Hello, I'm back :) Here's what I got (correct me if I'm wrong):
Without dropped privileges, rsyslogd forks and exits. It writes the PID of the forked process in the pid file, and everyone is happy. With dropped privileges, rsyslogd forks but doesn't exit. I guess that's because the parent runs as root and needs to remain there. The pid file still contains the PID of the child process, but it's no good killing it, since the parent is still alive. While I don't know how/if it can be implemented, what makes sense to me is the following solution: - even with dropped privileges, the main rsyslogd instance should exit after the initialization is finished - in case privileges are dropped, the first child (which would run as root) should do whatever root previleges are required for. And fork a child of its own to do the unprivileged stuff - the pid file would always contain the PID of the first child. This way it would be backwards compatible, and `kill $(cat /var/run/rsyslogd.pid)` should also kill the "grandchild", if applicable - the "main" rsyslogd should always hang in there until initialization is finished and exit when there's either an error or initalization finished Does it make sense? Is it possible? Are there other/better options? Best regards, Radu 2013/1/10 Radu Gheorghe <[email protected]> > Hi Michael, > > Thanks for your input! This is what I get: > > # grep expect /etc/init/rsyslog.conf > expect fork > > # ps ax | grep rsyslog > 7465 ? Ss 0:00 rsyslogd > 7466 ? Sl 0:00 rsyslogd > # initctl status rsyslog > rsyslog start/running, process 7466 > # grep expect /etc/init/rsyslog.conf > expect daemon > > With "expect daemon" it's the same behavior, only it waits indefinitely > when I do `start rsyslog`. So it won't work. > > Looking for better solutions now. I'll be back :) > > > 2013/1/9 Michael Biebl <[email protected]> > >> And I forgot to ask: >> With "expect fork" and "expect daemon", which process is listed when you >> run >> initctl status rsyslog and does it match what you get from ps? >> >> >> -- >> Why is it that all of the instruments seeking intelligent life in the >> universe are pointed away from Earth? >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> What's up with rsyslog? Follow https://twitter.com/rgerhards >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> DON'T LIKE THAT. >> > > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
