From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Fischer To: development@lists.ipfire.org Subject: Re: Wrong 'pathname to specified program' for 'killproc' in some init-files!? Date: Mon, 24 Apr 2017 13:57:11 +0200 Message-ID: <88730330-6904-65a3-74c4-04796c883947@ipfire.org> In-Reply-To: <1493029444.3373.26.camel@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6992682315072021713==" List-Id: --===============6992682315072021713== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, On 24.04.2017 12:24, Michael Tremer wrote: > Hi, >=20 > yes indeed. >=20 > But is not 100% necessary to pass the -p parameter with the PID file. I just > removed that when ever it got difficult to use and did not even add that fo= r new > scripts. I noticed that. 'killproc' is used in two different ways. 'killproc -p' is only used in four init-scripts (dhcp, dhcrelay, rngd and snort). All other scripts use 'killproc [PROGRAMNAME]', sometimes 'killproc [PATH][PROGRAMNAME]. As I'm not really sure about this: which solution should we prefer? > But using $DEVICE is definitely wrong in the snort script. Ok - but as far as I can see, this is working? Improving this would lead to changing the complete 'start'- and 'stop'-section: Example: ... stop) DEVICES=3D"" if [ -r /var/run/snort_$BLUE_DEV.pid ]; then DEVICES+=3D"$BLUE_DEV " fi if [ -r /var/run/snort_$GREEN_DEV.pid ]; then DEVICES+=3D"$GREEN_DEV " fi if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then DEVICES+=3D"$ORANGE_DEV " fi RED=3D`cat /var/ipfire/red/iface 2>/dev/null` if [ -r /var/run/snort_$RED.pid ]; then DEVICES+=3D`cat /var/ipfire/red/iface 2>/dev/null` fi for DEVICE in $DEVICES; do boot_mesg "Stopping Intrusion Detection System on $DEVICE..." killproc -p /var/run/snort_$DEVICE.pid /var/run done ... The whole thing began because I wanted a 'reload' section for 'snort' for use after automatic rule updates, which seems to work: ... reload) DEVICES=3D"" if [ -r /var/run/snort_$BLUE_DEV.pid ]; then DEVICES+=3D"$BLUE_DEV " fi if [ -r /var/run/snort_$GREEN_DEV.pid ]; then DEVICES+=3D"$GREEN_DEV " fi if [ -r /var/run/snort_$ORANGE_DEV.pid ]; then DEVICES+=3D"$ORANGE_DEV " fi RED=3D`cat /var/ipfire/red/iface 2>/dev/null` if [ -r /var/run/snort_$RED.pid ]; then DEVICES+=3D`cat /var/ipfire/red/iface 2>/dev/null` fi for DEVICE in $DEVICES; do boot_mesg "Reloading Intrusion Detection System on $DEVICE..." /bin/kill -SIGHUP `cat /var/run/snort_$DEVICE.pid` evaluate_retval done ;; ... Any better solution is welcome... ;-)) Best, Matthias > -Michael >=20 > On Sun, 2017-04-23 at 19:20 +0200, Matthias Fischer wrote: >> Hi, >>=20 >> while searching for something else I found this: >>=20 >> Usage for the 'killproc'-function in '/etc/init.d/'-files should be (cited= ): >>=20 >> "# Function - killproc [-p pidfile] pathname [signal] >> # >> # Purpose: >> # >> # Inputs: -p pidfile, uses the specified pidfile >> # pathname, pathname to the specified program >> ..." >>=20 >> But in the 'init'-files for 'dhcp', 'dhcrelay' and 'rndg' there is the >> PROGRAMname and in 'snort'-file '/var/run' is given. The latter leads to >> an error (FAIL) if both 'green0' and 'red0' are enabled and should be >> both stopped: >>=20 >> ... >> killproc -p /var/run/dhcpd.pid /usr/sbin/dhcpd >> ^^^^^^ >> ... >> killproc -p /var/run/dhcrelay.pid /usr/sbin/dhcrelay >> ^^^^^^^^^ >> ... >> killproc -p /var/run/rngd.pid /usr/sbin/rngd >> ^^^^^ >> ... >> killproc -p /var/run/snort_$DEVICE.pid /var/run >> ^^^^^^^^ >>=20 >> IMHO, all these should be changed to "pathname to the specified program" >> as cited above ('/usr/sbin'). >>=20 >> Can anyone please confirm? >>=20 >> Best, >> Matthias >=20 --===============6992682315072021713==--