Bug 573844 - lsb-defined pidofproc function has false positives
Summary: lsb-defined pidofproc function has false positives
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: redhat-lsb
Version: 5.4
Hardware: All
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Ondrej Vasik
QA Contact: desktop-bugs@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-03-15 21:17 UTC by dann frazier
Modified: 2012-12-05 12:46 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 883856 (view as bug list)
Environment:
Last Closed: 2012-12-05 12:46:41 UTC
Target Upstream Version:


Attachments (Terms of Use)
Ignore pids where the path of the running program does not match the known path of the service (682 bytes, patch)
2010-03-15 21:17 UTC, dann frazier
no flags Details | Diff
add -m option (3.99 KB, patch)
2012-12-05 12:41 UTC, Lukáš Nykrýn
no flags Details | Diff

Description dann frazier 2010-03-15 21:17:20 UTC
Created attachment 400305 [details]
Ignore pids where the path of the running program does not match the known path of the service

Description of problem:
As allowed (but not required) by the LSB, Red Hat implements additional non-pidfile-based methods for determining if a service is running, using pidof. 

When calling pidof, the current implementation takes the precautions of telling pidof to omit the current pid, and the parent of the current pid. This is presumably to prevent a false positive where the name of the initscript matches the name of the daemon. However, I'm running into a case where this is insufficient.

My initscript's stop routine is as follows:

    stop)
        pid=$(pidofproc $DAEMON)
        if [ -z "$pid" ]; then
            log_success_msg "myservice not running"
            exit 0
        fi
        killproc $DAEMON -SIGTERM
	printf "Waiting for myservice[$pid] to terminate"
        while [ -d "/proc/$pid/" ]; do
            printf "."
            sleep 1
            echo $pid
        done
	printf "\n"
        rm -f "$PIDFILE"
	log_success_msg "$DESCRIPTION Terminated"
        ;;

When "pidofproc" runs, the following processes are running:

root     11780 10247  0 15:00 pts/0    00:00:00 /bin/sh /etc/init.d/myservice stop
root     11781 11780  0 15:00 pts/0    00:00:00 /bin/sh /etc/init.d/myservice stop
root     11782 11781  0 15:00 pts/0    00:00:00 /bin/bash /etc/redhat-lsb/lsb_pidofproc /opt/hp/my-service

As you can see, the PID & PPID checks are not sufficient, because lsb_pidofproc is adding an additional process in the chain.

Version-Release number of selected component (if applicable):
redhat-lsb-3.1-12.3.EL
initscripts-8.45.30-2.el5

How reproducible:
Always.

Steps to Reproduce:
1. Create an initscript /etc/init.d/foo for a daemon named foo
2. Make it source /lib/lsb/functions
3. Use the above shutdown code (with s/myservice/foo/ and DAEMON=/path/to/foo)
4. Call stop
  
Actual results:

/etc/init.d/foo stop will think the pid of /etc/init.d/foo is a running daemon and attempt to stop it

Expected results:

/etc/init.d/foo would know /etc/init.d/foo is not the running daemon and not attempt to kill it

Additional info:
I'll attach a suggested fix, implemented in the initscripts layer.

Comment 1 Ondrej Vasik 2012-12-04 14:28:03 UTC
Adding initscripts maintainer to CC, Lukas, please reassign it to initscripts, if you think this change is reasonable.

Comment 2 Lukáš Nykrýn 2012-12-05 12:41:47 UTC
Created attachment 658166 [details]
add -m option

We have fixed this in fedora, in newer version of pidof by parameter -m:
When  used  with  -o,  will  also  omit  any processes that have the same argv[0] and argv[1] as any explicitly omitted process ids. This can be used to avoid multiple shell scripts concurrently  calling pidof returning each other's pids.

And then it would be sufficient to just use this in pidofproc.
--- a/rc.d/init.d/functions
+++ b/rc.d/init.d/functions
@@ -204,8 +204,8 @@ __pids_var_run() {
 
 # Output PIDs of matching processes, found using pidof
 __pids_pidof() {
-       pidof -c -o $$ -o $PPID -o %PPID -x "$1" || \
-               pidof -c -o $$ -o $PPID -o %PPID -x "${1##*/}"
+       pidof -c -m -o $$ -o $PPID -o %PPID -x "$1" || \
+               pidof -c -m -o $$ -o $PPID -o %PPID -x "${1##*/}"
 }
 
This patch probably needs some minor modification to be applicable for rhel. 
I don't think it is worth of backporting for rhel5, but we should consider it for rhel6.


Note You need to log in before you can comment on or make changes to this bug.