From owner-freebsd-rc@FreeBSD.ORG Sat Oct 14 20:00:53 2006 Return-Path: X-Original-To: freebsd-rc@hub.freebsd.org Delivered-To: freebsd-rc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B791116A403 for ; Sat, 14 Oct 2006 20:00:53 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4264243D60 for ; Sat, 14 Oct 2006 20:00:53 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k9EK0qlN006114 for ; Sat, 14 Oct 2006 20:00:52 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k9EK0qvM006113; Sat, 14 Oct 2006 20:00:52 GMT (envelope-from gnats) Date: Sat, 14 Oct 2006 20:00:52 GMT Message-Id: <200610142000.k9EK0qvM006113@freefall.freebsd.org> To: freebsd-rc@FreeBSD.org From: Yar Tikhiy Cc: Subject: Re: conf/102913: /etc/rc.d/named killall in jailed OS X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Yar Tikhiy List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Oct 2006 20:00:53 -0000 The following reply was made to PR conf/102913; it has been noted by GNATS. From: Yar Tikhiy To: Cheng-Lung Sung Cc: bug-followup@freebsd.org, llevier@argosnet.com Subject: Re: conf/102913: /etc/rc.d/named killall in jailed OS Date: Sat, 14 Oct 2006 23:57:29 +0400 On Fri, Oct 13, 2006 at 11:34:08AM +0800, Cheng-Lung Sung wrote: > try this patch? > > Index: etc/rc.d/named > =================================================================== > RCS file: /home/ncvs/src/etc/rc.d/named,v > retrieving revision 1.26 > diff -u -r1.26 named > --- etc/rc.d/named 20 Apr 2006 12:30:12 -0000 1.26 > +++ etc/rc.d/named 13 Oct 2006 03:30:41 -0000 > @@ -91,9 +91,28 @@ > if rndc stop 2>/dev/null; then > echo . > else > - echo -n ": rndc failed, trying killall: " > - if killall named; then Is it possible to use pkill(1) instead of killall(1)? The former was moved to /bin specifically for the benefit of rc.d scripts. > - echo . > + echo -n ": rndc failed, trying " > + # If we are not inside a jail, killall will kill named in jail > + # If we are inside a jail, killall is safe > + # > + if [ `$SYSCTL_N security.jail.jailed` -eq 1 ]; then > + echo -n "killall: " > + if killall named; then Ditto here. > + echo . > + fi > + else > + # If we're not in a jail, try to kill named from pidfile > + # Otherwise see if we can get from ps > + echo -n "kill pid: " > + if [ -f ${pidfile} ]; then > + kill -TERM `cat ${pidfile}` > + echo . > + else > + for i in `ps -axo command,pid,jid | awk '/^[^ ]+named/{if ($NF == 0) {print $(NF-1)}}'`; do Hmm, pkill(1) can match a process by its jid, but 0 means any non-zero jid to it. Looks like a deficiency in the otherwise convenient tool. > + kill -TERM ${i} > + echo . > + done > + fi > fi > fi > } -- Yar