Bug#889144: stricter PIDfile handling breaks several daemons
Michael Biebl
biebl at debian.org
Sat Feb 3 13:00:55 GMT 2018
Am 03.02.2018 um 13:27 schrieb Sven Hartge:
> Um 03:02 Uhr am 03.02.18 schrieb Michael Biebl:
>
>> Am 02.02.2018 um 20:07 schrieb Sven Hartge:
>
>>> ulogd2 drops its priviliges on its own. It needs to start as root to
>>> connect to the netlink sockets.
>
>> So, ulogd2 creates a directory /run/ulog which is owned by ulog:ulog but
>> then creates the pid file /run/ulog/ulog.pid owned by root:root.
>
> Yes.
>
>> I assume if you overwrite /usr/lib/tmpfiles.d/ulogd2.conf by creating a
>> /etc/tmpfiles.d/ulogd2.conf containing
>>
>> d /run/ulog 0755 root root - -
>>
>> ulogd2 will start properly.
>
> It does. But there must be a reason for the directory to be owned by
> ulog:ulog, no?
No idea. This is something the ulogd maintainer would have to answer.
What consequences does it have changing it? It may work for
> my simple setup but then break again for other people.
>
>> I assume, ulogd2 should either ensure the pidfile is owned ulog:ulog or
>> change the run directory to match the permissions of the pid file.
>>
>> Does munin-node have the same mismatch?
>
> It has:
>
Ok, thanks for checking.
> But, as you can see, the directory is also used by the munin-updater
> which is run as user "munin" so you can't make the directory owned by
> root.
The alternative afaics would be, that the daemon writes the pid file as
munin:munin then (or ulog:ulog for the above case).
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20180203/f9cf67d2/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list