Hide Forgot
The deamon() function in /etc/rc.d/init.d/functions will not start a service if there is an existing process with the same name, becuase pidofproc() finds it. For instance, a user of my system runs a custom httpd process, completely independent of the installed Apache server. If I issue the command "/etc/rc.d/init.d/httpd restart", it will fail, without giving any indication that there was a problem. This is a possible Denial of Service attack. An unprivileged user can interfere with the operation of any system services managed through initscripts that uses the deamon() function. Suggested fix: add an argument to daemon() and pidofproc() for the expected UID of the process, perhaps defaulting to root. Or, by default allow it to match only UIDs under 100.
*** Bug 20697 has been marked as a duplicate of this bug. ***
For the example where this affects the Apache web server (httpd), it's not as trivial to work around as one might expect. The httpd script does a bunch of work to determine the right arguments to pass to httpd, so I can't just type "httpd" to start it up properly.
*** Bug 19887 has been marked as a duplicate of this bug. ***
*** Bug 19367 has been marked as a duplicate of this bug. ***
Just tracking the UID is not good enough to solve the problem with sendmail. Please see my report under 19367. At the moment I've duplicated the functions file and edited it to suit my needs then linked it in to my sendmail script. Not the greatest solution but at least now I can restart sendmail.
*** This bug has been marked as a duplicate of 17244 ***