Date: Sat, 04 Feb 2012 20:16:42 +0200 From: Mikolaj Golub <trociny@freebsd.org> To: Guy Helmer <ghelmer@palisadesystems.com> Cc: svn-src-head@FreeBSD.org, svn-src-all@FreeBSD.org, Andrey Zonov <andrey@zonov.org>, Pawel Jakub Dawidek <pjd@FreeBSD.org>, src-committers@FreeBSD.org Subject: Re: svn commit: r230869 - head/usr.sbin/daemon Message-ID: <86zkcy5ur9.fsf@kopusha.home.net> In-Reply-To: <27A0A960-F767-4D2C-BF3E-31F73FBF4E28@palisadesystems.com> (Guy Helmer's message of "Sat, 4 Feb 2012 10:30:00 -0600") References: <201202011641.q11Gf0j6095461@svn.freebsd.org> <20120204074201.GA1694@garage.freebsd.pl> <4F2CEB1D.10607@zonov.org> <27A0A960-F767-4D2C-BF3E-31F73FBF4E28@palisadesystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Feb 2012 10:30:00 -0600 Guy Helmer wrote: GH> On Feb 4, 2012, at 2:23 AM, Andrey Zonov wrote: >> On 04.02.2012 11:42, Pawel Jakub Dawidek wrote: >>> On Wed, Feb 01, 2012 at 04:41:00PM +0000, Guy Helmer wrote: >>>> Author: ghelmer >>>> Date: Wed Feb 1 16:40:59 2012 >>>> New Revision: 230869 >>>> URL: http://svn.freebsd.org/changeset/base/230869 >>>> >>>> Log: >>>> Change the notes about the pidfile to include Doug's preference >>>> for pre-creating the pidfile with appropriate owner and permissions. >>>> >>>> Requested by dougb >>> >>> Pre-creating pidfiles? That sounds weird. The common practise is to turn >>> eg. /var/run/<name>.pid into /var/run/<name>/pid where<name> directory >>> has appropriate permissions. Pre-creating pidfiles is simply wrong, >>> because applications create pidfile on start and unlink it on exit. >>> If application has no permission to remove files from /var/run/ it will >>> leave pidfile with stale PID in it, which is bad. Changing application >>> to truncate pidfile on exit instead of unlinking it also is a bad idea >>> especially because there is working solution - pid directory. >>> >> >> Hi, >> >> There's even worse problem - kernel closes pidfile in execvp() because of >> FD_CLOEXEC flag is set and daemon doesn't hold lock on pidfile. >> >> I reported about that earlier, but was ignored. GH> I don't understand your concern about this -- the daemon(8) program GH> exists to start a program that does not manage its own user authority or GH> pid file, and it is inappropriate to leak the open pidfile descriptor to GH> the program that daemon(8) execs. ref8-amd64:/home/trociny% uname -r 8.2-STABLE ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10 ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10 daemon: process already running, pid: 19799 kopusha:~% uname -r 10.0-CURRENT kopusha:~% daemon -p /tmp/sleep.pid sleep 10 kopusha:~% daemon -p /tmp/sleep.pid sleep 10 kopusha:~% -- Mikolaj Golub
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86zkcy5ur9.fsf>