Re: [exim-dev] Suggested improvements to pid_file handling

Top Page
Delete this message
Reply to this message
Author: Chris Thompson
Date:  
To: exim-dev
Subject: Re: [exim-dev] Suggested improvements to pid_file handling
Philip Hazel writes:
>
> On Thu, 24 Feb 2005, Chris Thompson wrote:
>
> > Although pid_file's have inevitable failure cases, it's possible to do
> > a great deal better than this. I suggest
> >
> >   (a) Exim should try to unlink the file when the daemon exits: it's
> >       not always the case that it can't do this after it has lost root
> >       privilege;

> >
> >   (b) In case it can't, it should keep the file open, and on exit it
> >       should truncate it to size zero if it can't unlink it.

>
> I think the problem here is "when the daemon exits". I guess it has to
> set up a signal handler to catch the KILL signal; I'm just wary about
> signal handling because I know what a hairy area of system programming
> it is. :-)


Well not KILL, obviously, but I suppose I was assuming a TERM signal handler.

> The keeping open option may be tricky/difficult after SIGHUP, when Exim
> has re-executed itself, but still in the same process.


This should be treated as exiting: the old instance removes/empties the
pid_file, and the new one after exec'ing recreates it. The exec'd copy
doesn't know there was an earlier incarnation in the same process, does it?

I suppose the open pid_file needs to be close-on-exec anyway so that it
isn't inherited by spawn of the daemon with possible security implications.

> Would you like me to wishlist this issue?


Yes: at least a general wish to get the pid_file invalidated somehow.

-- 
Chris Thompson               University of Cambridge Computing Service,
Email: cet1@???    New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715       United Kingdom.