| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The new S-S-D would not work with CRUX since for example exim uses
a PID file with root:mail and then there is a root!=mail mismatch.
The manual says
Warning: using this match option with a world-writable pidfile
or using it alone with a daemon that writes the pidfile as an
unprivileged (non-root) user will be refused with an error
(since version 1.19.3) as this is a security risk, because
either any user can write to it, or if the daemon gets
compromised, the contents of the pidfile cannot be trusted, and
then a privileged runner (such as an init script executed as
root) would end up acting on any system process. Using
/dev/null is exempt from these checks.
The actual code contradicts this as the mail group in our example
cannot write the PID file, only read it.
I thus have adjusted the code to only refuse the operation if the
group can write the file, too.
(Maybe this is even a "bug" that should be reported upstream?)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Hallo Jürgen.
Anbei eine Aktualisierung vom s-s-d. Ich hoffe es klappt diesmal
reibungsfrei! Ich wollte die Mail erst an die Liste schicken,
aber direkt an dich geht auch?
Tschüß!
Nothing much happened for Linux, except usage of dynamic instead
of fixed size buffer for errors (if you never have seen
a truncated message by s-s-d, nothing you will encounter), from
May 2016. And UIDs and GIDs are now parsed as unsigned integers,
causing failures for 0 and negative such identities, from July
2017.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
commit f6b74377 (HEAD -> refs/heads/x)
Author: Steffen (Daode) Nurpmeso <steffen@sdaoden.eu>
AuthorDate: 2017-08-12 22:32:46 +0200
Commit: Steffen (Daode) Nurpmeso <steffen@sdaoden.eu>
CommitDate: 2017-08-12 22:43:16 +0200
Debian start-stop-daemon 2017-07-04
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Hello,
you possibly want to integrate a change that can now be found on
Debian [master] with a very interesting change:
start-stop-daemon: sync with Debian (CLOCK_MONOTONIC)..
Using CLOCK_MONOTONIC instead of what was in use until today will
ensure that running actions with configured time periods will run,
and at correct times, even in the event of intermediate changes to
the system clock.
--steffen
Author: Steffen Nurpmeso <sdaoden@users.sf.net>
Date: 2015-05-11 16:38:43 +0200
start-stop-daemon: sync with Debian (CLOCK_MONOTONIC)..
Using CLOCK_MONOTONIC instead of what was in use until today will
ensure that running actions with configured time periods will run,
and at correct times, even in the event of intermediate changes to
the system clock.
|
|
|
|
scheme
|
|
start-stop-daemon [1] is a small program from debian used to
control the creation and termination of system-level processes
in a reliable and secure way.
We decided to add start-stop-daemon to our core collection and
as with most core ports it is a requirement for a working CRUX
system. Please install.
We encourage all port maintainers to use start-stop-daemon in
their rc scripts. This will improve the scripts a lot without
the need for complex shell scripting.
[1] http://man7.org/linux/man-pages/man8/start-stop-daemon.8.html
|
