upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-26 03:08:23 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/libexec
History
Mariusz Zaborski a6bc861c20 rc.subr: use _pidcmd to determine pid for protect 
This is a more reliable method that accounts for existing pidfiles,
procname and interpreter settings.

Current method of obtaining the pid for oomprotect="YES"|"ALL" processes
in certain cases fails to find a unique pid.

One such case are rc.d scripts defining command as:
command="daemon"

which results in all processes started via daemon being selected and
passed to protect(1) which fails and prints usage:

$ /etc/rc.d/exampled restart
Stopping exampled.
Starting exampled.
usage: protect [-i] command
   protect [-cdi] -g pgrp | -p pid

Running the same with -x reveals what happens:

+ pid='3051 4268 4390 4421 4427 4470 4588 4733 4740 4870 4949 4954 4979
5835 5866 55487 55583 56525 57643 57789 57882 58072 58167 99419'
+ /usr/bin/protect -p 3051 4268 4390 4421 4427 4470 4588 4733 4740 4870
4949 4954 4979 5835 5866 55487 55583 56525 57643 57789 57882 58072 58167
99419
usage: protect [-i] command
   protect [-cdi] -g pgrp | -p pid

We have a more reliable way of obtaining pid already defined in rc.subr
and available when protect(1) needs it. We can simply `eval $_pidcmd`
which also invokes `check_process` but properly accounts for existing
pidfile, procname and interpreter settings.

With the change the pidfile is properly obtained.

Submitted by:	Adam Wolk <a.wolk at fudosecurity.com>
Sponsored by:	Fudo Security
Differential Revision:	https://reviews.freebsd.org/D30367

Approved by:	oshogbo

(cherry picked from commit 6ba108e52d)
2022-07-07 20:12:09 +02:00
..
atf pkgbase: Install atf and kyua in the tests package 2021-01-04 16:20:47 +01:00
atrun libexec: adoption of SPDX licensing ID tags. 2017-11-27 15:25:02 +00:00
blacklistd-helper DIRDEPS_BUILD: Connect new directories and update dependencies. 2016-06-03 19:25:30 +00:00
bootpd bootp: remove the USE_BFUNCS knob 2021-10-06 02:14:39 -05:00
comsat General further adoption of SPDX licensing ID tags. 2017-11-20 19:49:47 +00:00
dma Only set WARNS if not defined 2020-09-11 13:28:37 +00:00
fingerd Update Makefile.depend files 2019-12-11 17:37:53 +00:00
flua stand: lua: enhance lfs.dir() to speed up kernels_autodetect 2021-02-03 00:55:47 -06:00
ftpd pkgbase: Create a FreeBSD-ftpd package 2022-01-05 18:23:52 +01:00
getty pkgbase: Put more binaries/lib in runtime 2022-01-05 18:23:51 +01:00
hyperv pkgbase: Create a FreeBSD-hyperv package 2022-01-05 18:23:50 +01:00
mail.local DIRDEPS_BUILD: Update dependencies. 2017-10-31 00:07:04 +00:00
makewhatis.local makewhatis: do not try to operate on read-only mounted directories 2018-10-27 17:15:58 +00:00
mknetid General further adoption of SPDX licensing ID tags. 2017-11-20 19:49:47 +00:00
phttpget phttpget: move out of portsnap 2020-09-09 00:39:47 +00:00
pppoed libexec: adoption of SPDX licensing ID tags. 2017-11-27 15:25:02 +00:00
rbootd Fix the following -Werror warning from clang 10.0.0 in rbootd: 2020-01-28 19:19:55 +00:00
rc rc.subr: use _pidcmd to determine pid for protect 2022-07-07 20:12:09 +02:00
revnetgroup General further adoption of SPDX licensing ID tags. 2017-11-20 19:49:47 +00:00
rpc.rquotad pkgbase: Create a FreeBSD-nfs package 2021-06-30 09:24:32 +02:00
rpc.rstatd General further adoption of SPDX licensing ID tags. 2017-11-20 19:49:47 +00:00
rpc.rusersd General further adoption of SPDX licensing ID tags. 2017-11-20 19:49:47 +00:00
rpc.rwalld libexec: adoption of SPDX licensing ID tags. 2017-11-27 15:25:02 +00:00
rpc.sprayd rpc.sprayd: raise WARNS to 6 2018-03-05 16:11:07 +00:00
rtld-elf Have rtld query the page size from the kernel 2022-05-03 15:04:04 +01:00
rtld-elf32 libcompat: Correct rtld MLINKS 2019-11-12 22:31:59 +00:00
save-entropy Reduce disk write load in /usr/libexec/save-entropy. 2019-11-30 20:06:53 +00:00
smrsh DIRDEPS_BUILD: Update dependencies. 2017-10-31 00:07:04 +00:00
talkd Regularize my copyright notice 2019-12-04 16:56:11 +00:00
tcpd pkgbase: Create a FreeBSD-tcpd package 2022-01-05 18:23:52 +01:00
telnetd pkgbase: Create a FreeBSD-telnet package 2022-01-05 18:23:49 +01:00
tests Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed 2016-05-04 23:20:53 +00:00
tftp-proxy (t)ftp-proxy: use libpfctl 2021-05-07 10:15:42 +02:00
tftpd When receiving a file having a length, which is a mulitple of the blocksize, 2020-12-15 09:43:18 +00:00
ulog-helper libexec: adoption of SPDX licensing ID tags. 2017-11-27 15:25:02 +00:00
ypxfr pkgbase: Put yellow pages programs to its own package 2022-01-05 18:23:51 +01:00
Makefile phttpget: move out of portsnap 2020-09-09 00:39:47 +00:00
Makefile.amd64 HYPERV isn't available on all architectures, but just on by default 2014-10-16 00:33:06 +00:00
Makefile.i386 HYPERV isn't available on all architectures, but just on by default 2014-10-16 00:33:06 +00:00
Makefile.inc Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00