Re: can't run multiple instances of httpd, flags not visible in processes

[Ingo Schwarze]

Hi Antoine,

Antoine Jacoutot wrote on Thu, Jan 28, 2016 at 11:52:48PM +0100:

> Please give me a couple of days and I'll send a diff.

Sure, no problem, diff retracted.

Yours,
  Ingo

Re: can't run multiple instances of httpd, flags not visible in processes

[Ingo Schwarze]

Hi,

Antoine Jacoutot wrote on Thu, Jan 28, 2016 at 10:41:52AM +0100:

> As mentioned in another thread already:
> # ln -s /etc/rc.d/mydaemon /etc/rc.d/mydaemon2
> Then use mydaemon2_flags ... in rc.conf.local.

This seems to be a recurring user question.

Do you consider this addition useful?

I think rcctl(8) is the best place to document it because that's
the highest level user interface and "How do i run multiple copies
of a daemon?" is a very high-level user question, while rc.d(8)
and rc.conf(8) document lower, more technical levels.

I'd love to make the example more specific and document an actual
use case that frequently occurs in practice, but even though many
have said that such cases do occur, i can't think of any.  For
example, for httpd(8), it looks like all use cases can be solved
by running one copy and using "server ... { ... }" well in
httpd.conf(5).  So, if anybody can describe a specific use case to
make the example better, that's quite welcome.

I certainly don't want an example in the style of

  # ln -s httpd httpd2

That's a terrible name.  The next admin coming along will have no
clue what this second httpd is needed for.

Yours,
  Ingo


Index: rcctl.8
===
RCS file: /cvs/src/usr.sbin/rcctl/rcctl.8,v
retrieving revision 1.26
diff -u -p -r1.26 rcctl.8
--- rcctl.8 24 Oct 2015 17:08:36 -  1.26
+++ rcctl.8 28 Jan 2016 17:39:13 -
@@ -193,6 +193,18 @@ ntpd_user=root
 # echo $?
 0
 .Ed
+.Pp
+The recommended way to run a second copy of a given daemon for a
+different purpose is to create a symbolic link to its
+.Xr rc.d 8
+control script:
+.Bd -literal -offset indent
+# cd /etc/rc.d/
+# ln -s httpd httpd_purpose
+# rcctl set httpd_purpose flags -some options ...
+# rcctl set httpd_purpose status on
+# rcctl start httpd_purpose
+.Ed
 .Sh SEE ALSO
 .Xr rc.conf.local 8 ,
 .Xr rc.d 8

Re: can't run multiple instances of httpd, flags not visible in processes

[Stuart Henderson]

On 2016-01-28, Ingo Schwarze  wrote:
> I'd love to make the example more specific and document an actual
> use case that frequently occurs in practice, but even though many
> have said that such cases do occur, i can't think of any.  For
> example, for httpd(8), it looks like all use cases can be solved
> by running one copy and using "server ... { ... }" well in
> httpd.conf(5).  So, if anybody can describe a specific use case to
> make the example better, that's quite welcome.

Here's one use case - it might not be super-common, but it can't be
solved another way by the system administrator. snmpd can only bind
to one address, so to use it for both v4 and v6 need to run it twice
with different configurations; so you can use this in the config file:

addr="192.0.2.1"
listen on $addr

And for the second copy, snmpd_v6_flags="-D addr=2001:db8::1234".

> I certainly don't want an example in the style of
>
>   # ln -s httpd httpd2
>
> That's a terrible name.  The next admin coming along will have no
> clue what this second httpd is needed for.

Indeed, and the particular example of httpd2 would give us even
more confusion between base httpd and Apache httpd than we already
have.

Re: can't run multiple instances of httpd, flags not visible in processes

[Antoine Jacoutot]

>   # ln -s httpd httpd2
> 
> That's a terrible name.  The next admin coming along will have no

Duh, I was just making a point.

> clue what this second httpd is needed for.

As I said, I thing it'd be a worthful addition to the doc indeed.
However I don't think this should go into rcctl.

"I should document that" is what I wrote iirc; and I will.
httpd is not a good example anyway. Something like snmpd might.

