Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-3549

Debian init script status and stop actions are unsafe

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • PUP 3.7.2
    • PUP 4.0.0
    • None
    • Debian/Ubuntu OS and derivatives

    Description

      Calling /etc/init.d/puppet stop does not guarantee that the process being stopped is actually puppet agent process. start-stop-daemon will kill any process which PID happens to be the same as the one stored in /var/run/puppet/agent.pid.

      The same applies to /etc/init.d/puppet status. It calls status_of_proc internally, but that does not verify if processes' exe is actually puppet. So if there is any other process with the same PID as in /var/run/puppet/agent.pid then /etc/init.d/puppet status will return true.

      Attached is a proposed patch to check in start-stop-daemon the exe name and to remove pid file after stopping the agent.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              rocku84 Tomasz Kuzemko
              Eric Thompson Eric Thompson
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support