On Mon, Mar 11, 2019 at 09:28:04PM +0100, Axel Beckert wrote: > Control: reassign -1 lsb-base > Control: forcemerge 921558 -1 > Control: affects 921558 + stunnel4 > > Hi Paul, > > Paul Gevers wrote: > > On Mon, 11 Mar 2019 14:15:25 +0100 Axel Beckert <abe@debian.org> wrote: > > > Version: 3:5.50-3 > > > > ^^^^^^^^^^^^^^^^^^^ > > I don't think the bug is only in this version, is it? > > No. But for a reason I did not expect: > > In contrary to the other cases of this issue I run into recently > (miredo and smokeping), stunnel4's init script doesn't use > start-stop-daemon directly but via killproc() from > /lib/lsb/init-functions of lsb-base. And the actual bug seems to be in > that shell script library: > > 125 # start-stop-daemon uses the same algorithm as "pidofproc" above. > 126 killproc () { > 127 local pidfile sig status base name_param is_term_sig OPTIND > 128 pidfile= > 129 name_param= > 130 is_term_sig= > 131 > 132 OPTIND=1 > 133 while getopts p: opt ; do > 134 case "$opt" in > 135 p) pidfile="$OPTARG";; > 136 esac > 137 done > 138 shift $(($OPTIND - 1)) > 139 > 140 base=${1##*/} > 141 if [ ! $pidfile ]; then > 142 name_param="--name $base --pidfile /var/run/$base.pid" > 143 else > 144 name_param="--pidfile $pidfile" > 145 fi > […] […] > 152 status=0 > 153 if [ ! "$is_term_sig" ]; then > 154 if [ -n "$sig" ]; then > 155 /sbin/start-stop-daemon --stop --signal "$sig" \ > 156 --quiet $name_param || status="$?" > 157 else > 158 /sbin/start-stop-daemon --stop \ > 159 --retry 5 \ > 160 --quiet $name_param || status="$?" > 161 fi > 162 else > 163 /sbin/start-stop-daemon --stop --quiet \ > 164 --oknodo $name_param || status="$?" > 165 fi > > Since neither name_param nor any of the start-stop-daemon --stop calls > contain --exec or -x nor does killproc allow to pass additional > parameters, this looks like a bug in lsb-base. And indeed, it is and > is also already reported: https://bugs.debian.org/921558 > > Reassigning accordingly. Thanks for reporting this and for your analysis! I came up with the same result (didn't reply since I was still going through the Git log to see in which version of stunnel the use of killproc was introduced) and I have a patch for stunnel4 now that uses start-stop-daemon directly, although this would be a divergence from the upstream source - the upstream author switched to the LSB killproc several years ago after seeing that I had made that change in Debian... so it would be a pity to now say "well, yeah, but you see, it doesn't really work, so let's go back to looking for the list of processes and sending the signals by ourselves" :) To be honest, I don't think I should upload stunnel with a patch that makes the init script use the LSB start_daemon function to start the process and then uses start-stop-daemon directly to stop it; I might make another change that uses start-stop-daemon in both places, but, honestly, I would prefer some kind of change in init-functions that would let me continue to use the LSB shell functions. Even if it means passing an additional argument to killproc to make it use --exec, this would still be an acceptable divergence from upstream for me. > > This bug is currently blocking the migration of stunnel4 to testing > > which is needed to have openssl migrate. I'd like to do that today > > because tomorrow the full freeze starts. > > Should be solved now. Thanks for poking me so that I had a closer > look! Thanks to both of you for raising this and noting its importance! G'luck, Peter -- Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
Attachment:
signature.asc
Description: PGP signature