> Thomas Seifert: > just in case ... I am securing my services by running small > check-scripts in an interval by cron. Did anyone already do such a > script (check if mathopd is running and if not start it again) ?
that has all been taken care of ages ago. install http://cr.yp.to/daemontools.html. the daemontools are the best thought out solution to your/our problem i've ever come across. here are the run-files you'd need: 0 p1 mathopd #g ^ run log/run #!/bin/sh # $Header: /var/pub/mathopd/run,v 1.1 2002/04/02 10:07:36 root Exp root $ exec 2>&1 exec envdir ./env mathopd -dn < mathopd.conf #!/bin/sh # $Header: /var/pub/mathopd/log/run,v 1.1 2002/04/02 10:07:36 root Exp root $ exec /usr/local/bin/setuidgid log /usr/local/bin/multilog \ n5 s133001 ./ # n5 s133001 '!/service/mathopd/log/cyclelog' /var/log/service/mathopd and listen, boys and girls, you don't get just one run file, not only two run files, but if you call this 1-800 number right away, we'll give you the cycle-log script free of charge, a 49,98 value! #!/bin/sh # $Header: /service/qmail-send/log/cyclelog,v 1.1 2002/03/25 15:54:41 root Exp $ exec 4<&0 /some/pre-evaluation-of-the-logs-once-they-are-rotated-script and if this doesn't convince you, we'll even throw in automatic setup of environment variables, using the envdir program!! like if you have the line: exec envdir ./env mathopd -dn < mathopd.conf with `grep ^ env/*` env/PYTHONPATH:/usr/local/moin/lib/python2.0/site-packages this sets an additional $environment variable before running mathopd. this way you can customize it's environment. you can process the logs at rotation time, they are kept in a very reliable way. you can tell it how much space they are to eat, and they will never go beyond (eliviates the need for newsyslog(8)). if your service dies, it's supervisor will restart it. you can restart the service and it's logger independant of each other, you can force rotation with "svc -a <logg-process>" and send any signal without the need to dig up PIDs. gosh! clemens fischer ps: dan bernstein also provides http://cr.yp.to/ucspi-tcp.html, and there's also https://www.superscript.com/ucspi-ssl/intro.html in case you need SSL secured services. with these i've done away with inetd and gained much flexibility and reliability.