Please give me a couple of days and I'll send a diff.
Thanks.

-- 
Antoine

Re: can't run multiple instances of httpd, flags not visible in processes

[Claudio Jeker]

On Thu, Jan 28, 2016 at 06:52:18PM +0100, Ingo Schwarze wrote:
> Hi,
> 
> Antoine Jacoutot wrote on Thu, Jan 28, 2016 at 10:41:52AM +0100:
> 
> > As mentioned in another thread already:
> > # ln -s /etc/rc.d/mydaemon /etc/rc.d/mydaemon2
> > Then use mydaemon2_flags ... in rc.conf.local.
> 
> This seems to be a recurring user question.
> 
> Do you consider this addition useful?
> 
> I think rcctl(8) is the best place to document it because that's
> the highest level user interface and "How do i run multiple copies
> of a daemon?" is a very high-level user question, while rc.d(8)
> and rc.conf(8) document lower, more technical levels.
> 
> I'd love to make the example more specific and document an actual
> use case that frequently occurs in practice, but even though many
> have said that such cases do occur, i can't think of any.  For
> example, for httpd(8), it looks like all use cases can be solved
> by running one copy and using "server ... { ... }" well in
> httpd.conf(5).  So, if anybody can describe a specific use case to
> make the example better, that's quite welcome.
> 
> I certainly don't want an example in the style of
> 
>   # ln -s httpd httpd2
> 
> That's a terrible name.  The next admin coming along will have no
> clue what this second httpd is needed for.
> 

In the httpd case I would consider a split horizon setup with internal and
external httpd as a kind of common setup.
So ln -s httpd httpd_internal could make sense to me.
> Yours,
>   Ingo
> 
> 
> Index: rcctl.8
> ===
> RCS file: /cvs/src/usr.sbin/rcctl/rcctl.8,v
> retrieving revision 1.26
> diff -u -p -r1.26 rcctl.8
> --- rcctl.8   24 Oct 2015 17:08:36 -  1.26
> +++ rcctl.8   28 Jan 2016 17:39:13 -
> @@ -193,6 +193,18 @@ ntpd_user=root
>  # echo $?
>  0
>  .Ed
> +.Pp
> +The recommended way to run a second copy of a given daemon for a
> +different purpose is to create a symbolic link to its
> +.Xr rc.d 8
> +control script:
> +.Bd -literal -offset indent
> +# cd /etc/rc.d/
> +# ln -s httpd httpd_purpose
> +# rcctl set httpd_purpose flags -some options ...
> +# rcctl set httpd_purpose status on
> +# rcctl start httpd_purpose
> +.Ed
>  .Sh SEE ALSO
>  .Xr rc.conf.local 8 ,
>  .Xr rc.d 8
> 

-- 
:wq Claudio

Re: can't run multiple instances of httpd, flags not visible in processes

[Remi Locherer]

On Thu, Jan 28, 2016 at 06:52:18PM +0100, Ingo Schwarze wrote:
> Hi,
> 
> Antoine Jacoutot wrote on Thu, Jan 28, 2016 at 10:41:52AM +0100:
> 
> > As mentioned in another thread already:
> > # ln -s /etc/rc.d/mydaemon /etc/rc.d/mydaemon2
> > Then use mydaemon2_flags ... in rc.conf.local.
> 
> This seems to be a recurring user question.
> 
> Do you consider this addition useful?
> 
> I think rcctl(8) is the best place to document it because that's
> the highest level user interface and "How do i run multiple copies
> of a daemon?" is a very high-level user question, while rc.d(8)
> and rc.conf(8) document lower, more technical levels.
> 
> I'd love to make the example more specific and document an actual
> use case that frequently occurs in practice, but even though many
> have said that such cases do occur, i can't think of any.  For
> example, for httpd(8), it looks like all use cases can be solved
> by running one copy and using "server ... { ... }" well in
> httpd.conf(5).  So, if anybody can describe a specific use case to
> make the example better, that's quite welcome.

