[PUP-3549] Debian init script status and stop actions are unsafe - Puppet Tickets

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: PUP 3.7.2
Fix Version/s: PUP 4.0.0
Component/s: None
Labels:
- puppet-agent
Environment:

Debian/Ubuntu OS and derivatives

Description

Calling /etc/init.d/puppet stop does not guarantee that the process being stopped is actually puppet agent process. start-stop-daemon will kill any process which PID happens to be the same as the one stored in /var/run/puppet/agent.pid.

The same applies to /etc/init.d/puppet status. It calls status_of_proc internally, but that does not verify if processes' exe is actually puppet. So if there is any other process with the same PID as in /var/run/puppet/agent.pid then /etc/init.d/puppet status will return true.

Attached is a proposed patch to check in start-stop-daemon the exe name and to remove pid file after stopping the agent.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

puppet.initd.patch
0.5 kB
2014/10/27 5:28 AM

Issue Links

links to

Merge commit 8ea1963bb2

PR #3239

Activity

People

Assignee:: Unassigned

Reporter:: Tomasz Kuzemko

QA Contact:: Eric Thompson

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2014/10/27 5:28 AM

Updated:: 2019/04/04 10:21 PM

Resolved:: 2014/12/17 5:08 PM

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Zendesk Support