NetBSD Problem Report #12752

Received: (qmail 27398 invoked from network); 25 Apr 2001 18:50:57 -0000
Message-Id: <200104251908.f3PJ89Z29569@polaris.garbled.net>
Date: Wed, 25 Apr 2001 12:08:09 -0700 (MST)
From: Tim Rightnour <root@polaris.garbled.net>
Reply-To: root@polaris.garbled.net
To: gnats-bugs@gnats.netbsd.org
Subject: /etc/rc.d/ipfilter status is nonstandard
X-Send-Pr-Version: 3.95

>Number:         12752
>Category:       bin
>Synopsis:       /etc/rc.d/ipfilter status is nonstandard
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Apr 25 18:51:00 +0000 2001
>Closed-Date:    
>Last-Modified:  Sat Jun 16 07:22:11 +0000 2012
>Originator:     Tim Rightnour
>Release:        1.5<NetBSD-current source date>
>Organization:

>Environment:

System: NetBSD polaris 1.5_ALPHA2 NetBSD 1.5_ALPHA2 (POLARIS) #1: Wed Dec 13 00:45:28 MST 2000 root@polaris:/usr/src/sys/arch/i386/compile/POLARIS i386


>Description:
/etc/rc.d/ipfilter does not produce output consistent with every other
script in /etc/rc.d.  This makes it impossible to write any sort of
automation that reads the output, and then makes decisions based uopn that.

If you run any script in /etc/rc.d, you get:

polaris# /etc/rc.d/yppasswdd status
yppasswdd is running as pid 22262.

If you run ipfilter as root, you get:
polaris# /etc/rc.d/ipfilter forcestatus
ipf: IP Filter: v3.4.9 (264)
Kernel: IP Filter: v3.4.9               
Running: no
Log Flags: 0 = none set
Default: pass all, Logging: unavailable
Active list: 0

if you run it as a normal user, you get:
polaris% /etc/rc.d/ipfilter forcestatus
ipf: IP Filter: v3.4.9 (264)
open device: Permission denied


>How-To-Repeat:

Try running the script.

>Fix:
The status function should be rewritten to read ipf -V's output and
do the right thing.  While a PID might be impossible, running/not running
seems to be indicated.  The non-root-user behavior is unfortunate, and
perhaps cannot be fixed without mangling ipf.

The other functions should also be checked for thier output, as I have not
tried them.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: bin-bug-people->lukem 
Responsible-Changed-By: lukem 
Responsible-Changed-When: Wed Apr 25 20:43:42 PDT 2001 
Responsible-Changed-Why:  
i'll take a look 

From: Darren Reed <darrenr@reed.wattle.id.au>
To: lukem@netbsd.org, root@polaris.garbled.net
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: bin/12752 etc/rc.d/ipfilter status is nonstandard
Date: Fri, 28 Sep 2001 11:03:42 +1000 (EST)

 You might also want to consider displaying ipmon status - there should be
 a file /var/run/ipmon.pid created when it starts up.

 Well, on recent ipfilter versions anyway :-)


From: Luke Mewburn <lukem@netbsd.org>
To: Darren Reed <darrenr@reed.wattle.id.au>
Cc: lukem@netbsd.org, root@polaris.garbled.net, gnats-bugs@gnats.netbsd.org
Subject: Re: bin/12752 etc/rc.d/ipfilter status is nonstandard
Date: Mon, 21 Oct 2002 15:19:57 +1000

 On Fri, Sep 28, 2001 at 11:03:42AM +1000, Darren Reed wrote:
   | You might also want to consider displaying ipmon status - there should be
   | a file /var/run/ipmon.pid created when it starts up.
   | 
   | Well, on recent ipfilter versions anyway :-)

 [catching up on old mail...]

 You mean, like this?
 	/etc/rc.d/ipmon status
 	ipmon is running as pid 121.
 (It's support that for a long time).

 I've changed the rc.d script to use the pidfile (based on your
 reminder WRT ipmon.pid).

 Luke.
Responsible-Changed-From-To: lukem->bin-bug-people
Responsible-Changed-By: lukem@NetBSD.org
Responsible-Changed-When: Sat, 16 Jun 2012 07:22:11 +0000
Responsible-Changed-Why:
Back to the pool


>Unformatted:

Home	PR Database Search