I'm running several instances of dhcrelay because I can only specify
one "-i if" option. The example could look like this:

# ln -s dhcrelay dhcrelay_vlan2
# ln -s dhcrelay dhcrelay_vlan3
# rcctl set dhcrelay_vlan2 flags -i vlan2 10.0.0.2
# rcctl set dhcrelay_vlan3 flags -i vlan3 10.0.0.2

> 
> I certainly don't want an example in the style of
> 
>   # ln -s httpd httpd2
> 
> That's a terrible name.  The next admin coming along will have no
> clue what this second httpd is needed for.
> 
> Yours,
>   Ingo
> 
> 
> Index: rcctl.8
> ===
> RCS file: /cvs/src/usr.sbin/rcctl/rcctl.8,v
> retrieving revision 1.26
> diff -u -p -r1.26 rcctl.8
> --- rcctl.8   24 Oct 2015 17:08:36 -  1.26
> +++ rcctl.8   28 Jan 2016 17:39:13 -
> @@ -193,6 +193,18 @@ ntpd_user=root
>  # echo $?
>  0
>  .Ed
> +.Pp
> +The recommended way to run a second copy of a given daemon for a
> +different purpose is to create a symbolic link to its
> +.Xr rc.d 8
> +control script:
> +.Bd -literal -offset indent
> +# cd /etc/rc.d/
> +# ln -s httpd httpd_purpose
> +# rcctl set httpd_purpose flags -some options ...
> +# rcctl set httpd_purpose status on
> +# rcctl start httpd_purpose
> +.Ed
>  .Sh SEE ALSO
>  .Xr rc.conf.local 8 ,
>  .Xr rc.d 8

Re: can't run multiple instances of httpd, flags not visible in processes

[Alexandre Ratchov]

On Wed, Jan 27, 2016 at 10:51:50PM +0100, Reyk Floeter wrote:
> 
> Well, we "tradionally" had setproctitle("[priv]") in the parent.  I
> changed the tradition to setproctitle("parent").
> 
> I have no objections with changing this in the parent (but keeping the
> setproctitles in the children) to either the default (all command line
> flags) or to something like setproctitle("parent, %s", conffile).
> Command line flags suck and I don't think that -d or -v would be
> helpful in the output, so I prefer the latter.
> 
> All rc scripts would have to be adjusted by somebody with better rc-fu.
> 
> Opinions?
> 

another option would be to call setproctitle() only in the child
processes (or processes you're not supposed to kill), that's what
we do for sndiod to allow multiple instances to run allowing the
user to kill the right one:

$ ps ax |grep sndiod  
14501 ??  Ssp 0:00.00 sndiod: helper (sndiod)
32743 ??  S

Re: can't run multiple instances of httpd, flags not visible in processes

[Jiri B]

On Thu, Jan 28, 2016 at 09:49:32AM +0100, Alexandre Ratchov wrote:
> $ ps ax |grep sndiod  
> 14501 ??  Ssp 0:00.00 sndiod: helper (sndiod)
^^ excuse my ignorance
but what's purpose of repeating daemon name in brackets?

j.

Re: can't run multiple instances of httpd, flags not visible in processes

[Antoine Jacoutot]

> Fine, this is what I suggested as the first option.
> 
> But let's do it everywhere and not just for httpd -
> don't use setproctitle in the parent process.
> 
> It does make sense for many more privsep daemons, especially in combination
> with rdomains (ntpd, iked, …). bgpd would probably not need it, but it does
> not harm
> and I'd prefer to change it for consistency (please don't forget that we try
> to keep
> the daemons synced somehow - it's an ecosystem).

I couldn't agree more.

-- 
Antoine

Re: can't run multiple instances of httpd, flags not visible in processes

[Paolo Aglialoro]

When this goes implemented, how will one start/stop/reload/check the single
instance or all instances through /etc/rc.d/ ?

