Do not create PidFile by default
By default, avoid creating a PIDFile. PIDFiles are racy and potentially dangerous. Modern system supervision systems don't need them, because they manage the process groups directly. If the configuration file doesn't specify a PidFile, dkimpy-milter shouldn't try to create one.
This commit is contained in:
Daniel Kahn Gillmor
@@ -40,7 +40,7 @@ defaultConfigData = {
|
|||||||
'UMask': 0o07,
|
'UMask': 0o07,
|
||||||
'Mode': 'sv',
|
'Mode': 'sv',
|
||||||
'Socket': None,
|
'Socket': None,
|
||||||
'PidFile': '/var/run/dkimpy-milter/dkimpy-milter.pid',
|
'PidFile': None,
|
||||||
'UserID': 'dkimpy-milter',
|
'UserID': 'dkimpy-milter',
|
||||||
'Canonicalization': 'relaxed/simple',
|
'Canonicalization': 'relaxed/simple',
|
||||||
'InternalHosts': '127.0.0.1',
|
'InternalHosts': '127.0.0.1',
|
||||||
|
|||||||
+11
-8
@@ -115,34 +115,37 @@ def write_pid(milterconfig):
|
|||||||
"""Write PID in pidfile. Will not overwrite an existing file."""
|
"""Write PID in pidfile. Will not overwrite an existing file."""
|
||||||
import os
|
import os
|
||||||
import syslog
|
import syslog
|
||||||
if not os.path.isfile(milterconfig.get('PidFile')):
|
pidfile = milterconfig.get('PidFile')
|
||||||
|
if pidfile is None:
|
||||||
|
return
|
||||||
|
if not os.path.isfile(pidfile):
|
||||||
pid = str(os.getpid())
|
pid = str(os.getpid())
|
||||||
try:
|
try:
|
||||||
f = open(milterconfig.get('PidFile'), 'w')
|
f = open(pidfile, 'w')
|
||||||
except IOError as e:
|
except IOError as e:
|
||||||
if str(e)[:35] == '[Errno 2] No such file or directory':
|
if str(e)[:35] == '[Errno 2] No such file or directory':
|
||||||
piddir = milterconfig.get('PidFile').rsplit('/', 1)[0]
|
piddir = pidfile.rsplit('/', 1)[0]
|
||||||
os.mkdir(piddir)
|
os.mkdir(piddir)
|
||||||
user, group = user_group(milterconfig.get('UserID'))
|
user, group = user_group(milterconfig.get('UserID'))
|
||||||
os.chown(piddir, user, group)
|
os.chown(piddir, user, group)
|
||||||
f = open(milterconfig.get('PidFile'), 'w')
|
f = open(pidfile, 'w')
|
||||||
if milterconfig.get('Syslog'):
|
if milterconfig.get('Syslog'):
|
||||||
syslog.syslog('PID dir created: {0}'.format(piddir))
|
syslog.syslog('PID dir created: {0}'.format(piddir))
|
||||||
else:
|
else:
|
||||||
if milterconfig.get('Syslog'):
|
if milterconfig.get('Syslog'):
|
||||||
syslog.syslog('Unable to write pidfle {0}. IOError: {1}'
|
syslog.syslog('Unable to write pidfle {0}. IOError: {1}'
|
||||||
.format(milterconfig.get('PidFile'), e))
|
.format(pidfile, e))
|
||||||
raise
|
raise
|
||||||
f.write(pid)
|
f.write(pid)
|
||||||
f.close()
|
f.close()
|
||||||
user, group = user_group(milterconfig.get('UserID'))
|
user, group = user_group(milterconfig.get('UserID'))
|
||||||
os.chown(milterconfig.get('PidFile'), user, group)
|
os.chown(pidfile, user, group)
|
||||||
else:
|
else:
|
||||||
if milterconfig.get('Syslog'):
|
if milterconfig.get('Syslog'):
|
||||||
syslog.syslog('Unable to write pidfle {0}. File exists.'
|
syslog.syslog('Unable to write pidfle {0}. File exists.'
|
||||||
.format(milterconfig.get('PidFile')))
|
.format(pidfile))
|
||||||
raise RuntimeError('Unable to write pidfle {0}. File exists.'
|
raise RuntimeError('Unable to write pidfle {0}. File exists.'
|
||||||
.format(milterconfig.get('PidFile')))
|
.format(pidfile))
|
||||||
return pid
|
return pid
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -338,7 +338,7 @@ will be checked. [PeerList NOT IMPLEMENTED - included for reference only]
|
|||||||
.TP
|
.TP
|
||||||
.I PidFile (string)
|
.I PidFile (string)
|
||||||
Specifies the path to a file that should be created at process start
|
Specifies the path to a file that should be created at process start
|
||||||
containing the process ID.
|
containing the process ID. If not specified, no such file will be created.
|
||||||
|
|
||||||
.TP
|
.TP
|
||||||
.I Selector (string)
|
.I Selector (string)
|
||||||
|
|||||||
Reference in New Issue
Block a user