svn commit: r230869 - head/usr.sbin/daemon
Guy Helmer
ghelmer at palisadesystems.com
Sat Feb 4 16:49:52 UTC 2012
On Feb 4, 2012, at 2:23 AM, Andrey Zonov wrote:
> On 04.02.2012 11:42, Pawel Jakub Dawidek wrote:
>> On Wed, Feb 01, 2012 at 04:41:00PM +0000, Guy Helmer wrote:
>>> Author: ghelmer
>>> Date: Wed Feb 1 16:40:59 2012
>>> New Revision: 230869
>>> URL: http://svn.freebsd.org/changeset/base/230869
>>>
>>> Log:
>>> Change the notes about the pidfile to include Doug's preference
>>> for pre-creating the pidfile with appropriate owner and permissions.
>>>
>>> Requested by dougb
>>
>> Pre-creating pidfiles? That sounds weird. The common practise is to turn
>> eg. /var/run/<name>.pid into /var/run/<name>/pid where<name> directory
>> has appropriate permissions. Pre-creating pidfiles is simply wrong,
>> because applications create pidfile on start and unlink it on exit.
>> If application has no permission to remove files from /var/run/ it will
>> leave pidfile with stale PID in it, which is bad. Changing application
>> to truncate pidfile on exit instead of unlinking it also is a bad idea
>> especially because there is working solution - pid directory.
>>
>
> Hi,
>
> There's even worse problem - kernel closes pidfile in execvp() because of FD_CLOEXEC flag is set and daemon doesn't hold lock on pidfile.
>
> I reported about that earlier, but was ignored.
I don't understand your concern about this -- the daemon(8) program exists to start a program that does not manage its own user authority or pid file, and it is inappropriate to leak the open pidfile descriptor to the program that daemon(8) execs.
Guy--------
This message has been scanned by ComplianceSafe, powered by Palisade's PacketSure.
More information about the svn-src-all
mailing list