Re: can't run multiple instances of httpd, flags not visible in processes

[Stuart Henderson]

On 2016/01/28 08:50, Reyk Floeter wrote:
> > On 27.01.2016, at 23:31, Stuart Henderson  wrote:
> >
> > This does the trick. It probably doesn't make sense to run multiple
> > copies of all of the privsep daemons though I see definite use cases
> > for httpd, snmpd [v4 and v6 need separate daemons], and possibly some
> > others, but it would be better to keep them all in-sync..
> >
>
> Fine, this is what I suggested as the first option.
>
> But let's do it everywhere and not just for httpd -
> don't use setproctitle in the parent process.
>
> It does make sense for many more privsep daemons, especially in combination
> with rdomains (ntpd, iked, …). bgpd would probably not need it, but it
does not harm
> and I'd prefer to change it for consistency (please don't forget that we try
to keep
> the daemons synced somehow - it's an ecosystem).

Yes exactly, that's why I said "it would be better to keep them
all in-sync", but no point writing a diff for the 13 daemons
which do the same thing (and figuring out what to do with the
other not-quite-similar ones, if anything) unless we are agreed
on the direction.

Re: can't run multiple instances of httpd, flags not visible in processes

[Antoine Jacoutot]

On Thu, Jan 28, 2016 at 10:29:56AM +0100, Paolo Aglialoro wrote:
> When this goes implemented, how will one start/stop/reload/check the single
> instance or all instances through /etc/rc.d/ ?

You'll have a different rc.d script and associated rc.conf variables for each 
of your instances.
Actually not really a "different" rc.d script, just a link to the original one 
which already works for daemons that properly display their args in the process 
list.

As mentioned in another thread already:
# ln -s /etc/rc.d/mydaemon /etc/rc.d/mydaemon2
Then use mydaemon2_flags ... in rc.conf.local.

-- 
Antoine

Re: can't run multiple instances of httpd, flags not visible in processes

[Antoine Jacoutot]

On Thu, Jan 28, 2016 at 10:45:31AM +0100, Kamil Cholewiński wrote:
> On Thu, 28 Jan 2016, Paolo Aglialoro  wrote:
> > When this goes implemented, how will one start/stop/reload/check the single
> > instance or all instances through /etc/rc.d/ ?
> 
> I hate to repeat myself, but runit solves all of these problems cleanly,
> with no need for ps grepping, with no patches in the daemons necessary,
> and with minimal setup.
> 
> sv restart /var/services/httpd1
> sv restart /var/services/httpd2

I don't see why we wouldn't want to properly fix this in rc.d which is in base 
in the first place.
It's alright to use an external service supervisor when there's a very specific 
need, but in this case I see no reason for it.

-- 
Antoine

Re: can't run multiple instances of httpd, flags not visible in processes

[Kamil Cholewiński]

On Thu, 28 Jan 2016, Paolo Aglialoro  wrote:
> When this goes implemented, how will one start/stop/reload/check the single
> instance or all instances through /etc/rc.d/ ?

I hate to repeat myself, but runit solves all of these problems cleanly,
with no need for ps grepping, with no patches in the daemons necessary,
and with minimal setup.

sv restart /var/services/httpd1
sv restart /var/services/httpd2

Re: can't run multiple instances of httpd, flags not visible in processes

[lists]

Thu, 28 Jan 2016 18:52:18 +0100 Ingo Schwarze 
> I'd love to make the example more specific and document an actual
> use case that frequently occurs in practice, but even though many
> have said that such cases do occur, i can't think of any.

I have this use case, and have not found quickly a better solution but
to copy manually the script in /etc/rd.d for tftpd to tftpd2 and invoke
them separately with different tftpd_flags and tftpd2_flags set in
rc.conf.local(8), maybe out of ignorance.

Does network boot multiple archs from the same serving multi-homed
(different IP addresses same sub-network) system require multiple
instances of the tftpd(8) or can it serve multiple directories on
different IP addresses with one running instance?

