Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-3549

Debian init script status and stop actions are unsafe

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: PUP 3.7.2
    • Fix Version/s: PUP 4.0.0
    • Component/s: None
    • Labels:
    • Environment:

      Debian/Ubuntu OS and derivatives

    • Template:

      Description

      Calling /etc/init.d/puppet stop does not guarantee that the process being stopped is actually puppet agent process. start-stop-daemon will kill any process which PID happens to be the same as the one stored in /var/run/puppet/agent.pid.

      The same applies to /etc/init.d/puppet status. It calls status_of_proc internally, but that does not verify if processes' exe is actually puppet. So if there is any other process with the same PID as in /var/run/puppet/agent.pid then /etc/init.d/puppet status will return true.

      Attached is a proposed patch to check in start-stop-daemon the exe name and to remove pid file after stopping the agent.

        Attachments

          Issue Links

          links to

          Web Link Merge commit 8ea1963bb2

          Web Link PR #3239

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              rocku84 Tomasz Kuzemko
              QA Contact:
              Eric Thompson Eric Thompson
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support