Hi, On 24.04.2017 12:24, Michael Tremer wrote: > Hi, > > yes indeed. > > But is not 100% necessary to pass the -p parameter with the PID file. I just > removed that when ever it got difficult to use and did not even add that for new > scripts. I noticed that. 'killproc' is used in two different ways. 'killproc -p' is only used in four init-scripts (dhcp, dhcrelay, rngd and snort). All other scripts use 'killproc [PROGRAMNAME]', sometimes 'killproc [PATH][PROGRAMNAME]. As I'm not really sure about this: which solution should we prefer? > But using $DEVICE is definitely wrong in the snort script. Ok - but as far as I can see, this is working? Improving this would lead to changing the complete 'start'- and 'stop'-section: Example: ... stop) DEVICES="" if [ -r /var/run/snort_$BLUE_DEV.pid ]; then DEVICES+="$BLUE_DEV " fi if [ -r /var/run/snort_$GREEN_DEV.pid ]; then DEVICES+="$GREEN_DEV " fi if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then DEVICES+="$ORANGE_DEV " fi RED=`cat /var/ipfire/red/iface 2>/dev/null` if [ -r /var/run/snort_$RED.pid ]; then DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` fi for DEVICE in $DEVICES; do boot_mesg "Stopping Intrusion Detection System on $DEVICE..." killproc -p /var/run/snort_$DEVICE.pid /var/run done ... The whole thing began because I wanted a 'reload' section for 'snort' for use after automatic rule updates, which seems to work: ... reload) DEVICES="" if [ -r /var/run/snort_$BLUE_DEV.pid ]; then DEVICES+="$BLUE_DEV " fi if [ -r /var/run/snort_$GREEN_DEV.pid ]; then DEVICES+="$GREEN_DEV " fi if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then DEVICES+="$ORANGE_DEV " fi RED=`cat /var/ipfire/red/iface 2>/dev/null` if [ -r /var/run/snort_$RED.pid ]; then DEVICES+=`cat /var/ipfire/red/iface 2>/dev/null` fi for DEVICE in $DEVICES; do boot_mesg "Reloading Intrusion Detection System on $DEVICE..." /bin/kill -SIGHUP `cat /var/run/snort_$DEVICE.pid` evaluate_retval done ;; ... Any better solution is welcome... ;-)) Best, Matthias > -Michael > > On Sun, 2017-04-23 at 19:20 +0200, Matthias Fischer wrote: >> Hi, >> >> while searching for something else I found this: >> >> Usage for the 'killproc'-function in '/etc/init.d/'-files should be (cited): >> >> "# Function - killproc [-p pidfile] pathname [signal] >> # >> # Purpose: >> # >> # Inputs: -p pidfile, uses the specified pidfile >> # pathname, pathname to the specified program >> ..." >> >> But in the 'init'-files for 'dhcp', 'dhcrelay' and 'rndg' there is the >> PROGRAMname and in 'snort'-file '/var/run' is given. The latter leads to >> an error (FAIL) if both 'green0' and 'red0' are enabled and should be >> both stopped: >> >> ... >> killproc -p /var/run/dhcpd.pid /usr/sbin/dhcpd >> ^^^^^^ >> ... >> killproc -p /var/run/dhcrelay.pid /usr/sbin/dhcrelay >> ^^^^^^^^^ >> ... >> killproc -p /var/run/rngd.pid /usr/sbin/rngd >> ^^^^^ >> ... >> killproc -p /var/run/snort_$DEVICE.pid /var/run >> ^^^^^^^^ >> >> IMHO, all these should be changed to "pathname to the specified program" >> as cited above ('/usr/sbin'). >> >> Can anyone please confirm? >> >> Best, >> Matthias >