Re: can't run multiple instances of httpd, flags not visible in processes

[Stuart Henderson]

On 2016-01-27, Antoine Jacoutot  wrote:
> On Wed, Jan 27, 2016 at 12:30:08PM +0100, Reyk Floeter wrote:
>> On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote:
>> > Hi,
>> > 
>> > I can't run multiple instances of httpd via rc.d as I can't distinguish
>> > between httpd instances. ps aux never show flags passed to httpd.
>> > 
>> > Could httpd be extended to show flags like sshd does it?
>> > 
>> > root 15681  0.0  0.1  1196  2308 ??  Ssp   12:08PM0:00.05 httpd: 
>> > parent (httpd)
>> > 
>> > vs
>> > 
>> > root 17247  0.0  0.1   920  1376 ??  Ss12:09PM0:00.03 
>> > /usr/sbin/sshd -f /etc/ssh/test_sshd_config
>> > 
>> > Or is there any other way to distinguish between two httpd instances?
>> > 
>> > j.
>> > 
>> 
>> Interesting point, I never thought about it.
>
> That's not httpd specific. Most of our privilege separated daemons do that 
> and it sucks :-)

This does the trick. It probably doesn't make sense to run multiple
copies of all of the privsep daemons though I see definite use cases
for httpd, snmpd [v4 and v6 need separate daemons], and possibly some
others, but it would be better to keep them all in-sync..

Index: etc/rc.d/httpd
===
RCS file: /cvs/src/etc/rc.d/httpd,v
retrieving revision 1.3
diff -u -p -r1.3 httpd
--- etc/rc.d/httpd  22 Jul 2014 17:37:16 -  1.3
+++ etc/rc.d/httpd  27 Jan 2016 22:22:11 -
@@ -6,6 +6,4 @@ daemon="/usr/sbin/httpd"
 
 . /etc/rc.d/rc.subr
 
-pexp="httpd: parent.*"
-
 rc_cmd $1
Index: usr.sbin/httpd/httpd.c
===
RCS file: /cvs/src/usr.sbin/httpd/httpd.c,v
retrieving revision 1.53
diff -u -p -r1.53 httpd.c
--- usr.sbin/httpd/httpd.c  3 Dec 2015 11:46:25 -   1.53
+++ usr.sbin/httpd/httpd.c  27 Jan 2016 22:22:11 -
@@ -248,7 +248,6 @@ main(int argc, char *argv[])
 
proc_init(ps, procs, nitems(procs));
 
-   setproctitle("parent");
log_procinit("parent");
 
if (pledge("stdio rpath wpath cpath inet dns proc ioctl sendfd",

Re: can't run multiple instances of httpd, flags not visible in processes

[Reyk Floeter]

On Wed, Jan 27, 2016 at 01:49:30PM +0100, Antoine Jacoutot wrote:
> On Wed, Jan 27, 2016 at 12:30:08PM +0100, Reyk Floeter wrote:
> > On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote:
> > > Hi,
> > > 
> > > I can't run multiple instances of httpd via rc.d as I can't distinguish
> > > between httpd instances. ps aux never show flags passed to httpd.
> > > 
> > > Could httpd be extended to show flags like sshd does it?
> > > 
> > > root 15681  0.0  0.1  1196  2308 ??  Ssp   12:08PM0:00.05 httpd: 
> > > parent (httpd)
> > > 
> > > vs
> > > 
> > > root 17247  0.0  0.1   920  1376 ??  Ss12:09PM0:00.03 
> > > /usr/sbin/sshd -f /etc/ssh/test_sshd_config
> > > 
> > > Or is there any other way to distinguish between two httpd instances?
> > > 
> > > j.
> > > 
> > 
> > Interesting point, I never thought about it.
> 
> That's not httpd specific. Most of our privilege separated daemons do that 
> and it sucks :-)
> 

Well, we "tradionally" had setproctitle("[priv]") in the parent.  I
changed the tradition to setproctitle("parent").

I have no objections with changing this in the parent (but keeping the
setproctitles in the children) to either the default (all command line
flags) or to something like setproctitle("parent, %s", conffile).
Command line flags suck and I don't think that -d or -v would be
helpful in the output, so I prefer the latter.

All rc scripts would have to be adjusted by somebody with better rc-fu.

Opinions?

Reyk

Re: can't run multiple instances of httpd, flags not visible in processes

[Reyk Floeter]

> On 27.01.2016, at 23:31, Stuart Henderson  wrote:
>
> On 2016-01-27, Antoine Jacoutot  wrote:
>> On Wed, Jan 27, 2016 at 12:30:08PM +0100, Reyk Floeter wrote:
>>> On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote:
 Hi,

 I can't run multiple instances of httpd via rc.d as I can't distinguish
 between httpd instances. ps aux never show flags passed to httpd.

