for ; Sat, 24 Jul 2010 12:30:05 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o6OCU55g069370; Sat, 24 Jul 2010 12:30:05 GMT (envelope-from gnats) Resent-Date: Sat, 24 Jul 2010 12:30:05 GMT Resent-Message-Id: <201007241230.o6OCU55g069370@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Michael Scheidell Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 195C11065675 for ; Sat, 24 Jul 2010 12:23:50 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 088468FC18 for ; Sat, 24 Jul 2010 12:23:50 +0000 (UTC) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o6OCNnI1012209 for ; Sat, 24 Jul 2010 12:23:49 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id o6OCNnZt012196; Sat, 24 Jul 2010 12:23:49 GMT (envelope-from nobody) Message-Id: <201007241223.o6OCNnZt012196@www.freebsd.org> Date: Sat, 24 Jul 2010 12:23:49 GMT From: Michael Scheidell To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: ports/148893: UPDATE fix security/swatch rc.d script X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Jul 2010 12:30:06 -0000 >Number: 148893 >Category: ports >Synopsis: UPDATE fix security/swatch rc.d script >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Jul 24 12:30:05 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Michael Scheidell >Release: 6.2 - 7.3 >Organization: SECNAP Network Security >Environment: i386, sparc64 and amd64 >Description: many rc.d scripts that use perl may not function correctly unless procname=/usr/local/bin/perl is set. if it can't find the pid, a restart or start will just start multiple copies of swatch. critical maintenance functions, scripts, routines might be duplicated, causing strange problems. example is swatch, since, at least 6.2 days. ./rc.d/swatch(.sh) status can't find swatch, since rc.subr is trying to find a PROGRAM called swatch and can't. set procname, and it can find it. /usr/local/etc/rc.d/swatch restart swatch not running? Starting swatch. ionspam.spammertrap.net# ps -auxww | grep swatch root 25957 2.5 1.4 9000 7364 ?? Ss 8:09AM 0:00.00 /usr/local/bin/perl /tmp/.swatch_script.25955 root 19676 0.0 0.4 9004 1896 ?? Is 17Jul10 0:00.60 /usr/local/bin/perl /tmp/.swatch_script.19674 root 25960 0.0 0.2 3312 948 p0 S+ 8:09AM 0:00.00 grep swatch ionspam.spammertrap.net# ionspam.spammertrap.net# pkill -9 -f swatch ionspam.spammertrap.net# ps -auxww | grep swatch root 25970 0.0 0.2 3312 960 p0 S+ 8:10AM 0:00.00 grep swatch ionspam.spammertrap.net# /usr/local/etc/rc.d/swatch start Starting swatch. ionspam.spammertrap.net# /usr/local/etc/rc.d/swatch status swatch is not running. ionspam.spammertrap.net# ps -auxww | grep swatch root 25980 1.4 1.4 9000 7380 ?? Ss 8:10AM 0:00.00 /usr/local/bin/perl /tmp/.swatch_script.25978 root 25995 0.0 0.2 3312 960 p0 S+ 8:10AM 0:00.00 grep swatch ionspam.spammertrap.net# pkill -9 -f swatch ionspam.spammertrap.net# patch swatch < patch.txt ionspam.spammertrap.net# /usr/local/etc/rc.d/swatch start Starting swatch. ionspam.spammertrap.net# ps -auxww | grep swatch root 26029 2.8 1.4 9000 7380 ?? Ss 8:11AM 0:00.00 /usr/local/bin/perl /tmp/.swatch_script.26027 root 26037 0.0 0.2 3312 960 p0 S+ 8:11AM 0:00.00 grep swatch ionspam.spammertrap.net# /usr/local/etc/rc.d//swatch status swatch is running as pid 26029. >How-To-Repeat: ./rc.d/swatch start ./rc.d/swatch status (note: it doesn't ALWAYS miss it, can't tell you why, some systems find it, but it will ALWAYS find it if you add procname. but I have seen this since at least 6.2 sparc64. there even might be patches I submitted years ago, trying to fix it, but this will fix it and is upwards compatible. tested on 6.2 through 7.3. tested on amd64, sparc64, and i386. tested with perl 5.8.8 through 5.10. >Fix: --- /tmp/swatch 2010-07-24 08:20:28.000000000 -0400 +++ /usr/local/etc/rc.d/swatch 2010-07-24 08:11:13.000000000 -0400 @@ -23,6 +23,7 @@ rcvar=`set_rcvar` command=/usr/local/bin/swatch +procname=/usr/local/bin/perl load_rc_config ${name} >Release-Note: >Audit-Trail: >Unformatted: