On Sun, Dec 13, 2020 at 08:24:13PM -0000, Stuart Henderson wrote: > On 2020-12-13, Harald Dunkel <[email protected]> wrote: > > On 12/13/20 7:10 PM, Theo de Raadt wrote: > >> > >> And I'm suggesting the arguments should look like this: > >> > >> pflogd: [priv] -s 160 -i pflog0 -f /var/log/pflog (pflogd) > >> pflogd: [running] -s 160 -i pflog0 -f /var/log/pflog (pflogd) > >> > >> That might allow more accurate pkill targetting. > >> > > > > Wouldn't you admit that this appears to be very fragile? If I add > > some flags to the pflogd command line then I have to verify the > > pkill commands in newsyslog.conf again. > > Obviously if the daemon is changed, the rc.d script would be changed to > cope with it. It would make sense if the newsyslog.conf command was changed > to use that too, then it would track whatever is set in pflogd_flags. > >
I was trying to solve exactly this kind of issue ages ago on application level (I was using linux at that time) and the only reliable solution I found was to use posix semaphores. How to make sure if application is still running or not using some kind of identifier for it (which *may* be a pid)? When starting application I was increasing 'application ID' semaphore number by one with SEM_UNDO flag. If application exited or was killed (doesn't matter) it was kernel job to decrease semaphore back to zero. By checking semaphore value if it is non-zero you know exactly if the process is still running (or not). I hope I'm not introducing any confusion here - it's late in my $TZ. -- Aleksander
