[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8703) slapd should create its PID file before dropping privileges

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8703) slapd should create its PID file before dropping privileges
From: hyc@symas.com
Date: Wed, 06 Sep 2017 13:29:51 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

michael@orlitzky.com wrote:
> On 09/06/2017 08:29 AM, Howard Chu wrote:
>>> 6. I run "/etc/init.d/slapd stop" to stop the daemon while I investigate
>>>     the weird behavior resulting from the hack.
>>
>> Even if that were possible, it's clearly a bug in the init script, which
>> failed to check that the process with that PID was the process it was
>> expecting to find. Note that this is something any init script needs to do
>> anyway, since PID files can go stale and some other process may be using the
>> PID by the time you reference the file.
> 
> Have you ever seen such an init script?
> 
> How should the init system know what process it was expecting to find,
> if not by reading that process's PID from the PID file?

Learn something about Unix, please.

Use the ps command to verify that the process at least has the correct name. 
The init script should know it's looking for a process named slapd, not init.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#8703) slapd should create its PID file before dropping privileges
Next by Date: Re: (ITS#8703) slapd should create its PID file before dropping privileges
Index(es):
- Chronological
- Thread