> -----Original Message----- > From: [email protected] [mailto:rsyslog- > [email protected]] On Behalf Of Radu Gheorghe > Sent: Thursday, January 10, 2013 4:08 PM > To: rsyslog-users > Subject: Re: [rsyslog] Privilege drop makes stopping it (via Ubuntu > upstart) to hang > > Hello, > > I'm back :) Here's what I got (correct me if I'm wrong): > > Without dropped privileges, rsyslogd forks and exits. It writes the PID > of > the forked process in the pid file, and everyone is happy. > > With dropped privileges, rsyslogd forks but doesn't exit. I guess > that's > because the parent runs as root and needs to remain there. The pid file > still contains the PID of the child process, but it's no good killing > it, > since the parent is still alive. > > While I don't know how/if it can be implemented, what makes sense to me > is > the following solution: > - even with dropped privileges, the main rsyslogd instance should exit > after the initialization is finished
Mmmhhhh... I am puzzled by this finding. As far as termination of processes is concerned, there is no intended difference between priv drop and not. I will check the code if I can see anything. If that's due to some OS restriction, I'd be glad if someone could let me know what's going on. Rainer > - in case privileges are dropped, the first child (which would run as > root) > should do whatever root previleges are required for. And fork a child > of > its own to do the unprivileged stuff > - the pid file would always contain the PID of the first child. This > way it > would be backwards compatible, and `kill $(cat /var/run/rsyslogd.pid)` > should also kill the "grandchild", if applicable > - the "main" rsyslogd should always hang in there until initialization > is > finished and exit when there's either an error or initalization > finished > > Does it make sense? Is it possible? Are there other/better options? > > Best regards, > Radu > > > 2013/1/10 Radu Gheorghe <[email protected]> > > > Hi Michael, > > > > Thanks for your input! This is what I get: > > > > # grep expect /etc/init/rsyslog.conf > > expect fork > > > > # ps ax | grep rsyslog > > 7465 ? Ss 0:00 rsyslogd > > 7466 ? Sl 0:00 rsyslogd > > # initctl status rsyslog > > rsyslog start/running, process 7466 > > # grep expect /etc/init/rsyslog.conf > > expect daemon > > > > With "expect daemon" it's the same behavior, only it waits > indefinitely > > when I do `start rsyslog`. So it won't work. > > > > Looking for better solutions now. I'll be back :) > > > > > > 2013/1/9 Michael Biebl <[email protected]> > > > >> And I forgot to ask: > >> With "expect fork" and "expect daemon", which process is listed when > you > >> run > >> initctl status rsyslog and does it match what you get from ps? > >> > >> > >> -- > >> Why is it that all of the instruments seeking intelligent life in > the > >> universe are pointed away from Earth? > >> _______________________________________________ > >> rsyslog mailing list > >> http://lists.adiscon.net/mailman/listinfo/rsyslog > >> http://www.rsyslog.com/professional-services/ > >> What's up with rsyslog? Follow https://twitter.com/rgerhards > >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad > >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if > you > >> DON'T LIKE THAT. > >> > > > > > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST > if you DON'T LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
