FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Kernel

 
 
LinkBack Thread Tools
 
Old 12-16-2011, 09:15 AM
Raphael Hertzog
 
Default Bug#652026: amavisd-new: Init-script not working (stop/restart)

Hi,

On Thu, 15 Dec 2011, Henrique de Moraes Holschuh wrote:
> > <503 pcew80@reincke:~> ps -aef | grep amavis
> > amavis 2299 1 0 00:47 ? 00:00:01 amavisd (master)
> > amavis 2496 2299 0 00:47 ? 00:00:00 amavisd (ch7-avail)
> > amavis 2497 2299 0 00:47 ? 00:00:00 amavisd (ch7-avail)
> > amavis 2498 2299 0 00:47 ? 00:00:00 amavisd (ch6-avail)
> > reincke 7749 7078 0 08:32 pts/1 00:00:00 grep amavis
> >
> > <504 pcew80@reincke:~> cat /proc/2299/stat
> > 2299 (amavisd (master) S 1 2299 2299 0 -1 4202560 9771 0 4 0 119 5 0
> > 0 20 0 1 0 22660083 221208576 22204 18446744073709551615 1 1 0 0 0 0
> > 0 4224 81927 18446744073709551615 0 0 17 2 0 0 7 0 0
>
> Crap. The kernel has done us in. Reassigning to dpkg to get some input on
> what should be done. Raising severity because it will cause some services
> to not be stopped or restarted properly, which has security implications.
>
> Guys, 3.1 changes /proc/<pid>/stat, and breaks anything using
> start-stop-daemon --name that also messes with the name of the process. Due
> to the chage in /proc/<pid>/stat, the executable name is not matched
> anymore.

What are those changes exactly?

Because the kernel doesn't seem to always respect the name that the process
sets for itself. I run 3.1.0-1-amd64 here and I have this:
┏rivendell:~/deb/core/dpkg (test-build)
┗(706)$ ps axf|grep 1758
1758 ? S 0:00 \_ avahi-daemon: chroot helper
4660 pts/8 S+ 0:00 | \_ grep 1758
┏rivendell:~/deb/core/dpkg (test-build)
┗(707)$ sudo cat /proc/1758/stat
1758 (avahi-daemon) S 1756 1754 1754 0 -1 4202560 83 0 1 0 0 0 0 0 20 0 1 0 2639 3158016 21 18446744073709551615 134512640 134630244 4292694960 4292694424 4151297072 0 0 0 0 0 0 0 17 1 0 0 0 0 0

> This probably affects only processes that change their "visible identity"
> (or whatever the string output by ps -aef is called) like amavisd-new does.
>
> Unfortunately, using --exec is not enough when you're dealing with perl,
> python or other scripts.
>
> How should we proceed? Drop use of start-stop-daemon --name in amavisd-new
> and document this kernel ABI issue in start-stop-daemon(8)? Reassign to the
> kernel on the grounds that it broke the userspace ABI? Enhance
> start-stop-daemon to take a --namere (regexp) and use that in amavisd-new
> instead?

I would first like to understand the problem because you said "probably"
multiple times and I prefer to decide in full knowledge.

Can anyone from the kernel team say us if there have been relevant changes
here?

Henrique, what lead you to conclude that there was a kernel change?

I tried to look at http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=history;f=fs/proc/array.c;hb=refs/heads/master but did not find any relevant change.

Cheers,
--
Raphaël Hertzog ◈ Debian Developer

Pre-order a copy of the Debian Administrator's Handbook and help
liberate it: http://debian-handbook.info/liberation/


--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20111216101520.GA4577@rivendell.home.ouaza.com">ht tp://lists.debian.org/20111216101520.GA4577@rivendell.home.ouaza.com
 
Old 12-16-2011, 04:07 PM
Ben Hutchings
 
Default Bug#652026: amavisd-new: Init-script not working (stop/restart)

