Page MenuHomeFreeBSD

Add -i ("insecure") option to daemon(8) to create readable pid files.
AcceptedPublic

Authored by marck on Dec 18 2018, 8:41 PM.

Details

Reviewers
bcr
0mp
Group Reviewers
manpages
Summary

For monitoring reasong there is usually no sense to run it from root.
However, daemon(8) creates pid files unconditionally with 0600 mode.
This patch adds -i option to override this.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint OK
Unit
No Unit Test Coverage
Build Status
Buildable 21633
Build 20926: arc lint + arc unit

Event Timeline

A world-readable pidfile can be locked in shared mode by any user, which may cause the real daemon to act as if it is already running when it is not (e.g. after it crashed).

Ideally, something better than pidfiles would be used to track and monitor daemons.

bcr added a subscriber: bcr.

OK from the manpage side, a src comitter should check the implementation part for correctness.

This revision is now accepted and ready to land.Dec 30 2018, 12:26 PM
0mp added a subscriber: 0mp.

Please remeber to bump the date in the manual page.

usr.sbin/daemon/daemon.8
67

It looks like we refer to PID files as pidfiles later in the manual. We might want to stick to pidfiles for consistency.