On Tue, 5 Oct 2004 00:23, Chris Adams <cmadams@xxxxxxxxxx> wrote: > I opened a Bugzilla requesting enhancement to the init.d functions a > couple of years ago because of this: > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=63440 When sending a signal to a daemon to be sure that we get things right we need to check: PID number in pidfile (which needs to be in a subdirectory for a non-root process to be able to restart itself). Executable that is being run. If the daemon crashes and another process gets the same pid then we don't want to kill the wrong thing, checking that the program matches the daemon is a good way to do it. The start-stop-daemon program used in Debian does this. One issue with such checks is that you must stop the daemon before upgrading it, otherwise an attempt to stop it will fail because the executable for the daemon no longer exists. For SE Linux we also want to check the security context. It's not difficult to ask the kernel what happens when the domain specified in /etc/selinux/strict/contexts/initrc_context executes the type of the executable for the daemon and then check that the process to be killed is running in the domain in question. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
