Re: Wrong 'pathname to specified program' for 'killproc' in some init-files!?

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

From: Matthias Fischer <matthias.fischer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: Wrong 'pathname to specified program' for 'killproc' in some init-files!?
Date: Mon, 24 Apr 2017 13:57:11 +0200	[thread overview]
Message-ID: <88730330-6904-65a3-74c4-04796c883947@ipfire.org> (raw)
In-Reply-To: <1493029444.3373.26.camel@ipfire.org>

[-- Attachment #1: Type: text/plain, Size: 3525 bytes --]

Hi,

On 24.04.2017 12:24, Michael Tremer wrote:
> Hi,
> 
> yes indeed.
> 
> But is not 100% necessary to pass the -p parameter with the PID file. I just
> removed that when ever it got difficult to use and did not even add that for new
> scripts.

I noticed that. 'killproc' is used in two different ways.

'killproc -p' is only used in four init-scripts (dhcp, dhcrelay, rngd
and snort). All other scripts use 'killproc [PROGRAMNAME]', sometimes
'killproc [PATH][PROGRAMNAME].

As I'm not really sure about this: which solution should we prefer?

> But using $DEVICE is definitely wrong in the snort script.

Ok - but as far as I can see, this is working?

Improving this would lead to changing the complete 'start'- and
'stop'-section:

Example:
...
 stop)
  DEVICES=""
  if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
   DEVICES+="$BLUE_DEV "
  fi
  if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
   DEVICES+="$GREEN_DEV "
  fi

  if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
   DEVICES+="$ORANGE_DEV "
  fi

  RED=`cat /var/ipfire/red/iface 2>/dev/null`
  if [ -r /var/run/snort_$RED.pid ]; then
   DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
  fi

   for DEVICE in $DEVICES; do
    boot_mesg "Stopping Intrusion Detection System on $DEVICE..."
    killproc -p /var/run/snort_$DEVICE.pid /var/run
   done
...

The whole thing began because I wanted a 'reload' section for 'snort'
for use after automatic rule updates, which seems to work:

...
 reload)
  DEVICES=""
  if [ -r /var/run/snort_$BLUE_DEV.pid ]; then
   DEVICES+="$BLUE_DEV "
  fi

  if [ -r /var/run/snort_$GREEN_DEV.pid ]; then
   DEVICES+="$GREEN_DEV "
  fi

  if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then
   DEVICES+="$ORANGE_DEV "
  fi

  RED=`cat /var/ipfire/red/iface 2>/dev/null`
   if [ -r /var/run/snort_$RED.pid ]; then
    DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null`
   fi

  for DEVICE in $DEVICES; do
   boot_mesg "Reloading Intrusion Detection System on $DEVICE..."
   /bin/kill -SIGHUP `cat /var/run/snort_$DEVICE.pid`
   evaluate_retval
  done
  ;;
...

Any better solution is welcome... ;-))

Best,

Matthias

> -Michael
> 
> On Sun, 2017-04-23 at 19:20 +0200, Matthias Fischer wrote:
>> Hi,
>> 
>> while searching for something else I found this:
>> 
>> Usage for the 'killproc'-function in '/etc/init.d/'-files should be (cited):
>> 
>> "# Function - killproc  [-p pidfile] pathname [signal]
>> #
>> # Purpose:
>> #
>> # Inputs: -p pidfile, uses the specified pidfile
>> #         pathname, pathname to the specified program
>> ..."
>> 
>> But in the 'init'-files for 'dhcp', 'dhcrelay' and 'rndg' there is the
>> PROGRAMname and in 'snort'-file '/var/run' is given. The latter leads to
>> an error (FAIL) if both 'green0' and 'red0' are enabled and should be
>> both stopped:
>> 
>> ...
>> killproc -p /var/run/dhcpd.pid /usr/sbin/dhcpd
>>                                         ^^^^^^
>> ...
>> killproc -p /var/run/dhcrelay.pid /usr/sbin/dhcrelay
>>                                            ^^^^^^^^^
>> ...
>> killproc -p /var/run/rngd.pid /usr/sbin/rngd
>>                                        ^^^^^
>> ...
>> killproc -p /var/run/snort_$DEVICE.pid /var/run
>>                                        ^^^^^^^^
>> 
>> IMHO, all these should be changed to "pathname to the specified program"
>> as cited above ('/usr/sbin').
>> 
>> Can anyone please confirm?
>> 
>> Best,
>> Matthias
>

next prev parent reply	other threads:[~2017-04-24 11:57 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-04-23 17:20 Matthias Fischer
2017-04-24 10:24 ` Michael Tremer
2017-04-24 11:57   ` Matthias Fischer [this message]
2017-04-24 14:31     ` Michael Tremer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=88730330-6904-65a3-74c4-04796c883947@ipfire.org \
    --to=matthias.fischer@ipfire.org \
    --cc=development@lists.ipfire.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox