ports/103358: Broken Privoxy rc.d script
Richard Bejtlich
taosecurity at gmail.com
Mon Sep 18 15:40:24 UTC 2006
>Number: 103358
>Category: ports
>Synopsis: Broken Privoxy rc.d script
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Sep 18 15:40:22 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Richard Bejtlich
>Release: 6.1 SECURITY
>Organization:
TaoSecurity
>Environment:
FreeBSD orr.taosecurity.com 6.1-SECURITY FreeBSD 6.1-SECURITY #0: Mon Aug 28 05:21:08 UTC 2006 root at builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
>Description:
/usr/local/etc/rc.d/privoxy contains the following:
su -m privoxy -c "${command} ${privoxy_flags} ${configfile} --pidfile ${pidfile}" \
This will not work.
Running it from the command line shows why:
orr:/root# su -m privoxy -c /usr/local/sbin/privoxy /usr/local/etc/privoxy/config --pidfile /var/run/privoxy/privoxy.pid
Sep 18 11:33:26 Privoxy(134729728) Fatal error: can't check configuration file '/root/config': No such file or directory
Sep 18 11:33:26 Privoxy(134729728) Fatal error: can't check configuration file '/root/config': No such file or directory
>How-To-Repeat:
Use the following Privoxy:
orr:/root# pkg_info | grep priv
privoxy-3.0.3_4 Privoxy is a web proxy with advanced filtering capabilities
>Fix:
Remove su -m:
orr:/root# privoxy -c /usr/local/sbin/privoxy /usr/local/etc/privoxy/config --pidfile /var/run/privoxy/privoxy.pid
Sep 18 11:33:40 Privoxy(134729728) Info: loading configuration file '/usr/local/etc/privoxy/config':
orr:/root# sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
root privoxy 39480 3 tcp4 127.0.0.1:8118 *:*
richard ssh 691 3 tcp4 192.168.2.5:49499 172.16.3.2:22
root sendmail 468 4 tcp4 127.0.0.1:25 *:*
root sshd 462 4 tcp4 *:22 *:*
root syslogd 320 7 udp4 *:514 *:*
orr:/usr/local/etc/rc.d# diff -u privoxy.orig privoxy
--- privoxy.orig Mon Sep 18 11:37:52 2006
+++ privoxy Mon Sep 18 11:38:01 2006
@@ -30,7 +30,7 @@
echo "${name} is already running"
else
echo "Starting ${name}."
- su -m privoxy -c "${command} ${privoxy_flags} ${configfile} --pidfile ${pidfile}" \
+ privoxy -c "${command} ${privoxy_flags} ${configfile} --pidfile ${pidfile}" \
1>/dev/null 2>&1
fi
}
Thank you!
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list