On Mon, Oct 29, 2018 at 12:48:19AM +0100, Antoine Jacoutot wrote:
> On Sun, Oct 28, 2018 at 07:18:53PM +0100, Sebastien Marie wrote:
> > On Sun, Oct 28, 2018 at 05:21:38PM +0100, Antoine Jacoutot wrote:
> > >
> > > Thinking about it I wonder if this shouldn't just be "fixed" in the rc.d
> > > script itself.
> >
> > it could, but I am expecting some others rc.d files to need the same
> > "fix".
> >
> > > Manually running pg_ctl as root (from /root for example) would fail the
> > > same
> > > way. So I think it's more an issue with the way pg_ctl works.
> >
> > no. pg_ctl failed because it is run as "_postgresql" under /root.
>
> Yes exactly, so it *is* an issue with the way pg_ctl works.
> Show me another utility that breaks like this.
multimedia/motion
# cd /root && rcctl -d start motion
doing _rc_parse_conf
doing _rc_quirks
motion_flags empty, using default ><
doing _rc_parse_conf /var/run/rc.d/motion
doing _rc_quirks
doing rc_check
motion
doing rc_pre
doing rc_start
doing _rc_wait start
doing rc_check
doing rc_check
[0:Unknown] [ERR] [ALL] conf_load: Error getcwd: Permission denied
doing _rc_rm_runfile
(failed)
Please note I am not against correcting it in the rc.d file. But what
bother me is the problem could only be found at runtime when manually
using rcctl (like using "doas rcctl") under private directory (/root or
if using doas if your home directory is 0700). So issues will not be
catch easily.
Possible candidates of failing daemons are the one that are started as
unpriv user (using daemon_user), and doing getcwd() at some point.
With the first caracteristic, by grepping the port tree, I found 92
candidates (file under pkg/ with "daemon_user=" string) over the 365
rc.d files (file under pkg/ with "daemon=" string). It is a lot of port
the check.
The simple method to check is to start from a working state (a program
already configured) and run:
$ doas -s
# cd /root && rcctl restart $daemon
The list is:
audio/zeya/pkg/zeya.rc
audio/squeezelite/pkg/squeezelite.rc
comms/conserver/pkg/conserver.rc
comms/lcdproc/pkg/lcdexec.rc
comms/lcdproc/pkg/lcdproc.rc
databases/mongodb/pkg/mongod.rc
databases/pgpool/pkg/pgpool.rc
databases/postgresql/pkg/postgresql.rc
databases/redis/pkg/redis.rc
databases/riak/pkg/riak.rc
databases/influxdb/pkg/influxdb.rc
databases/puppetdb5/pkg/puppetdb.rc
databases/puppetdb4/pkg/puppetdb.rc
devel/go-tools/pkg/godoc.rc
devel/jenkins/pkg/jenkins.rc
devel/py-buildbot/buildbot/pkg/buildbot.rc
devel/py-buildslave/pkg/buildbot_worker.rc
devel/subversion/pkg/svnserve.rc
devel/distcc/pkg/distccd.rc
games/wesnoth/pkg/wesnothd.rc
games/hedgewars/pkg/hedgewars_server.rc
games/ioquake3/pkg/ioq3ded.rc
games/yquake2/pkg/q2ded.rc
geo/osrm-backend/pkg/osrm_routed.rc
graphics/orthanc/server/pkg/orthanc.rc
mail/dspam/pkg/dspam.rc
mail/rmilter/pkg/rmilter.rc
misc/rocrail/pkg/rocrail.rc
multimedia/minidlna/pkg/minidlna.rc
multimedia/motion/pkg/motion.rc
net/apache-activemq/pkg/activemq.rc
net/bitlbee/pkg/bitlbee.rc
net/cvsync/pkg/cvsyncd.rc
net/ddclient/pkg/ddclient.rc
net/icinga/core2/pkg/icinga2.rc
net/mfi/pkg/mfi.rc
net/minbif/pkg/minbif.rc
net/mon/server/pkg/mon.rc
net/munin/pkg/munin_asyncd.rc
net/openfire/pkg/openfire.rc
net/fastnetmon/pkg/fastnetmon.rc
net/rrdtool/pkg/rrdcached.rc
net/bitcoin/pkg/bitcoind.rc
net/prosody/pkg/prosody.rc
net/rabbitmq/pkg/rabbitmq.rc
net/smokeping/pkg/smokeping.rc
net/transmission/pkg/transmission_daemon.rc
net/unifi/testing/pkg/unifi.rc
net/unifi/lts/pkg/unifi.rc
net/unifi/stable/pkg/unifi.rc
net/vnstat/pkg/vnstatd.rc
net/xl2tpd/pkg/xl2tpd.rc
net/mattermost-server/pkg/mattermost.rc
net/minio/server/pkg/minio.rc
net/syncthing/pkg/syncthing.rc
news/sabnzbd/pkg/sabnzbd.rc
productivity/radicale2/pkg/radicale.rc
productivity/radicale/pkg/radicale.rc
productivity/taskd/pkg/taskd.rc
security/spiped/pkg/spiped.rc
security/yubiserve/pkg/yubiserve.rc
security/vault/pkg/vault.rc
sysutils/backuppc/pkg/backuppc.rc
sysutils/logstash/pkg/logstash.rc
sysutils/salt/pkg/salt_api.rc
sysutils/netshot/pkg/netshot.rc
sysutils/uptimed/pkg/uptimed.rc
sysutils/consul/pkg/consul.rc
sysutils/consul-template/pkg/consul_template.rc
sysutils/nomad/pkg/nomad.rc
sysutils/facette/pkg/facette.rc
sysutils/serf/pkg/serf.rc
sysutils/rundeck/pkg/rundeck.rc
sysutils/riemann/pkg/riemann.rc
sysutils/grafana/pkg/grafana.rc
sysutils/prometheus/pkg/prometheus.rc
sysutils/restic-rest-server/pkg/restic_rest_server.rc
telephony/baresip/restund/pkg/restund.rc
telephony/stuntman/pkg/stunserver.rc
telephony/coturn/pkg/turnserver.rc
textproc/elasticsearch/pkg/elasticsearch.rc
textproc/solr/pkg/solr.rc
www/cntlm/pkg/cntlm.rc
www/gitea/pkg/gitea.rc
www/vnu/pkg/vnu.rc
www/puppetboard/pkg/puppetboard.rc
www/sogo/pkg/sogod.rc
www/tomcat/v6/pkg/tomcat.rc
www/tomcat/v7/pkg/tomcat.rc
www/tomcat/v8/pkg/tomcat.rc
www/trac/pkg/tracd.rc
www/kibana/pkg/kibana.rc
--
Sebastien Marie
