[crux-contrib] S-S-D update
steffen at sdaoden.eu
Sun Mar 10 01:14:53 UTC 2019
Hello hello on a late German Saturday night,
(how dead am i if am working right now, pfffffh...)
as addressed with Jürgen please find attached a "git am" update to
Debian S-S-D as of today.
Debian adds support for systemd notifications, which i disabled
(with easily adjustable macro switch). Maybe, the only good thing
of systemd in my opinion, but having daemons provide proper
feedback to a supervisor would also be an option, and portable.
Anyway. (I for one still cannot understand why no daemon simply
provides a hook in equal and better spirit to Zoulas's of NetBSD
blacklistd: i will never understand why i have to parse a log file
to relearn things expensively that the daemon readily knew when
writing the log entry. But i have to be silent, really...)
Also, they discovered security threats regarding --pidfile (see
the latest commit message in the attached patchset). This would
not work out with how CRUX does it, and i am in favour of even
thinking that the S-S-D code in question is too strict.
I.e., the exim pidfile is root:mail, and 0644 (iirc), and this
will be refused as a security threat. I think this is too strict,
0664 i would understand, but why should the group not be able to
read the file? So this i have changed, for CRUX. Maybe someone
with better social skills could even ask or report this upstream.
Ciao, and thanks for all the efforts! Looking out for 3.5!!!
(P.S.: how about throwing out exim and adding DMA to the default
install? Don't mind...)
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 64289 bytes
Desc: not available
More information about the crux-contrib