Harald Dunkel <[email protected]> wrote: > On 12/13/20 7:10 PM, Theo de Raadt wrote: > > > > And I'm suggesting the arguments should look like this: > > > > pflogd: [priv] -s 160 -i pflog0 -f /var/log/pflog (pflogd) > > pflogd: [running] -s 160 -i pflog0 -f /var/log/pflog (pflogd) > > > > That might allow more accurate pkill targetting. > > > > Wouldn't you admit that this appears to be very fragile?
I already spoke to that earlier. > My point is that a pid file on a volatile file system is much more > reliable than pkill/pgrep. I am not asking you to drop pkill/pgrep, > but I am missing the old -p option to pflogd. If a pflogd dies because of a bug, the pid listed in the file may be reused, and then your kill `cat pidfile` will kill the incorrect process. You are wrong because pidfiles are NOT more reliable. Where is your concrete reliable proposal?? I don't have one, and I admit it. You want to win points over which broken choice is better?
