Bug#921558: lsb-base: killproc does not pass name parameter to start-stop-daemon
Control: tag -1 + patch
Hi Dmitry,
Dmitry Bogatov wrote:
> > base=${1##*/}
> > if [ ! $pidfile ]; then
> > name_param="--name $base --pidfile /var/run/$base.pid"
> > else
> > name_param="--pidfile $pidfile"
> > fi
> >
> > The if clause checks for nonempty $pidfile instead of nonempty $base to
> > decide whether --name is used.
> >
> > Also --pidfile $pidfile is always used, even when $pidfile is empty.
> >
> > I am reportig this as serious since sid's start-stop-daemon requires a
> > name parameter in addition to --pidfile when the pidfile is not owned by
> > root, therefore this bug causes init script failures. (#921205)
#924312 was another one I filed earlier today. Just forcemerged it
into this.
> I believe it would be reasonable to add '--name $base' into `else'
> clause. Opinions?
Sounds sane, I just checked that with #924311 (miredo, uses
start-stop-daemon directly, edited the init script) as well as #924312
(stunnel4, by editing /lib/lsb/init-functions) and it worked in both
cases.
Here's the change I made to /lib/lsb/init-functions (as Dmitry already
suggested):
--- /lib/lsb/init-functions~2018-11-28 20:21:37.0 +0100
+++ /lib/lsb/init-functions 2019-03-11 21:46:41.673767215 +0100
@@ -141,7 +141,7 @@
if [ ! $pidfile ]; then
name_param="--name $base --pidfile /var/run/$base.pid"
else
-name_param="--pidfile $pidfile"
+name_param="--name $base --pidfile $pidfile"
fi
sig=$(echo ${2:-} | sed -e 's/^-\(.*\)/\1/')
It though wouldn't hurt if e.g. Andreas could check if this change
would have fixed the issue in exim as well.
Regards, Axel
--
,''`. | Axel Beckert , https://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
`-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
signature.asc
Description: Digital signature
Processed: Re: Bug#921558: lsb-base: killproc does not pass name parameter to start-stop-daemon
Processing control commands: > tag -1 + patch Bug #921558 [lsb-base] lsb-base: killproc does not pass name parameter to start-stop-daemon Bug #924312 [lsb-base] stunnel4: Fails to stop with sysvinit: start-stop-daemon: matching only on non-root pidfile /var/lib/stunnel4///stunnel4.pid is insecure Added tag(s) patch. Added tag(s) patch. -- 921558: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921558 924312: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924312 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#921558: lsb-base: killproc does not pass name parameter to start-stop-daemon
control: tags -1 +moreinfo
[2019-02-06 20:20] Andreas Metzler
> Package: lsb-base
> Version: 10.2018112800
> Severity: serious
>
> Hello,
>
> there is a logic error in /lib/lsb/init-functions's killproc:
>
> base=${1##*/}
> if [ ! $pidfile ]; then
> name_param="--name $base --pidfile /var/run/$base.pid"
> else
> name_param="--pidfile $pidfile"
> fi
>
> The if clause checks for nonempty $pidfile instead of nonempty $base to
> decide whether --name is used.
>
> Also --pidfile $pidfile is always used, even when $pidfile is empty.
>
> I am reportig this as serious since sid's start-stop-daemon requires a
> name parameter in addition to --pidfile when the pidfile is not owned by
> root, therefore this bug causes init script failures. (#921205)
[ I am not familiar with src:lsb, but I need this issue resolved fixed
to keep src:sysvinit suitable for Buster. By the way, sysvinit does
not use killproc. ]
I believe it would be reasonable to add '--name $base' into `else'
clause. Opinions?
PS. Dear maintainer, are you still willing to give-up maintainership of
src:lsb ( comment in 888743)?
--
Note, that I send and fetch email in batch, once every 24 hours.
If matter is urgent, try https://t.me/kaction
--
Bug#921558: lsb-base: killproc does not pass name parameter to start-stop-daemon
On Wed, 6 Feb 2019 20:20:54 +0100 Andreas Metzler
wrote:> Hello,
Hello,
> there is a logic error in /lib/lsb/init-functions's killproc:
>
> base=${1##*/}
> if [ ! $pidfile ]; then
> name_param="--name $base --pidfile /var/run/$base.pid"
> else
> name_param="--pidfile $pidfile"
> fi
>
> The if clause checks for nonempty $pidfile instead of nonempty $base to
> decide whether --name is used.
>
> Also --pidfile $pidfile is always used, even when $pidfile is empty.
>
> I am reportig this as serious since sid's start-stop-daemon requires a
> name parameter in addition to --pidfile when the pidfile is not owned by
> root, therefore this bug causes init script failures. (#921205)
FTR, this is a change that has been implemented in start-stop-daemon
included in dpkg version >= 1.19.3, IMVHO a proper breaks might be
needed there as well
Warning: using this match option with a world-writable
pidfile or using it alone with a daemon that writes the pidfile as an
unprivileged (non-root) user will be refused with an error (since
version 1.19.3) as this is a security risk, because
either any user can write to it, or if the daemon gets compromised, the
contents of the pidfile cannot be trusted, and then a privileged
runner (such as an init script executed as root) would
end up acting on any system process. Using /dev/null is excempt from
these checks.
Bug#921558: lsb-base: killproc does not pass name parameter to start-stop-daemon
Package: lsb-base
Version: 10.2018112800
Severity: serious
Hello,
there is a logic error in /lib/lsb/init-functions's killproc:
base=${1##*/}
if [ ! $pidfile ]; then
name_param="--name $base --pidfile /var/run/$base.pid"
else
name_param="--pidfile $pidfile"
fi
The if clause checks for nonempty $pidfile instead of nonempty $base to
decide whether --name is used.
Also --pidfile $pidfile is always used, even when $pidfile is empty.
I am reportig this as serious since sid's start-stop-daemon requires a
name parameter in addition to --pidfile when the pidfile is not owned by
root, therefore this bug causes init script failures. (#921205)
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
