From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JeF61-0007Ic-0j for garchives@archives.gentoo.org; Tue, 25 Mar 2008 19:46:09 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6AFADE039C; Tue, 25 Mar 2008 19:45:29 +0000 (UTC) Received: from amun.cheops.ods.org (amun.cheops.ods.org [82.95.138.191]) by pigeon.gentoo.org (Postfix) with ESMTP id 3DCC9E039C for ; Tue, 25 Mar 2008 19:45:29 +0000 (UTC) Received: from tefnut.cheops.ods.org ([2001:888:1022:0:211:24ff:fe37:e46e] helo=gentoo.org) by amun.cheops.ods.org with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1JeF5L-0003ba-TP for gentoo-dev@lists.gentoo.org; Tue, 25 Mar 2008 20:45:28 +0100 Date: Tue, 25 Mar 2008 20:45:26 +0100 From: Fabian Groffen To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Testing to see if services have crashed on hardened Message-ID: <20080325194526.GT831@gentoo.org> Mail-Followup-To: gentoo-dev@lists.gentoo.org References: <200803211020.45551.roy@marples.name> <20080321103711.GA8418@gentoo.org> <200803211207.24347.roy@marples.name> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <200803211207.24347.roy@marples.name> User-Agent: Mutt/1.5.17 (Darwin 8.11.0, VIM - Vi IMproved 7.1) Organization: Gentoo Foundation, Inc. X-Content-Scanned: by amun.cheops.ods.org (Exim Exiscan) using SpamAssassin and ClamAV X-Archives-Salt: cdcdb7f2-fc46-4c61-84fd-2bca40feee08 X-Archives-Hash: bb0a78c5eb7fa032ecca82cbf504912d On 21-03-2008 12:07:24 +0000, Roy Marples wrote: > On Friday 21 March 2008 10:37:11 Fabian Groffen wrote: > > Assuming you would use libkvm, on Darwin this means as unprivileged user > > (not using suid) you can't see any processes at all. > > That's different from FreeBSD and NetBSD then. Indeed. And I just found out that Leopard (10.5) dropped the entire kvm which wasn't working to funky anyway. I just made some implementation of walking through all running processes for portage-utils' `qlop -c` using sysctl calls -- the way to do it on Darwin, and that works even as normal unprivileged user, so I guess we can just use that. > > Is there a way to just have some fallback method which is less > > functional, but just uses some pid file with a lock or something? > > Not all services use pidfiles. Also, some services re-fork and re-write their > pidfiles and I'm not sure the lock would carry across in that instance. I was thinking of a wrapping process, but I only later realised that this isn't working since many/most daemons fork into the background, so you loose the control over it anyway. -- Fabian Groffen Gentoo on a different level -- gentoo-dev@lists.gentoo.org mailing list