Re: Moving pid files from /var/run/$name.pid to /var/run/$name/$name.pid
On Fri, 2012-08-24 at 10:31 -0400, Colin Walters wrote: > On Fri, 2012-08-24 at 13:58 +0100, Andrew Price wrote: > > > If Type=forking is set and PIDFile is unset, systemd will try to guess > > the PID of the main daemon process. I'm not sure what the guessing > > strategy is but specifying the PIDFile explicitly is probably safer, > > particularly for daemons which spawn >1 processes. > > Or you switch to non-forking, which is just plain better. We discussed > this recently on the SELinux list: [blah, hit control-return accidentally] http://marc.info/?l=selinux&m=133287147315517&w=2 There's docs in systemd.service and elsewhere on the internets too. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Moving pid files from /var/run/$name.pid to /var/run/$name/$name.pid
On Fri, 2012-08-24 at 13:58 +0100, Andrew Price wrote: > If Type=forking is set and PIDFile is unset, systemd will try to guess > the PID of the main daemon process. I'm not sure what the guessing > strategy is but specifying the PIDFile explicitly is probably safer, > particularly for daemons which spawn >1 processes. Or you switch to non-forking, which is just plain better. We discussed this recently on the SELinux list: -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Moving pid files from /var/run/$name.pid to /var/run/$name/$name.pid
Hans de Goede writes: > Today I received a bug report to mv sensorsd's pid file from > /var/run/sensorsd.pid to > /var/run/sensorsd/sensorsd.pid, see: > https://bugzilla.redhat.com/show_bug.cgi?id=851428 The traditional argument for not creating pidfiles directly in /var/run is that a daemon that does that has to be started as root, else it won't have permission to write /var/run. A daemon that is intended to run under some non-root UID works a lot better if you make a subdirectory owned by that UID. mysql, for instance, has always used /var/run/mysqld/mysqld.pid. I know nothing about the security level of sensorsd --- if it has to be root-privileged anyway, this argument doesn't have any force for you. But it's generally safer to avoid running daemons as root if that's not absolutely necessary. > Making the requested change means making changes to the daemon C-code, > and if we then upstream these changes, they will cause issues for > other distro's. So I think that upstreaming the necessary changes is > going to be a problem. IMO, if a daemon makes any such assumption in a nonconfigurable way, it's broken and upstream ought to be willing to take back a patch to make it configurable. /var/run is not a universal standard. You don't have to look any further than /var/run versus /run to realize that some flexibility there is a good idea for any upstream that has any portability pretensions whatsoever. regards, tom lane -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Moving pid files from /var/run/$name.pid to /var/run/$name/$name.pid
On 24/08/12 13:41, Colin Walters wrote: On Fri, 2012-08-24 at 10:08 +0200, Hans de Goede wrote: /var/run/$name.pid is the standard pid file location for daemons and has been so for ages. A lot of distros depend on this, and we used to depend on it until we moved to systemd which no longer cares about pid files. Right, so why not just configure the daemon to stop writing the pid file at all? From systemd.service(5): PIDFile= Takes an absolute file name pointing to the PID file of this daemon. Use of this option is recommended for services where Type= is set to forking. systemd will read the PID of the main process of the daemon after start-up of the service. If Type=forking is set and PIDFile is unset, systemd will try to guess the PID of the main daemon process. I'm not sure what the guessing strategy is but specifying the PIDFile explicitly is probably safer, particularly for daemons which spawn >1 processes. Andy -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Moving pid files from /var/run/$name.pid to /var/run/$name/$name.pid
On Fri, 2012-08-24 at 10:08 +0200, Hans de Goede wrote: > /var/run/$name.pid is the standard pid file location for daemons and has been > so > for ages. A lot of distros depend on this, and we used to depend on it until > we > moved to systemd which no longer cares about pid files. Right, so why not just configure the daemon to stop writing the pid file at all? -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Moving pid files from /var/run/$name.pid to /var/run/$name/$name.pid
Hi, Today I received a bug report to mv sensorsd's pid file from /var/run/sensorsd.pid to /var/run/sensorsd/sensorsd.pid, see: https://bugzilla.redhat.com/show_bug.cgi?id=851428 As discussed there, I think / guess that the same request has probably been made for other daemons and I'm not sure if that is a good idea, because: /var/run/$name.pid is the standard pid file location for daemons and has been so for ages. A lot of distros depend on this, and we used to depend on it until we moved to systemd which no longer cares about pid files. Let me quote a snippet from /etc/init.d/functions # Set $pid to pids from /var/run* for {program}. $pid should be declared # local in the caller. # Returns LSB exit code for the 'status' action. __pids_var_run() { local base=${1##*/} local pid_file=${2:-/var/run/$base.pid} Making the requested change means making changes to the daemon C-code, and if we then upstream these changes, they will cause issues for other distro's. So I think that upstreaming the necessary changes is going to be a problem. Regards, Hans -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel