Your message dated Tue, 15 Mar 2022 03:50:19 +0100 with message-id <Yi/+61z/[email protected]> and subject line Re: Bug#1001054: /sbin/start-stop-daemon: start-stop-daemon --exec should fall back to other methods if readlink fails has caused the Debian Bug report #1001054, regarding s-s-d: --exec should fall back to other methods if readlink fails to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 1001054: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001054 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: dpkg Version: 1.20.9 Severity: normal File: /sbin/start-stop-daemon Hi, I was debugging an init script in a Debian Docker container, and found it always fails to stop the daemon. Upon a closer inspection, I found that --exec, which init-d-script always passed, never matches the executable, even if a PID file is used. I then checked the source and tried to do the steps manually: root@d351c00abb80:/# ls /proc/1841/exe -l ls: cannot read symbolic link '/proc/1841/exe': Permission denied lrwxrwxrwx 1 sphinxsearch sphinxsearch 0 Dec 3 08:46 /proc/1841/exe In fact, cwd and root are also inaccessible. I’m not sure it’s some security setting Docker applies or is it something becaue of the containers, but the fact is that --exec is unusable in this setting. I guess falling back to other matching methods might be more useful than failing to stop at all. -- Cheers, Andrej
--- End Message ---
--- Begin Message ---Hi! On Wed, 2021-12-15 at 00:17:46 +0100, Guillem Jover wrote: > On Fri, 2021-12-03 at 09:56:34 +0100, Andrej Shadura wrote: > > Package: dpkg > > Version: 1.20.9 > > Severity: normal > > File: /sbin/start-stop-daemon > > > I was debugging an init script in a Debian Docker container, and found > > it always fails to stop the daemon. Upon a closer inspection, I found > > that --exec, which init-d-script always passed, never matches the > > executable, even if a PID file is used. I then checked the source and > > tried to do the steps manually: > > > > root@d351c00abb80:/# ls /proc/1841/exe -l > > ls: cannot read symbolic link '/proc/1841/exe': Permission denied > > lrwxrwxrwx 1 sphinxsearch sphinxsearch 0 Dec 3 08:46 /proc/1841/exe > > > > In fact, cwd and root are also inaccessible. I’m not sure it’s some > > security setting Docker applies or is it something becaue of the > > containers, but the fact is that --exec is unusable in this setting. > > Yes, this seems to be a known regression in docker, see > <https://github.com/moby/moby/issues/40713> and all related bugs > closed w/o any action. It seems you can workaround this by running the > docker image with ptrace Linux capabilities (even though that looks > rather unintuitive). > > > I guess falling back to other matching methods might be more useful than > > failing to stop at all. > > I don't think that would be safe at all, as the interface is expected > to AND all the match options, to properly select what to act on. And > in any case this looks like a bug in docker anyway. > > Given the above I'm going to be closing this, unless there's a very > compelling argument to do otherwise. Thus, closing it now. Thanks, Guillem
--- End Message ---
