Search code examples
processboottermination

Cant Terminate process which is launched at bootup with at daemon

I have fooinit.rt process launched at boot (/etc/init.d/boot.local)

Here is boot.local file 

...
/bin/fooinit.rt &
...

I create an order list at job in order to kill fooinit.rt. that is Triggered in C code

and I wrote a stop script (in)which kill -9 pidof fooinit.rt is written Here is stop script

#!/bin/sh
proc_file="/tmp/gdg_list$$"
ps -ef | grep $USER > $proc_file
echo "Stop script is invoked!!"
suff=".rt"
pid=`fgrep "$suff" $proc_file | awk '{print $2}'`
echo "pid is '$pid'"
rm $proc_file

When at job timer expires 'kill -9 pid'( of fooinit.rt) command can not terminate fooinit.rt process!!

I checked pid number printed and the sentence "Stop script is invoked!!" is Ok !

Here is "at" job command in C code (I verified that the stop scriptis is called after 1 min later)

...
case 708: /* There is a trigger signal here*/
{
    result = APP_RES_PRG_OK;
    system("echo '/sbin/stop' | at now + 1 min");

 }
...

On the other hand, It works properly in case launching fooinit.rt manually from shell as a ordinary command. (not from /etc/init.d/boot.local). So kill -9 work and terminates fooinit.rt process

Do you have any idea why kill -9 can not terminate foo.rt process if it is launched from /etc/init.d/boot.local

Solution

  • Your solution is built around a race condition. There is no guarantee it will kill the right process (an unknowable amount of time can pass between the ps call and the attempt to make use of the pid), plus it's also vulnerable to a tmp exploit: someone could create a few thousand symlinks under /tmp called "gdg_list[1-32767]" that point to /etc/shadow and your script would overwrite /etc/shadow if it runs as root.

    Another potential problem is the setting of $USER -- have you made sure it's correct? Your at job will be called as the user your C program runs as, which may not be the same user your fooinit.rt runs as.

    Also, your script doesn't include a kill command at all.

    A much cleaner way of doing this would be to run your fooinit.rt under some process supervisor like runit and use runit to shut it down when it's no longer needed. That avoids the pid bingo as well as the /tmp attack vector.

    But even using pkill -u username -f fooinit.rt would be less racy than the script you provided.