Ryan Murray <[EMAIL PROTECTED]> writes:
> I upgraded the packages in stable to the security versions, the daemons
> said that they restarted, but didn't. Note that start-stop-daemon in
> unstable will work with this combination of options, but it will not in
> stable. lsof is useful here, as is a /usr that is normally mounted
> read-only. You can't remount it back to read-only until all the old
> binaries are no longer in use.
Aha. start-stop-daemon working differently in etch than in sarge would
explain it.
Here's a proposed patch for stable. Sam, what do you think?
=== krb5/debian/changelog
==================================================================
--- krb5/debian/changelog (revision 2257)
+++ krb5/debian/changelog (local)
@@ -1,3 +1,13 @@
+krb5 (1.3.6-2sarge4) stable-proposed-updates; urgency=low
+
+ * In the krb5-kdc and krb5-admin-server init scripts, call
+ start-stop-daemon with --startas --name instead of --exec. With
+ --exec, the running daemons weren't being correctly stopped on package
+ upgrades since the binary on disk had changed. Thanks to Ryan Murray
+ for the report.
+
+ -- Russ Allbery <[EMAIL PROTECTED]> Sun, 3 Sep 2006 21:06:35 -0700
+
krb5 (1.3.6-2sarge3) stable-security; urgency=high
* Add error checking to setuid, setreuid to avoid local privilege
=== krb5/debian/krb5-admin-server.init
==================================================================
--- krb5/debian/krb5-admin-server.init (revision 2257)
+++ krb5/debian/krb5-admin-server.init (local)
@@ -31,12 +31,13 @@
echo -n "Starting $DESC: "
if [ "x$RUN_KADMIND" = "xtrue" ] ; then
- start-stop-daemon --start --quiet \
- --exec /usr/sbin/kadmind
+ start-stop-daemon --start --quiet --startas /usr/sbin/kadmind \
+ --name kadmind
echo -n "kadmind"
fi
if [ "x$RUN_V5PASSWDD" = "xtrue" ] ; then
- start-stop-daemon --quiet --start --exec /usr/sbin/v5passwdd
+ start-stop-daemon --quiet --start --startas /usr/sbin/v5passwdd \
+ --name v5passwdd
echo -n " v5passwdd"
fi
echo "."
@@ -44,12 +45,11 @@
stop)
echo -n "Stopping $DESC: "
if [ "x$RUN_KADMIND" = "xtrue" ] ; then
- start-stop-daemon --stop --quiet \
- --exec /usr/sbin/kadmind
+ start-stop-daemon --stop --quiet --name kadmind
echo -n "kadmind"
fi
if [ "x$RUN_V5PASSWDD" = "xtrue" ] ;then
- start-stop-daemon --stop --quiet --exec /usr/sbin/v5passwdd
+ start-stop-daemon --stop --quiet --name v5passwdd
echo -n " v5passwdd"
fi
echo "."
@@ -75,21 +75,21 @@
#
echo -n "Restarting $DESC: "
if [ "x$RUN_KADMIND" = "xtrue" ] ; then
- start-stop-daemon --stop --quiet \
- --exec /usr/sbin/kadmind
+ start-stop-daemon --stop --quiet --name kadmind
echo -n "kadmind"
fi
if [ "x$RUN_V5PASSWDD" = "xtrue" ] ;then
- start-stop-daemon --stop --quiet --exec /usr/sbin/v5passwdd
+ start-stop-daemon --stop --quiet --name v5passwdd
echo -n " v5passwdd"
fi
sleep 1
if [ "x$RUN_KADMIND" = "xtrue" ] ; then
- start-stop-daemon --start --quiet \
- --exec /usr/sbin/kadmind
+ start-stop-daemon --start --quiet --startas /usr/sbin/kadmind \
+ --name kadmind
fi
if [ "x$RUN_V5PASSWDD" = "xtrue" ] ; then
- start-stop-daemon --quiet --start --exec /usr/sbin/v5passwdd
+ start-stop-daemon --quiet --start --startas /usr/sbin/v5passwdd \
+ --name v5passwdd
fi
echo "."
;;
=== krb5/debian/krb5-kdc.init
==================================================================
--- krb5/debian/krb5-kdc.init (revision 2257)
+++ krb5/debian/krb5-kdc.init (local)
@@ -35,21 +35,21 @@
start)
echo -n "Starting $DESC: "
start-stop-daemon --start --quiet \
- --exec $DAEMON -- $ARGS
+ --startas $DAEMON --name $NAME -- $ARGS
echo -n "$NAME"
if [ "x$RUN_KRB524D" = "xtrue" ] ; then
- start-stop-daemon --quiet --start --exec /usr/sbin/krb524d -- -m
+ start-stop-daemon --quiet --start \
+ --startas /usr/sbin/krb524d --name krb524d -- -m
echo -n " krb524d"
fi
echo "."
;;
stop)
echo -n "Stopping $DESC: "
- start-stop-daemon --stop --quiet \
- --exec $DAEMON
+ start-stop-daemon --stop --quiet --name $NAME
echo -n "$NAME"
if [ "x$RUN_KRB524D" = "xtrue" ] ;then
- start-stop-daemon --stop --quiet --exec /usr/sbin/krb524d
+ start-stop-daemon --stop --quiet --name krb524d
echo -n " krb524d"
fi
echo "."
@@ -74,16 +74,16 @@
# just the same as "restart".
#
echo -n "Restarting $DESC: "
- start-stop-daemon --stop --quiet \
- --exec $DAEMON
+ start-stop-daemon --stop --quiet --name $NAME
if [ "x$RUN_KRB524D" = "xtrue" ] ;then
- start-stop-daemon --stop --quiet --exec /usr/sbin/krb524d
+ start-stop-daemon --stop --quiet --name krb524d
fi
sleep 1
- start-stop-daemon --start --quiet --pidfile \
- /var/run/$NAME.pid --exec $DAEMON -- $ARGS
+ start-stop-daemon --start --quiet \
+ --startas $DAEMON --name $NAME -- $ARGS
if [ "x$RUN_KRB524D" = "xtrue" ] ; then
- start-stop-daemon --quiet --start --exec /usr/sbin/krb524d -- -m
+ start-stop-daemon --quiet --start \
+ --startas /usr/sbin/krb524d --name krb524d -- -m
echo -n " krb524d"
fi
echo "$NAME."
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