On Fri, 2011-12-16 at 11:15 +0100, Raphael Hertzog wrote:
> Hi,
>
> On Thu, 15 Dec 2011, Henrique de Moraes Holschuh wrote:
> > > <503 pcew80@reincke:~> ps -aef | grep amavis
> > > amavis 2299 1 0 00:47 ? 00:00:01 amavisd (master)
> > > amavis 2496 2299 0 00:47 ? 00:00:00 amavisd (ch7-avail)
> > > amavis 2497 2299 0 00:47 ? 00:00:00 amavisd (ch7-avail)
> > > amavis 2498 2299 0 00:47 ? 00:00:00 amavisd (ch6-avail)
> > > reincke 7749 7078 0 08:32 pts/1 00:00:00 grep amavis
> > >
> > > <504 pcew80@reincke:~> cat /proc/2299/stat
> > > 2299 (amavisd (master) S 1 2299 2299 0 -1 4202560 9771 0 4 0 119 5 0
> > > 0 20 0 1 0 22660083 221208576 22204 18446744073709551615 1 1 0 0 0 0
> > > 0 4224 81927 18446744073709551615 0 0 17 2 0 0 7 0 0
> >
> > Crap. The kernel has done us in. Reassigning to dpkg to get some input on
> > what should be done. Raising severity because it will cause some services
> > to not be stopped or restarted properly, which has security implications.
> >
> > Guys, 3.1 changes /proc/<pid>/stat, and breaks anything using
> > start-stop-daemon --name that also messes with the name of the process. Due
> > to the chage in /proc/<pid>/stat, the executable name is not matched
> > anymore.
>
> What are those changes exactly?
[...]

Whatever they are, they're not in the kernel.

It is possible to change command names stored by the kernel, by writing
to /proc/<pid>/tasks/<tid>/comm or by calling prctl(PR_SET_NAME, ...)
within the process. A quick grep doesn't show amavis using those
explicitly; it just sets $0.

Sure enough, this is a documented change in Perl 5.14:

Assignment to $0 sets the legacy process name with prctl() on
Linux

On Linux the legacy process name is now set with prctl(2), in
addition to altering the POSIX name via argv[0], as Perl has
done since version 4.000. Now system utilities that read the
legacy process name such as ps, top, and killall recognize the
name you set when assigning to $0. The string you supply is
truncated at 16 bytes; this limitation is imposed by Linux.

Ben.

--
Ben Hutchings
Computers are not intelligent. They only think they are.
 
Old 12-16-2011, 10:36 PM
Henrique de Moraes Holschuh
 
Default Bug#652026: amavisd-new: Init-script not working (stop/restart)

reassign 652026 amavisd-new
thanks

On Fri, 16 Dec 2011, Ben Hutchings wrote:
> > What are those changes exactly?
> [...]
>
> Whatever they are, they're not in the kernel.

Hmm, I noticed /proc/<pid>/stat was different on a 3.0 kernel, but it was a
system that was not yet upgraded to perl 5.14. I recalled (possibly
incorrectly) some talks about prctl changes in LKML.

Obviously I should have tested this in a up-to-date chroot... I apologise
for that.

> It is possible to change command names stored by the kernel, by writing
> to /proc/<pid>/tasks/<tid>/comm or by calling prctl(PR_SET_NAME, ...)
> within the process. A quick grep doesn't show amavis using those
> explicitly; it just sets $0.
>
> Sure enough, this is a documented change in Perl 5.14:
>
> Assignment to $0 sets the legacy process name with prctl() on
> Linux
>
> On Linux the legacy process name is now set with prctl(2), in
> addition to altering the POSIX name via argv[0], as Perl has
> done since version 4.000. Now system utilities that read the
> legacy process name such as ps, top, and killall recognize the
> name you set when assigning to $0. The string you supply is
> truncated at 16 bytes; this limitation is imposed by Linux.

Hmm, this means we _will_ have to drop the use of --name in amavisd-new, no
way around it. I wish I could use -u and -g, but that requires actually
parsing the config files the same way amavisd-new does.

Reassiging back to amavisd-new. I will file a wishlist bug for a --namere
parameter for start-stop-daemon later, if we cannot find a better way to do
it in amavisd-new.

--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh


--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20111216233646.GA9900@khazad-dum.debian.net">http://lists.debian.org/20111216233646.GA9900@khazad-dum.debian.net
 

Thread Tools




All times are GMT. The time now is 05:56 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org