On Thu, Jul 01 at 09:31PM +0100, Thomas Adam wrote: > --- Will Trillich <[EMAIL PROTECTED]> wrote: > > for daemon-config-file-settings, i'm more comfortable > > specifying the whole path. less chance of intervention or > > misdirection based on $PATH mungings... > > /etc/init.d is not in $PATH, and as such scripts are run as > root anyway, invoke-rc.d is perfect still.
you probably already know this, being the expert du jour and everything, but just in case: when a command specification starts with a slash, it's an absolute reference, no uncertainties about it; if it does NOT start with a slash, then your environmental variable $PATH is called upon to supply likely directories to scan, looking for an executable by the name you specified. (if you have perl, say, in both /usr/local/bin and /usr/bin you'll never see the one in /usr/bin.) the trouble, of course, is that script kiddies can find ways to munge your $PATH; you might think you're asking for "ls" or "more" in their standard /bin/* location, but in fact the black-hats can prepend your $PATH with a directory of their own making, which runs a fake "ls" or "more" which can do worse things yet. so in system scripts, it's good to 1) specify exact, full, absolute paths, and 2) set your own $PATH variable, and finally 3) specify exact, full, absolute paths anyhow. using "invoke-rc.d" in a system/daemon script is as dangerous as using "ls" or "more" -- without a full path. and invoking it with a full path is better than calling /etc/init.d/* scripts directly ... in what way? > > is invoke-rc.d similar to the "service" function on other > > distros? (sarge already has a "_service" for bash to > > facilitate command-line word completion... and i understand > > that the "service" function/script/alias is on its way.) > > It's a little similar, yes. a little? how little? is this invoke-rc.d something we understand, or something we repeat? [re: daemontools--] > > 1) there seems to be no facility for checking for a > > daemon process, only the ./run process (i.e. child > > processes of supervise) > > If that is the case, then the script (and overall design) is > very broken, and I would avoid it. i would, too. and since it does seem the case, i do. > > unless i misunderstand, this seems to be a "run-and-monitor > > home grown programs and scripts, do your system daemon > > resurrection elsewhere"... no? > > monit has already been suggested along with 'daemontools'. and "daemontools" was actually the subject under discussion. unless "monit" has something ingenious to offer, we'll be staying with "restartd" for now. -- I use Debian/GNU Linux version 3.0; Linux boss 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i586 unknown DEBIAN NEWBIE TIP #87 from Joost Kooij <[EMAIL PROTECTED]> : Did you CHMOD -R / and destroy your permissions? Bad dog! If you have access to a newly-installed Debian machine, run this script there, and copy the resulting script to the box with the bad permissions; run it, and all should be back to normal: find / -regex '/\(mnt\|proc\|tmp\)/.*' -prune -or \ -not -type l -not -type s \ -printf 'chown %u.%g %p\nchmod %m %p\n' \ > fixperms.sh Also see http://newbieDoc.sourceForge.net/ ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]