[Date Prev][Date Next]
Re: (ITS#8703) slapd should create its PID file before dropping privileges
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#8703) slapd should create its PID file before dropping privileges
- From: email@example.com
- Date: Wed, 06 Sep 2017 13:29:51 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
> On 09/06/2017 08:29 AM, Howard Chu wrote:
>>> 6. I run "/etc/init.d/slapd stop" to stop the daemon while I investigate
>>> the weird behavior resulting from the hack.
>> Even if that were possible, it's clearly a bug in the init script, which
>> failed to check that the process with that PID was the process it was
>> expecting to find. Note that this is something any init script needs to do
>> anyway, since PID files can go stale and some other process may be using the
>> PID by the time you reference the file.
> Have you ever seen such an init script?
> How should the init system know what process it was expecting to find,
> if not by reading that process's PID from the PID file?
Learn something about Unix, please.
Use the ps command to verify that the process at least has the correct name.
The init script should know it's looking for a process named slapd, not init.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/