 Could httpd be extended to show flags like sshd does it?

 root 15681  0.0  0.1  1196  2308 ??  Ssp   12:08PM0:00.05 httpd:
parent (httpd)

 vs

 root 17247  0.0  0.1   920  1376 ??  Ss12:09PM0:00.03
/usr/sbin/sshd -f /etc/ssh/test_sshd_config

 Or is there any other way to distinguish between two httpd instances?

 j.

>>>
>>> Interesting point, I never thought about it.
>>
>> That's not httpd specific. Most of our privilege separated daemons do that
and it sucks :-)
>
> This does the trick. It probably doesn't make sense to run multiple
> copies of all of the privsep daemons though I see definite use cases
> for httpd, snmpd [v4 and v6 need separate daemons], and possibly some
> others, but it would be better to keep them all in-sync..
>

Fine, this is what I suggested as the first option.

But let's do it everywhere and not just for httpd -
don't use setproctitle in the parent process.

It does make sense for many more privsep daemons, especially in combination
with rdomains (ntpd, iked, …). bgpd would probably not need it, but it does
not harm
and I'd prefer to change it for consistency (please don't forget that we try
to keep
the daemons synced somehow - it's an ecosystem).

Reyk

> Index: etc/rc.d/httpd
> ===
> RCS file: /cvs/src/etc/rc.d/httpd,v
> retrieving revision 1.3
> diff -u -p -r1.3 httpd
> --- etc/rc.d/httpd22 Jul 2014 17:37:16 -  1.3
> +++ etc/rc.d/httpd27 Jan 2016 22:22:11 -
> @@ -6,6 +6,4 @@ daemon="/usr/sbin/httpd"
>
> . /etc/rc.d/rc.subr
>
> -pexp="httpd: parent.*"
> -
> rc_cmd $1
> Index: usr.sbin/httpd/httpd.c
> ===
> RCS file: /cvs/src/usr.sbin/httpd/httpd.c,v
> retrieving revision 1.53
> diff -u -p -r1.53 httpd.c
> --- usr.sbin/httpd/httpd.c3 Dec 2015 11:46:25 -   1.53
> +++ usr.sbin/httpd/httpd.c27 Jan 2016 22:22:11 -
> @@ -248,7 +248,6 @@ main(int argc, char *argv[])
>
>   proc_init(ps, procs, nitems(procs));
>
> - setproctitle("parent");
>   log_procinit("parent");
>
>   if (pledge("stdio rpath wpath cpath inet dns proc ioctl sendfd",

Re: can't run multiple instances of httpd, flags not visible in processes

[Antoine Jacoutot]

> Well, we "tradionally" had setproctitle("[priv]") in the parent.  I
> changed the tradition to setproctitle("parent").
> 
> I have no objections with changing this in the parent (but keeping the
> setproctitles in the children) to either the default (all command line
> flags) or to something like setproctitle("parent, %s", conffile).
> Command line flags suck and I don't think that -d or -v would be
> helpful in the output, so I prefer the latter.

"-v" is helpful at least for rc.d which needs to match the full args list by 
default

> All rc scripts would have to be adjusted by somebody with better rc-fu.

Actually if things are properly done, the non default pexp line in the rc.d 
scripts should just be removed and that's it.

-- 
Antoine

Re: can't run multiple instances of httpd, flags not visible in processes

[Antoine Jacoutot]

> This does the trick. It probably doesn't make sense to run multiple
> copies of all of the privsep daemons though I see definite use cases
> for httpd, snmpd [v4 and v6 need separate daemons], and possibly some
> others, but it would be better to keep them all in-sync..

Yes, if we go this way, please let's keep them in sync.
There's always some cases where you'd like to run multiple copies of a daemon 
-- even temporarily (and even for the non obvious ones).

