[Pkg-nagios-devel] Bug#411046: PID file removal vs. privilege drop

[Ferenc Wagner]

Hi,

Creating a subdirectory owned by nagios:nagios under /var/run and
changing the config to put the PID file there would solve this problem
quite cleanly.

Still, maybe it would be better if the daemon dropped its privileges
before creating the PID file, not after.  Currently, in src/nrpe.c:

                /* write pid file */
                if(write_pid_file()==ERROR)
                        return STATE_CRITICAL;
                
                /* drop privileges */
                drop_privileges(nrpe_user,nrpe_group);

                /* make sure we're not root */
                check_privileges();

What do you think?
-- 
Regards,
Feri.