Bug#343882: stunnel4: /var/run/stunnel should be created by init.d script

Thu, 02 Mar 2006 22:03:06 -0800 

Package: stunnel4
Version: 2:4.140-5
Followup-For: Bug #343882


Creation of /var/run/stunnel should be done by init.d script, not
the package control file.  FHS requires that /var/run is cleared during
boot, so the stunnel subdir needs to get readded on every boot.  This is
especially critical if /var/run is mouned as a tmpfs filesystem.

It's simple enough to work around by modifying default stunnel.conf to
put stunnel.pid in /var/run, and not use chroot. Alternative is to
modify init.d/stunnel and add logic to rm/mkdir /var/run/stunnel, as is
standard on other init scripts that make use of /var/run.

See postgresql-8.1 8.1.0-3 for an example of init.d function that
ensures /var/run/postgresql directory exists before attempting to start
service.  I'm sure you'd want to ensure the perms are changed on startup
since by default /var/run/stunnel is the chroot base in stunnel.conf.

snippet from /usr/share/postgresql-common/init.d-functions, used by
init.d/postgresql

start() {
    # create socket directory
    if [ -d /var/run/postgresql ]; then
        chmod 2775 /var/run/postgresql
    else
        install -d -m 2775 -o postgres -g postgres /var/run/postgresql
    fi

    do_ctl_all start "$1" "Starting PostgreSQL $1 database server:"
}

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-co-0.7.1-hn11
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages stunnel4 depends on:
ii  adduser                       3.80       Add and remove users and groups
ii  libc6                         2.3.5-13   GNU C Library: Shared libraries an
ii  libssl0.9.8                   0.9.8a-7   SSL shared libraries
ii  libwrap0                      7.6.dbs-8  Wietse Venema's TCP wrappers libra
ii  netbase                       4.24       Basic TCP/IP networking system
ii  openssl                       0.9.8a-7   Secure Socket Layer (SSL) binary a
ii  perl-modules                  5.8.8-2    Core Perl modules
ii  zlib1g                        1:1.2.3-9  compression library - runtime

stunnel4 recommends no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to