[Koha-bugs] [Bug 25481] koha-plack not working under D10
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Sat May 16 01:03:15 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25481
Victor Grousset/tuxayo <victor at tuxayo.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #104941|0 |1
is obsolete| |
--- Comment #11 from Victor Grousset/tuxayo <victor at tuxayo.net> ---
Created attachment 104977
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=104977&action=edit
Bug 25481: Pass --user to start-stop-daemon when a pidfile is used
Since D10, the behaviour of start-stop-daemon changed, see from its
manual:
"""
Warning: using this match option with a world-writable pidfile or using it
alone with a daemon that writes the pidfile as an unprivileged (non-root) user
will be refused with an error (since
version 1.19.3) as this is a security risk, because either any user can write
to it, or if the daemon gets compromised, the contents of the pidfile cannot be
trusted, and then a privileged
runner (such as an init script executed as root) would end up acting on any
system process. Using /dev/null is exempt from these checks.
"""
Test plan:
koha-plack --restart kohadev
should success with this patch.
Without this patch you get:
start-stop-daemon: matching only on non-root pidfile
/var/run/koha/kohadev/plack.pid is insecure
Signed-off-by: Nick Clemens <nick at bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor at tuxayo.net>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list