[Koha-bugs] [Bug 25481] koha-plack not working under D10
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu May 14 16:09:13 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25481
--- Comment #2 from Jonathan Druart <jonathan.druart at bugs.koha-community.org> ---
Created attachment 104887
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=104887&action=edit
Bug 25481: Pass --user to start-stop-daemon when a pidfile is used
Since D10, the behaviour of start-stop-daemon changed, see from its
manual:
"""
Warning: using this match option with a world-writable pidfile or using it
alone with a daemon that writes the pidfile as an unprivileged (non-root) user
will be refused with an error (since
version 1.19.3) as this is a security risk, because either any user can write
to it, or if the daemon gets compromised, the contents of the pidfile cannot be
trusted, and then a privileged
runner (such as an init script executed as root) would end up acting on any
system process. Using /dev/null is exempt from these checks.
"""
Test plan:
koha-plack --restart kohadev
should success with this patch.
Without this patch you get:
start-stop-daemon: matching only on non-root pidfile
/var/run/koha/kohadev/plack.pid is insecure
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list