[quagga-dev 5088] Re: RFC: pidfile permissions

Paul Jakma Paul.Jakma at Sun.COM
Wed Oct 3 19:13:43 BST 2007

Hi Denis,

On Wed, 3 Oct 2007, Denis Ovsienko wrote:

> Hello all.

> In the current pid_output() implementation we use LOGFILE_MASK (0600 
> by default) to calculate pidfile umask and permissions. I cannot get 
> much into details, but 0600 permissions on the pidfile are too strict 
> for some monitoring applications (running under a distinct UID than 
> quagga is), which need to know the PIDs of all quagga processes. Of 
> course, making logfiles world-readable isn't the best workaround for 
> this, so I have made a patch (diffed against 0.99.9 release) to let 
> such users as I am to have pidfile permissions controllable 
> independently. By default the pidfiles will be created with the same 
> 0600 permissions. The new code works for me.

Is there a reason to make it 0600 by default? Should be 0644 surely?

> Paul told me that some of us may have objections on the above, so I 
> put the change onto the list and delay committing it for several days.

I'm fine with the patch, except:

- should be 0644 default
- Is there any reason the pidfile needs to be configurable

   I.e. is there any vaguely plausible reason why the pidfile should not
   be readable?

I don't see why this needs to be more than a tiny patch to pid_output.c 

Other trivia:

- Try get your MUA to mark patches as Text/Plain (rather than
   Application/Octet-Stream). Naming the file as .txt might achieve this.
- Configure your SCM to exclude the 'configure' file, so it doesn't show
   up in diffs, as well as any other files which are not actually in
   Quagga CVS (see .cvsignore's).
- If possible, try generate patches which include the function names in
   the header line for each chunk. I.e. if you or your SCM use GNU diff,
   please pass it the -p option.

Cheers :)

Paul Jakma,
Solaris Networking                       Sun Microsystems, Scotland
http://opensolaris.org/os/project/quagga tel: EMEA x73150 / +44 15066 73150

More information about the Quagga-dev mailing list