[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: use of "invoke-rc.d $PACKAGE stop || exit $?" in prerm scripts

Michael Prokop wrote:

> * Bernd Schubert <bernd.schubert@pci.uni-heidelberg.de> wrote:
>>> inside their prerm maintainer scripts. If stopping $PACKAGE through
>>> invoke-rc.d/init-script fails, removing the package fails as well.
>>> Using:
>>>   invoke-rc.d $PACKAGE stop || true
>>>   /etc/init.d/$PACKAGE stop || true
>> We are using chroot environments (e.g. with sid) where no daemon is
>> running and invoke-rc.d will only do an "exit 0" in those chroots.
> How do you achieve that? For example symlinking invoke-rc.d to
> /bin/true is a workaround, but I'm searching for a general solution
> to avoid that daemons are started when upgrading even though they
> did not run before the upgrade (or don't start any service at all,
> e.g. in chroots - as you mentioned).

Via /usr/sbin/policy-rc.d, e.g.:


# are we on hamilton?
WHERE=$(hostname -s|cut -b 1-8) # cut to remove {1,2} from hamilton{1,2}
if [ "$WHERE" = "hamilton" ]; then
    # notify invoke-rc.d that nothing should be done -- we are in a chroot
    exit 101
    # allow it
    exit 0

(This chroot is used on the clients as their root environment)

>> Using the method above, wouldn't there be any chance that a bad
>> init script could kill daemons started outside the chroot?
> The init script would be broken then.
> Anyway, I don't see the difference between "stop || exit $?" and
> "stop || true" in this case.

What I mean is that the call of 

invoke-rc.d $PACKAGE stop || true

is fine, but the second call

/etc/init.d/$PACKAGE stop || true

will not using policy-rc.d and therefore might be a possible problem. Given
the fact that we have a sid chroot on a high availibilty system and a sid
package always might cause some trouble, I don't like the idea that a
malformed script is able to stop programs outside its chroot. 


Reply to: