Wrong Handling of pid files (example: fcgiwrap) forces single user mode. Am I correct?
Jim Ohlstein
jim at mailman-hosting.com
Fri Jun 2 10:15:28 UTC 2017
On Fri, 2017-06-02 at 03:02 -0700, BBlister wrote:
> Hello,
>
> One of my servers (running 10.3-RELEASE-p18) faced a serious problem
> out of
> the blue. It booted normally multiuser, but after a while it switched
> to
> single user only, terminating all networking sevices (like SSHD).
> This was
> done automatically. I was able to access it only via remote serial
> port.
>
> I found out the culprit:
> In my setup I have all the services disable in /etc/rc.conf to speed
> up the
> booting process, and when the system is up, then a crontab entry for
> every
> service like "@reboot (delay 120;/usr/local/etc/rc.d/fcgiwrap
> onerestart )"
> issues the command to initiate the specific service.
>
> All the services start from @reboot entries at crontab. But I
> discovered
> that the init script for fcgiwrap (and possible other ports that use
> similar rc files) has a serious bug, when the command 'onerestart' is
> applied.
>
> If the command line parameter onerestart is used, then this script
> first
> tries to terminate the process and then restarts it. The problem is
> that in
> the termination function has this code:
>
> ...
> fcgiwrap_stop() {
> fcgiwrap_pgrp=$(/bin/ps -o ppid= $(cat ${pidfile}))
> ...
>
> The problem is that if the ${pidfile} does not exist then this
> command
> returns the PID 1 among other PIDS, like this:
>
> /bin/ps -o ppid= $(cat /var/run/fcgiwrap/fcgiwrap.pid)
>
> cat: /var/run/fcgiwrap/fcgiwrap.pid: No such file or directory
> 72303
> 1
> 71730
> 72092
> 1
> 1
> 1
>
> and then using a command kill -TERM -- -${fcgiwrap_pgrp}
> terminates all these pids.
>
> But, PID 1 is the /sbin/init and according to init(8)
> ...init will signal the original (PID 1) init as follows:
> ....
> 1 SIGTERM Go to single-user mode
>
>
> So the fastcgiwrap sends SIGTERM to /sbin/init and then systems
> reverts to
> single user mode.
>
>
> The fix is to first check the existance of the file, like
>
> if [ -f ${pidfile} ] ; then ....
>
>
> and not just 'cat' and 'kill' whatever it returns.
Does the same thing happen if you use 'onestart' instead of 'one
restart'?
>
>
> Took me a while to debug it and found the solution, and I post it
> here to
> help future admins...
>
--
Jim Ohlstein
Professional Mailman Hosting
https://mailman-hosting.com/
More information about the freebsd-questions
mailing list