Date: Thu, 26 Jan 2012 10:56:14 -0500 From: Michael Scheidell <scheidell@freebsd.org> To: <ports@freebsd.org> Subject: Stop me before I violate DougBBSD rules for rc scripts: Message-ID: <4F21779E.1070504@freebsd.org>
next in thread | raw e-mail | index | archive | help
so, this hack is ugly. and I have been trying to track this down for YEARS.
swatch will (every now and then, some patch, some os upgrade, some
ARCH), will mash the $0 line and then rc.script can't status or stop it.
Good:
/swatch start
Starting swatch.
scanner.secnap.net# ps -auxww | grep swatch
root 85713 0.0 0.7 7496 6952 ?? Ss 9:29AM 0:00.00
/usr/local/bin/swatch -c /usr/local/etc/swatch-hackertrap.conf
--tail-file=/var/log/eventlog --tail-args=-Fn0 --daemon
--script-dir=/tmp/ --pid-file=/var/run/swatch_1.pid (perl)
./swatch status
watch is running as pid 85713.
bad:
grep swatch /etc/rc.conf.local
swatch_rules="1"
swatch_1_flags='-c /usr/local/etc/swatch-hackertrap.conf
--tail-file=/var/log/eventlog_this_is_an_incredable_log_file_that_should_cause_big_problems_yes_an_op_would_never_do_this_but_it_is_so_I_can_test_if_problem_is_log_file_arg_or_log_cmd_arg_or_a_lot_of_files_or_some_thing_in_between_and_or.log
--tail-args=-Fn0 --daemon --script-dir=/tmp/
--pid-file=/var/run/swatch_1.pid'
swatch_enable="YES"
./swatch start
./swatch status
swatch is not running.
ps -auxww | grep swatch
root 86920 0.0 0.7 7496 6960 ?? Is 9:33AM 0:00.01
/usr/local/bin/perl /tmp//.swatch_script.86918
I have tracked it down to the length of $0.
if $0 > 222 bytes, 'bad' happens.
this is the patch to rc script. note, various times and various pr's
people have reported swatch status not working, and put in, and took out
procname.
(depending on if they had long _flags I suppose)
Index: swatch.in
===================================================================
RCS file: /home/pcvs/ports/security/swatch/files/swatch.in,v
retrieving revision 1.7
diff -u -r1.7 swatch.in
--- swatch.in 14 Jan 2012 08:56:53 -0000 1.7
+++ swatch.in 26 Jan 2012 15:54:25 -0000
@@ -21,15 +21,20 @@
name=swatch
rcvar=swatch_enable
+# set some defaults
+: ${swatch_enable="NO"}
command=%%PREFIX%%/bin/swatch
-procname=%%LOCALBASE%%/bin/perl
load_rc_config ${name}
if [ -n "${swatch_rules}" ]; then
for i in ${swatch_rules}; do
eval swatch_flags=\$swatch_${i}_flags
+ len=`echo $swatch_flags | wc -c`
+ if [ $len -gt 222 ];then
+ procname=%%LOCALBASE%%/bin/perl
+ fi
eval swatch_user=\$swatch_${i}_user
eval swatch_chdir=\$swatch_${i}_chdir
eval pidfile=\$swatch_${i}_pidfile
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F21779E.1070504>