Bug#889144: stricter PIDfile handling breaks several daemons
Sven Hartge
sven at svenhartge.de
Fri Feb 2 19:07:57 GMT 2018
On 02.02.2018 19:24, Michael Biebl wrote:
> Am 02.02.2018 um 14:58 schrieb Sven Hartge:
>> The upstream commit db256aab13d8a89d583ecd2bacf0aca87c66effc "core: be
>> stricter when handling PID files and MAINPID sd_notify() messages"
>> breaks several daemons in Debian.
>>
>> Known issues exist for
>>
>> - munin-node https://bugs.debian.org/889073
>> - ulogd2
>> - dnsmasq https://lists.debian.org/debian-user/2018/01/msg01331.html
>>
>> and possibly others.
>>
>> Symptom is a timeout during service start, constant service restarts (if
>> configured) and log messages like:
>>
>> Feb 2 14:22:49 HOST systemd[1]: ulogd2.service: Permission denied while opening PID file or unsafe symlink chain: /run/ulog/ulogd.pid
>> Feb 2 14:23:54 HOST systemd[1]: munin-node.service: Permission denied while opening PID file or unsafe symlink chain: /run/munin/munin-node.pid
>>
>> Problem lies, as far as I understand the change, in the permissions of
>> the directory in which the PIDfile is created by the daemon. In all
>> cases it does not belong root:root but the respective service user:
>
> Do those services drop privileges on their own?
munin-node runs as root.
ulogd2 drops its priviliges on its own. It needs to start as root to
connect to the netlink sockets.
Grüße,
Sven.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20180202/283e99ec/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list