Stop me before I violate DougBBSD rules for rc scripts:

Michael Scheidell scheidell at freebsd.org
Thu Jan 26 15:56:16 UTC 2012 

so, this hack is ugly.  and I have been trying to track this down for YEARS.
swatch will (every now and then, some patch, some os upgrade, some 
ARCH), will mash the $0 line and then rc.script can't status or stop it.

Good:

/swatch start

Starting swatch.
scanner.secnap.net# ps -auxww | grep swatch
root       85713  0.0  0.7  7496  6952  ??  Ss    9:29AM   0:00.00 
/usr/local/bin/swatch -c /usr/local/etc/swatch-hackertrap.conf 
--tail-file=/var/log/eventlog --tail-args=-Fn0 --daemon 
--script-dir=/tmp/ --pid-file=/var/run/swatch_1.pid (perl)

./swatch status
watch is running as pid 85713.

bad:

grep swatch /etc/rc.conf.local
swatch_rules="1"
swatch_1_flags='-c /usr/local/etc/swatch-hackertrap.conf 
--tail-file=/var/log/eventlog_this_is_an_incredable_log_file_that_should_cause_big_problems_yes_an_op_would_never_do_this_but_it_is_so_I_can_test_if_problem_is_log_file_arg_or_log_cmd_arg_or_a_lot_of_files_or_some_thing_in_between_and_or.log  
--tail-args=-Fn0 --daemon --script-dir=/tmp/  
--pid-file=/var/run/swatch_1.pid'
swatch_enable="YES"

./swatch start

  ./swatch status
swatch is not running.

ps -auxww | grep swatch
root       86920  0.0  0.7  7496  6960  ??  Is    9:33AM   0:00.01 
/usr/local/bin/perl /tmp//.swatch_script.86918

I have tracked it down to the length of $0.
if $0 > 222 bytes, 'bad' happens.


this is the patch to rc script.  note, various times and various pr's 
people have reported swatch status not working, and put in, and took out 
procname.
(depending on if they had long _flags I suppose)

Index: swatch.in
===================================================================
RCS file: /home/pcvs/ports/security/swatch/files/swatch.in,v
retrieving revision 1.7
diff -u -r1.7 swatch.in
--- swatch.in    14 Jan 2012 08:56:53 -0000    1.7
+++ swatch.in    26 Jan 2012 15:54:25 -0000
@@ -21,15 +21,20 @@

  name=swatch
  rcvar=swatch_enable
+# set some defaults
+: ${swatch_enable="NO"}

  command=%%PREFIX%%/bin/swatch
-procname=%%LOCALBASE%%/bin/perl

  load_rc_config ${name}

  if [ -n "${swatch_rules}" ]; then
      for i in ${swatch_rules}; do
      eval swatch_flags=\$swatch_${i}_flags
+    len=`echo $swatch_flags | wc -c`
+    if [ $len -gt 222 ];then
+       procname=%%LOCALBASE%%/bin/perl
+    fi
      eval swatch_user=\$swatch_${i}_user
      eval swatch_chdir=\$swatch_${i}_chdir
      eval pidfile=\$swatch_${i}_pidfile


-- 
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
 >*| *SECNAP Network Security Corporation

    * Best Mobile Solutions Product of 2011
    * Best Intrusion Prevention Product
    * Hot Company Finalist 2011
    * Best Email Security Product
    * Certified SNORT Integrator

More information about the freebsd-ports mailing list