Aside from "make OpenBSD support pid files" (which I'm guessing is not an option) and "match the source address", the other option which occurs to me is to fake argv[0]. The spiped daemon doesn't care what you put there (aside from using it when printing warnings) so if you have something like djb's argv0 utility you could have several spiped processes with different "daemon names". (For that matter, even without argv0 you could create links to let you invoke spiped with different names.)
But yes, setproctitle is ugly and not likely to happen. Colin Percival On 4/8/23 20:33, Jared Harper wrote:
Yes, I ended up successfully escaping the square brackets before. However, your suggestion makes me realize that my target of matching the whole daemon+daemon_flags set is probably unnecessary, all I need to match is the -s, which should be unique on the host. Thanks! P.S. I looked at `setproctitle` a bit more and realized that it's really, _really_ un-portable so that's definitely not an option. On Sat, Apr 8, 2023, at 7:32 PM, Graham Percival wrote:Hi Jared, Sorry if this seems like "too obvious" of a solution, but have you tried escaping the square brackets with \ ? i.e. pexp="${daemon} -s \[127.0.0.1\] .*" or something like that? I'm not familiar with rc files, so it's possible that they use a different character for escaping, but I'm certain they have that capability somehow. Cheers, - Graham On Sat, Apr 08, 2023 at 03:22:25PM -0700, Jared Harper wrote:I have spiped running on two OpenBSD 7.2 hosts, installed via `pkg_add`, and it works great. The port's rc script for spiped, however, is only usable for a single instance because it sets `pexp="${daemon} .*"`[1], which will match every running instance of spiped. (For those unfamiliar with `pexp`, it is the regex used to identify a running process via `pgrep`. OpenBSD's rc system relies on this process matching method and does not support pid files.) I spent some time trying to configure the pexp to not be so greedy by using the default `${daemon} ${daemon_flags}`. This approach is unsuccessful due to the brackets surrounding the IP address (e.g., `[127.0.0.1]`) becoming a regex matching list. Some options I could use to workaround this limitation: 1) Use hostnames and no brackets; This apparently works but it limits usefulness. 2) Manually set `pexp`; This does work but requires that I remember to update it whenever the `daemon_flags` change. Also, across multiple processes this becomes borderline umaintainable. (Unfortunately, using the pidfile is a no-go because of how the rc subroutines use `pexp` in multiple places.) Since the primary author of spiped is a long-time contributor to FreeBSD, and FreeBSD supports pidfiles in their rc-system[2], I want to be clear I'm not saying that spiped does anything wrong, or that OpenBSD is doing something right. I just want to come up with a solution that I can contribute to the OpenBSD port so that we don't have to have this issue. A potential solution I can see would be to support `setproctitle(3)`[3] via a flag, such as `--name <name>`, which could result in a process title like `spiped: myname`. What's the appetite for this sort of change? However, since I'm new to a lot of these technologies, I'm fairly certain I've missed something obvious or easy (other than "switch to FreeBSD" ;). Do you have any other ideas? Thanks in advance. [1]: https://github.com/openbsd/ports/blob/master/security/spiped/pkg/spiped.rc#L9 [2]: https://man.freebsd.org/cgi/man.cgi?rc.subr(8) [3]: https://man.freebsd.org/cgi/man.cgi?query=setproctitle&sektion=3&format=html -jh
-- Colin Percival FreeBSD Deputy Release Engineer & EC2 platform maintainer Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