> Index: etc/rc.d/httpd
> ===
> RCS file: /cvs/src/etc/rc.d/httpd,v
> retrieving revision 1.3
> diff -u -p -r1.3 httpd
> --- etc/rc.d/httpd22 Jul 2014 17:37:16 -  1.3
> +++ etc/rc.d/httpd27 Jan 2016 22:22:11 -
> @@ -6,6 +6,4 @@ daemon="/usr/sbin/httpd"
>  
>  . /etc/rc.d/rc.subr
>  
> -pexp="httpd: parent.*"
> -

\o/ this is what I expected :-)

>  rc_cmd $1
> Index: usr.sbin/httpd/httpd.c
> ===
> RCS file: /cvs/src/usr.sbin/httpd/httpd.c,v
> retrieving revision 1.53
> diff -u -p -r1.53 httpd.c
> --- usr.sbin/httpd/httpd.c3 Dec 2015 11:46:25 -   1.53
> +++ usr.sbin/httpd/httpd.c27 Jan 2016 22:22:11 -
> @@ -248,7 +248,6 @@ main(int argc, char *argv[])
>  
>   proc_init(ps, procs, nitems(procs));
>  
> - setproctitle("parent");
>   log_procinit("parent");
>  
>   if (pledge("stdio rpath wpath cpath inet dns proc ioctl sendfd",
> 

-- 
Antoine

Re: can't run multiple instances of httpd, flags not visible in processes

[Reyk Floeter]

On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote:
> Hi,
> 
> I can't run multiple instances of httpd via rc.d as I can't distinguish
> between httpd instances. ps aux never show flags passed to httpd.
> 
> Could httpd be extended to show flags like sshd does it?
> 
> root 15681  0.0  0.1  1196  2308 ??  Ssp   12:08PM0:00.05 httpd: 
> parent (httpd)
> 
> vs
> 
> root 17247  0.0  0.1   920  1376 ??  Ss12:09PM0:00.03 
> /usr/sbin/sshd -f /etc/ssh/test_sshd_config
> 
> Or is there any other way to distinguish between two httpd instances?
> 
> j.
> 

Interesting point, I never thought about it.

Reyk

Re: can't run multiple instances of httpd, flags not visible in processes

[Kamil Cholewiński]

> Or is there any other way to distinguish between two httpd instances?

Try runit: http://smarden.org/runit/

Re: can't run multiple instances of httpd, flags not visible in processes

[Antoine Jacoutot]

On Wed, Jan 27, 2016 at 12:30:08PM +0100, Reyk Floeter wrote:
> On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote:
> > Hi,
> > 
> > I can't run multiple instances of httpd via rc.d as I can't distinguish
> > between httpd instances. ps aux never show flags passed to httpd.
> > 
> > Could httpd be extended to show flags like sshd does it?
> > 
> > root 15681  0.0  0.1  1196  2308 ??  Ssp   12:08PM0:00.05 httpd: 
> > parent (httpd)
> > 
> > vs
> > 
> > root 17247  0.0  0.1   920  1376 ??  Ss12:09PM0:00.03 
> > /usr/sbin/sshd -f /etc/ssh/test_sshd_config
> > 
> > Or is there any other way to distinguish between two httpd instances?
> > 
> > j.
> > 
> 
> Interesting point, I never thought about it.

That's not httpd specific. Most of our privilege separated daemons do that and 
it sucks :-)

-- 
Antoine

Re: can't run multiple instances of httpd, flags not visible in processes

[Aner Perez]

On 01/27/2016 06:12 AM, Jiri B wrote:

Hi,

I can't run multiple instances of httpd via rc.d as I can't distinguish
between httpd instances. ps aux never show flags passed to httpd.

Could httpd be extended to show flags like sshd does it?

root 15681  0.0  0.1  1196  2308 ??  Ssp   12:08PM0:00.05 httpd: parent 
(httpd)

vs

root 17247  0.0  0.1   920  1376 ??  Ss12:09PM0:00.03 
/usr/sbin/sshd -f /etc/ssh/test_sshd_config

Or is there any other way to distinguish between two httpd instances?

j.



You could always run fstat(1) on the pid to see which ports it has open.

- Aner